hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-17 07:23:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,418 Commits 1,692 Branches 160 Tags
codeql-cli/v2.10.2
Commit Graph

41418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sauyon Lee
932840b0a3 Address review comments. 2020-03-25 04:01:10 -07:00
Sauyon Lee
fd88d913f7 Fix tests 2020-03-25 04:01:09 -07:00
Sauyon Lee
cc13a5d618 OpenUrlRedirect: Expand safe URL flow configuration 
Also add some more tests
 2020-03-25 04:01:08 -07:00
Rasmus Wriedt Larsen
dc9dbf3682 Python: Autoformat 2020-03-25 11:56:18 +01:00
Jonas Jensen
2b2667aef7 Merge remote-tracking branch 'upstream/master' into detect-conflated-memory 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IRSanity.qll
	cpp/ql/src/semmle/code/cpp/ir/implementation/raw/IRSanity.qll
	cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/IRSanity.qll
	cpp/ql/test/library-tests/ir/ir/aliased_ssa_sanity.expected
	cpp/ql/test/library-tests/ir/ir/aliased_ssa_sanity_unsound.expected
	cpp/ql/test/library-tests/ir/ir/raw_sanity.expected
	cpp/ql/test/library-tests/ir/ir/unaliased_ssa_sanity.expected
	cpp/ql/test/library-tests/ir/ir/unaliased_ssa_sanity_unsound.expected
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_sanity.expected
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_sanity_unsound.expected
	cpp/ql/test/library-tests/ir/ssa/unaliased_ssa_sanity.expected
	cpp/ql/test/library-tests/ir/ssa/unaliased_ssa_sanity_unsound.expected
	cpp/ql/test/library-tests/syntax-zoo/aliased_ssa_sanity.expected
	cpp/ql/test/library-tests/syntax-zoo/raw_sanity.expected
	cpp/ql/test/library-tests/syntax-zoo/unaliased_ssa_sanity.expected
	csharp/ql/src/semmle/code/csharp/ir/implementation/raw/IRSanity.qll
	csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/IRSanity.qll
	csharp/ql/test/library-tests/ir/ir/raw_ir_sanity.expected
	csharp/ql/test/library-tests/ir/ir/unaliased_ssa_sanity.expected
 2020-03-25 11:55:39 +01:00
Rasmus Wriedt Larsen
12c6997e7b Python: Reduce result set in custom taint sanitizer 2020-03-25 11:55:29 +01:00
Max Schaefer
6edbe74c09 Revert "Add queries to inspect and measure dispatch differences." 
This reverts commit 752ee3909a.
 2020-03-25 10:43:05 +00:00
Erik Krogh Kristensen
f7faaa634f change-note 2020-03-25 11:37:39 +01:00
semmle-qlci
a413a3254b Merge pull request #3114 from RasmusWL/python-add-fp-for-non-callable 
Approved by tausbn
 2020-03-25 10:34:50 +00:00
semmle-qlci
ac7c74dcee Merge pull request #3111 from RasmusWL/python-fabric-command-injection 
Approved by BekaValentine
 2020-03-25 10:07:33 +00:00
Mathias Vorreiter Pedersen
ae076da517 Merge pull request #3112 from dbartol/codeql-c-analysis/34-Bad-Overlap 
C++/C#: Fix invalid overlap
 2020-03-25 10:40:39 +01:00
Max Schaefer
4ca87b84db Merge pull request #68 from adityasharad/go/request-forgery 
Add experimental query for request forgery.
 2020-03-25 09:09:34 +00:00
Erik Krogh Kristensen
f2b9e2019c remove isRelevant from flowStep 2020-03-25 09:46:07 +01:00
Erik Krogh Kristensen
6f0e507242 outline predicate to fix join-ordering 2020-03-25 09:44:03 +01:00
Erik Krogh Kristensen
3000486b35 add more isRelevant calls 2020-03-25 09:42:24 +01:00
yo-h
116c13eb18 Merge pull request #3106 from aschackmull/java/getstmtbody-type 
Java: Sharpen return type of LambdaExpr.getStmtBody().
 2020-03-24 19:20:57 -04:00
Erik Krogh Kristensen
1d8e103322 autoformat 2020-03-25 00:19:23 +01:00
Mathias Vorreiter Pedersen
f92dd3c565 C++: Autoformat 2020-03-24 22:28:55 +01:00
Mathias Vorreiter Pedersen
077c282cd3 C++: Add field flow and accept tests 2020-03-24 22:28:54 +01:00
Mathias Vorreiter Pedersen
a5f08e1ea6 C++: Split parameter node class into an explicit and implicit version 2020-03-24 22:28:54 +01:00
Mathias Vorreiter Pedersen
22381f3ee6 C++: Demonstrate amount of field flow already present 2020-03-24 22:28:54 +01:00
yo-h
ac68b62b48 Merge pull request #3115 from aschackmull/java/experimental-dir 
Java: Fix directory structure in experimental.
 2020-03-24 16:50:28 -04:00
Aditya Sharad
a6e039b284 Java: Add tests for Jackson taint steps. 
Add stubs for jackson-databind-2.10.
Based on http://fasterxml.github.io/jackson-databind/javadoc/2.10.
Test taint through Jackson serialization APIs.
 2020-03-24 12:59:24 -07:00
Aditya Sharad
7de8b48692 Java: Add taint steps through Jackson serialization methods. 2020-03-24 12:59:14 -07:00
Aditya Sharad
c44e5379df Experimental: Remove query precision for now. 
Address review comment.
 2020-03-24 10:57:51 -07:00
Aditya Sharad
4f32d6651c Experimental: Add sanitiser edge for request forgery. 
Consider a URL string sanitised if the hostname cannot be controlled.
This approach is used by URL redirection queries.
 2020-03-24 10:57:51 -07:00
Aditya Sharad
f984532236 Experimental: Add query for request forgery. 
Tracks the flow of tainted data from untrusted input to the URL of an HTTP request.
Ported from the corresponding query for JavaScript, though currently limited in scope.
Includes companion libraries for customisation.
 2020-03-24 10:57:51 -07:00
Aditya Sharad
d41e6a9d85 Model HTTP request functions in net/http package. 2020-03-24 10:57:51 -07:00
Aditya Sharad
b057ce8d46 Concepts: Add HTTP::ClientRequest class and module. 
Extensible model of client requests to a URL.
Ported from the CodeQL JavaScript library.
 2020-03-24 10:57:51 -07:00
Dave Bartolomeo
2b69cc9738 C#: Make IRConfiguration.qll just forward to the implementation 
Just like C++ already does.
 2020-03-24 13:33:50 -04:00
Max Schaefer
efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
Max Schaefer
330f11c2a3 Merge pull request #71 from intrigus-lgtm/patch-1 
Fix error in Qldoc
 2020-03-24 16:55:22 +00:00
intrigus-lgtm
24b3133e0c Fix error in Qldoc 2020-03-24 17:53:51 +01:00
Anders Schack-Mulligen
75523e4eb8 Java: Fix directory structure in experimental. 2020-03-24 16:47:55 +01:00
Jonas Jensen
8f419d1676 C++: Fix conflated-memory sanity query 
I had included `InitializeNonLocal` in the recursion because it made
everything look better in the presence of a bug that's since been fixed.
Taking it out means the sanity test is again aligned with the old
`isChiForAllAliasedMemory`.
 2020-03-24 16:46:59 +01:00
Jonas Jensen
4e588869d8 C++: Sync identical files 2020-03-24 16:46:42 +01:00
Dave Bartolomeo
cc76782545 Merge remote-tracking branch 'upstream/master' into codeql-c-analysis/34-Bad-Overlap 2020-03-24 11:38:39 -04:00
semmle-qlci
ce0b72f949 Merge pull request #3093 from erik-krogh/MorePathSinks 
Approved by asgerf
 2020-03-24 14:26:41 +00:00
Anders Schack-Mulligen
d8edae96df Java: Add test. 2020-03-24 15:24:17 +01:00
Rasmus Wriedt Larsen
05ecfc83f7 Python: Add test-case with swapped decorator order 2020-03-24 14:18:46 +01:00
Jonas Jensen
27832148a9 C++: Phi-node conflation is not about vvars 2020-03-24 13:56:42 +01:00
Jonas Jensen
95a8dcb3fd C++: failing test for non-conflated escaped var 2020-03-24 13:31:08 +01:00
Taus
fe00d1cbf4 Merge pull request #2888 from RasmusWL/python-tarslip-sanitizer 
Python: Improve tarslip sanitizer
 2020-03-24 12:59:20 +01:00
Max Schaefer
8dda4bd97f Merge pull request #66 from intrigus-lgtm/CWE-643 
CWE-643 XPathInjection on Go
 2020-03-24 10:53:57 +00:00
Rasmus Wriedt Larsen
3ed48aae4c Python: remove leftover arg in test code 2020-03-24 11:49:08 +01:00
Sauyon Lee
81e13473db Merge pull request #69 from max-schaefer/issue-72 
Track taint through element writes.
 2020-03-24 03:41:05 -07:00
Rasmus Wriedt Larsen
5ec0716cb0 Python: Add points-to regression when using @classmethod decorators 
Specifically a problem when using a second decorator
 2020-03-24 11:39:08 +01:00
Erik Krogh Kristensen
36981f385a Merge branch 'master' of git.semmle.com:Semmle/ql into MorePathSinks 2020-03-24 11:20:33 +01:00
Max Schaefer
752ee3909a Add queries to inspect and measure dispatch differences. 2020-03-24 09:34:42 +00:00
Max Schaefer
084fa80a57 Refine virtual call targets by local reasoning where possible. 2020-03-24 09:34:42 +00:00