hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-01 07:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,812 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.3
Commit Graph

41812 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Torralba
49259a6575 Remove everything related to WebView CSV models 
This reverts commit c6c72eb.
 2022-05-04 10:53:31 +02:00
Tony Torralba
dce11f3984 Removed unnecessary imports 2022-05-04 10:53:30 +02:00
Tony Torralba
f5e72e6e33 Remove getUnderlyingExpr 2022-05-04 10:53:30 +02:00
Tony Torralba
7ba5a032ce Add tests and stubs for the new sources and flow steps 2022-05-04 10:53:30 +02:00
Tony Torralba
b678467e9d Move things around 2022-05-04 10:53:30 +02:00
Tony Torralba
d68311e26d Consider implicit this accesses in WebViewRef 2022-05-04 10:53:30 +02:00
Tony Torralba
51dfebf4c9 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-05-04 10:53:29 +02:00
Tony Torralba
b9859fe165 Add change note 2022-05-04 10:53:29 +02:00
Tony Torralba
91bdb4299f Improvements to UnsafeAndroidAccess 2022-05-04 10:53:29 +02:00
Tony Torralba
b876431950 Merge pull request #8706 from luchua-bc/java/unsafe-get-resource 
Java: CWE-552 Add sources and sinks to to detect unsafe getResource calls in Java EE applications
 2022-05-04 10:12:28 +02:00
Tom Hvitved
74e99302d6 Address review comments 2022-05-04 09:57:59 +02:00
Tom Hvitved
ac3bfa1788 Data flow: Mention expectsContent in dataflow.md 2022-05-04 09:57:59 +02:00
Tom Hvitved
da72ba46d4 Data flow: Add stub expectsContent for all languages 2022-05-04 09:57:59 +02:00
Tom Hvitved
6e2e8440eb Data flow: Sync files 2022-05-04 09:57:59 +02:00
Tom Hvitved
a50f18ab50 Data flow: Introduce expectsContent 2022-05-04 09:57:58 +02:00
bananabr
2e2d4c6e1f updated tests to consider document.getSelection() 2022-05-03 21:03:35 -05:00
Erik Krogh Kristensen
ead978187d adjust the source-type for remote-flow from MaD 2022-05-03 22:53:41 +02:00
Robert Marsh
de68107a0e C++: restrict global variable IR generation 2022-05-03 16:50:53 -04:00
Erik Krogh Kristensen
8ffc05c84b count both named and positional arguments in the WithArity filter 2022-05-03 21:21:57 +02:00
Daniel Santos
880e3e1885 Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-03 11:38:32 -05:00
Daniel Santos
4cd6dcc4d0 Update javascript/ql/lib/change-notes/2022-04-30-xss-selection-source.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-03 11:37:45 -05:00
Daniel Santos
d52980573a Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-05-03 11:37:26 -05:00
Paolo Tranquilli
b7cdc4ae1f Swift: set @github/codeql-c as owner 2022-05-03 17:41:23 +02:00
Geoffrey White
5aa862acfd C++: Fixup after merge. 2022-05-03 16:12:42 +01:00
Geoffrey White
fd5b4dfff2 Merge branch 'main' into xxe4 2022-05-03 16:08:54 +01:00
Mathias Vorreiter Pedersen
b8fd07c0ac Merge pull request #9018 from geoffw0/xxe5 
C++: Support libxml2 in the XXE query
 2022-05-03 16:00:52 +01:00
Michael Nebel
b8ec2254e8 C#: Update unit tests (looks like new NFloat operator has been introduced). 2022-05-03 16:36:32 +02:00
Michael Nebel
94b046c554 C#: Upgrade dotnet to 6.0.202. 2022-05-03 16:36:32 +02:00
Joe Farebrother
f65f833b11 Merge pull request #9020 from joefarebrother/predictable-seed 
Java: Add CWE-377 tag to java/predictable-seed
 2022-05-03 15:13:58 +01:00
Tony Torralba
02822c6284 Merge pull request #9013 from atorralba/atorralba/private-externalflow-imports 
Java: Make more ExternalFlow imports private
 2022-05-03 16:02:09 +02:00
Owen Mansel-Chan
22ccbbaae8 Run go mod tidy -e if go.mod exists 2022-05-03 14:57:13 +01:00
Tony Torralba
cf55f180c4 Add change note 2022-05-03 15:46:17 +02:00
Tony Torralba
7b3a803d19 Add flow step from startActivity to getIntent 2022-05-03 15:46:17 +02:00
Tony Torralba
9c92454fa7 Merge pull request #8872 from atorralba/atorralba/android-widget-flowstep 
Java: Add Editable.toString flow step
 2022-05-03 15:27:52 +02:00
Joe Farebrother
61f13817cf Add change note 2022-05-03 14:27:47 +01:00
Geoffrey White
d5be11bf14 C++: Address review comments. 2022-05-03 14:08:19 +01:00
Rasmus Wriedt Larsen
a7b43f7356 Ruby: Accept changes to TypeTracker tests 
Since this is not using inline-expectation-tests, I'm not entirely sure
whether these changes are OK or not, so hope to get someone else to
signoff on that.
 2022-05-03 14:59:06 +02:00
Rasmus Wriedt Larsen
6cacf7b9a6 Ruby: isLocalSourceNode needs SynthReturnNode 2022-05-03 14:43:57 +02:00
Tony Torralba
fbceb8de57 Update java/ql/lib/semmle/code/java/frameworks/OkHttp.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2022-05-03 14:40:40 +02:00
Rasmus Wriedt Larsen
d012eaa892 Python: Clarify getArg is about positional arguments 2022-05-03 14:26:23 +02:00
Rasmus Wriedt Larsen
89c4b6c235 Ruby: Fix isLocalSourceNode implementation 
The old code was equivalent with the code below, which seems wrong

```
not n instanceof ExprNode
or
n instanceof ExprNode and
localFlowStepTypeTracker+(..., n)
```

From running on real DB I found that this meant that the following node
types were also included as local source nodes:

- `TReturningNode`
- `TSynthReturnNode`
- `TSummaryNode`
- `TSsaDefinitionNode`

My understanding is that the first 3 should not be included.

I would guess that SsaDefinitionNode should indeed be included as a
LocalSourceNode, but I'm not 100% sure, so I'll see what the test
results say before making further changes.
 2022-05-03 14:16:19 +02:00
Joe Farebrother
f7d0884db1 Java: Add cwe-377 tag to predictable-seed 2022-05-03 12:28:14 +01:00
Geoffrey White
42a78a27e0 C++: Fixup spacing in tests. 2022-05-03 11:48:03 +01:00
Paolo Tranquilli
c2be267feb Swift: enable dynamic mode 
Providing `--dynamic_mode=fully` (for example setting it in
`local.bazelrc`) will now work.

All runfiles are now copied in the extractor pack: in dynamic mode,
those will be the executable and the dynamic libraries, while in static
mode only the executable will be part of the runfiles.

Setting the correct `LD_LIBRARY_PATH` in `qltest.sh` then allows to
run tests with this pakcage. If we need something more, we can switch to
a wrapper script in place of `extractor` in the future.

Notice that `LD_LIBRARY_PATH` is also set in static mode, but that has
no consequence.
 2022-05-03 12:33:24 +02:00
yoff
56ed68b3eb Merge pull request #9001 from RasmusWL/files-refactoring 
Python: Flask: Improve `request.files` modeing
 2022-05-03 12:19:55 +02:00
Geoffrey White
9faa825304 C++: Add support for libxml2 in the query. 2022-05-03 11:19:13 +01:00
Tom Hvitved
e9c8f979f9 Data flow: Sync files 2022-05-03 11:46:51 +02:00
Tom Hvitved
2b4fde74bb Data flow: Speedup subpaths predicate 
Before
```
[2022-05-02 15:47:16] (1280s) Tuple counts for DataFlowImpl::Subpaths::subpaths#656de156#ffff/4@c5f3dclb after 3m22s:
                      8389013    ~4%     {5} r1 = JOIN DataFlowImpl::Subpaths::subpaths#656de156#ffff#shared WITH DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg', Lhs.1, Lhs.2, Lhs.3, Lhs.4 'out'
                      6689751    ~0%     {4} r2 = JOIN r1 WITH DataFlowImpl::Subpaths::subpaths03#656de156#ffffff_034512#join_rhs ON FIRST 4 OUTPUT Rhs.4, Lhs.4 'out', Lhs.0 'arg', Rhs.5 'ret'

                      1513839768 ~1%     {5} r3 = JOIN r2 WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'out', Lhs.2 'arg', Lhs.3 'ret', Rhs.1 'par', Lhs.3 'ret'
                      1513839768 ~1%     {5} r4 = r3 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      1513839768 ~5%     {4} r5 = SCAN r4 OUTPUT In.1 'arg', In.3 'par', In.0 'out', In.4 'ret'

                      1513839768 ~2%     {4} r6 = JOIN r2 WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.3 'ret', Lhs.1 'out', Lhs.2 'arg', Rhs.1 'par'
                      0          ~0%     {5} r7 = JOIN r6 WITH boundedFastTC(DataFlowImpl::Subpaths::localStepToHidden#656de156#ff_10#higher_order_body,DataFlowImpl::Subpaths::subpaths#656de156#ffff#higher_order_body) ON FIRST 1 OUTPUT Lhs.1 'out', Lhs.2 'arg', Lhs.0, Lhs.3 'par', Rhs.1 'ret'
                      0          ~0%     {5} r8 = r7 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      0          ~0%     {4} r9 = SCAN r8 OUTPUT In.1 'arg', In.3 'par', In.0 'out', In.4 'ret'

                      1513839768 ~5%     {4} r10 = r5 UNION r9
                      6689751    ~0%     {4} r11 = JOIN r10 WITH DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff ON FIRST 2 OUTPUT Lhs.0 'arg', Lhs.1 'par', Lhs.3 'ret', Lhs.2 'out'
                                         return r11
```

After
```
[2022-05-03 11:44:10] (969s) Tuple counts for DataFlowImpl::Subpaths::subpaths#656de156#ffff/4@b26b969r after 11.8s:
                      8372525 ~0%     {3} r1 = JOIN DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff_10#join_rhs WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'arg', Rhs.1, Rhs.0
                      6673799 ~6%     {9} r2 = JOIN r1 WITH DataFlowImpl::Subpaths::subpaths03#656de156#fffffffff ON FIRST 2 OUTPUT Rhs.3, Rhs.4, Rhs.5, Rhs.7, Rhs.6, Rhs.8, Lhs.2 'par', Lhs.0 'arg', Rhs.2 'ret'

                      6637884 ~0%     {5} r3 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Lhs.6 'par', Lhs.7 'arg', Lhs.8 'ret', Rhs.6 'out', Lhs.8 'ret'

                      6637884 ~0%     {4} r4 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Rhs.6 'out', Lhs.6 'par', Lhs.7 'arg', Lhs.8 'ret'

                      51867   ~0%     {5} r5 = JOIN r4 WITH DataFlowImpl::PathNodeMid::projectToSink#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'par', Lhs.2 'arg', Lhs.3 'ret', Rhs.1 'out', Lhs.3 'ret'

                      6689751 ~0%     {5} r6 = r3 UNION r5
                      6689751 ~0%     {5} r7 = r6 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      6689751 ~0%     {4} r8 = SCAN r7 OUTPUT In.1 'arg', In.0 'par', In.4 'ret', In.3 'out'

                      6637884 ~0%     {4} r9 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Lhs.8 'ret', Lhs.6 'par', Lhs.7 'arg', Rhs.6 'out'

                      51867   ~0%     {4} r10 = JOIN r4 WITH DataFlowImpl::PathNodeMid::projectToSink#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.3 'ret', Lhs.1 'par', Lhs.2 'arg', Rhs.1 'out'

                      6689751 ~0%     {4} r11 = r9 UNION r10
                      0       ~0%     {5} r12 = JOIN r11 WITH boundedFastTC(DataFlowImpl::Subpaths::localStepToHidden#656de156#ff_10#higher_order_body,DataFlowImpl::Subpaths::subpaths#656de156#ffff#higher_order_body) ON FIRST 1 OUTPUT Lhs.1 'par', Lhs.2 'arg', Lhs.0, Lhs.3 'out', Rhs.1 'ret'
                      0       ~0%     {5} r13 = r12 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
                      0       ~0%     {4} r14 = SCAN r13 OUTPUT In.1 'arg', In.0 'par', In.4 'ret', In.3 'out'

                      6689751 ~0%     {4} r15 = r8 UNION r14
                                      return r15
```
 2022-05-03 11:45:28 +02:00
Anders Schack-Mulligen
249f771fad Merge pull request #8952 from cklin/fix-ql-comments-syntax 
Fix syntax errors in QL comments
 2022-05-03 11:15:56 +02:00
Jeroen Ketema
904ff1a569 Merge pull request #8943 from jbj/remove-gvn-imports 
C++: Remove import order workarounds
 2022-05-03 11:01:02 +02:00