hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-02 08:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,684 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
e41bbfd931 Merge pull request #8510 from github/release-prep/2.8.4 
Release preparation for version 2.8.4
codeql-cli/v2.8.4 		2022-03-21 16:27:29 +00:00
Mathias Vorreiter Pedersen
cf54006c86 Fix dead link in CONTRIBUTING.md 
cc @felicitymay.
 2022-03-21 16:05:57 +00:00
Erik Krogh Kristensen
c8385a1e80 js/xss-through-dom: filter away reads of .src that end in a URL sink 2022-03-21 16:48:59 +01:00
Rasmus Wriedt Larsen
758a81cc0f Python: Remove import of Concepts in DataFlowPrivate 
As discussed in PR review
 2022-03-21 16:22:15 +01:00
Jonathan Leitschuh
b3ee1bd313 Refactor Preconditions and add Tests 2022-03-21 11:20:05 -04:00
Rasmus Wriedt Larsen
978ef05571 Python: Add change-note 2022-03-21 16:18:40 +01:00
Ian Lynagh
1f8ce3a868 Java: Tweak release notes 2022-03-21 15:14:45 +00:00
Rasmus Wriedt Larsen
b8dee25cce Python: ReflectedXSS -> ReflectedXss for new Query file 
So we stick to the naming conventions.

This rename is OK, since the new file was only just introduced in this
PR.
 2022-03-21 16:12:38 +01:00
Arthur Baars
79cd7bf8ed Python: create semmle/python/dataflow/new/Regex.qll 2022-03-21 15:57:19 +01:00
Jonathan Leitschuh
db0879ec25 Apply suggestions from code review 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-03-21 10:35:13 -04:00
Rasmus Wriedt Larsen
695553ba9f Python: Deprecate old non-Query.qll dataflow defs 2022-03-21 15:03:22 +01:00
Rasmus Wriedt Larsen
db86a18791 Python: Autoformat 2022-03-21 14:53:53 +01:00
Rasmus Wriedt Larsen
0125aea91b Python: Re-introduce old dataflow configs .qll files 
and move all the old deprecated aliases to that file. We now have a
situation where all queries should work as they did before, and we just
have these new Query.qll files that contain the implementation.

(deprecation comes later)
 2022-03-21 14:53:53 +01:00
Rasmus Wriedt Larsen
1bf8fa6a3b Python: Adopt Query.qll suffix for dataflow config defs 
This commit in itself makes everything break, but should make it easy to
follow the overall changes being made.
 2022-03-21 14:53:53 +01:00
Michael Nebel
92f8a90f31 C#: Introduce a collectionType predicate. 2022-03-21 14:44:38 +01:00
github-actions[bot]
b96eba9875 Release preparation for version 2.8.4 2022-03-21 13:26:27 +00:00
github-actions[bot]
dedc8c2254 Release preparation for version 2.8.4 2022-03-21 13:25:49 +00:00
Michael Nebel
8e2277e4f3 C#: Improve some of the QL Doc string. 2022-03-21 14:24:51 +01:00
Michael Nebel
d31ef371ec Merge pull request #8391 from michaelnebel/csharp/gvn-interface 
C#: Deprecate the StructuralComparisonConfiguration interface and use sameGvn instead.
 2022-03-21 14:10:53 +01:00
Geoffrey White
97fef4b3a5 C++: Switch strategy to nomagic. 2022-03-21 12:58:06 +00:00
Ian Lynagh
7295a5d313 Java: Add an upgrade script 2022-03-21 11:51:36 +00:00
Ian Lynagh
6284362868 Java: Update stats 2022-03-21 11:44:19 +00:00
Geoffrey White
7f825c12eb C++: Make getUnderlyingType 'nomagic'. 2022-03-21 11:12:18 +00:00
Jeroen Ketema
e05227d3fe C++: Add change note for the cpp/command-line-injection changes 2022-03-21 11:30:39 +01:00
Jeroen Ketema
8b4c42dd07 C++: Add cpp/command-line-injection test using a wrapper macro 2022-03-21 11:19:54 +01:00
Alex Ford
c891c53835 Merge pull request #8395 from alexrford/ruby/clear-text-storage 
Ruby: add `rb/clear-text-storage-sensitive-data` query
 2022-03-21 10:05:39 +00:00
CodeQL CI
b04c46f96d Merge pull request #8478 from asgerf/js/store-load-flow-context-sensitivity-bug 
Approved by erik-krogh
 2022-03-21 08:54:51 +00:00
ihsinme
151c93f502 Update DangerousUseOfExceptionBlocks.cpp 2022-03-21 09:52:14 +03:00
ihsinme
22cf3f7b20 Update test.cpp 2022-03-21 09:50:30 +03:00
Harry Maclean
5a6da827d0 Ruby: Avoid FP in TaintedFormatString query 
Kernel#printf supports two call signatures:

    printf(String, *args)
    printf(IO, String, *args)

We want to identify the String argument, which is the format string.
Previously we would return the 0th and 1st arguments, which gives some
FPs when the 1st arg is not a format string.

We now try to rule out the trivial case by checking if arg 0 has a
string value, and then assuming it is the format string. Otherwise we
fall back to returning both arguments.

This still has some false positive potential, but less than previously.
 2022-03-21 12:51:47 +13:00
Harry Maclean
5dcf0ad759 Ruby: Make IOPrintfCall more sensitive 
It will now identify cases like this:

    file = File.open "foo.txt", "a"
    file.printf(params[:format], arg)
 2022-03-21 12:51:47 +13:00
Harry Maclean
c253bddbe0 Ruby: Make getFormatArgument 0-indexed 2022-03-21 12:51:47 +13:00
Harry Maclean
c73dc8ad0c Ruby: Add change note for rb/tainted-format-string 2022-03-21 12:51:47 +13:00
Harry Maclean
10a411e5cc Ruby: Remove duplicate CWE reference 2022-03-21 12:51:47 +13:00
Harry Maclean
d79a6ddcb2 Ruby: Improve qhelp for rb/tainted-format-string 2022-03-21 12:51:47 +13:00
Harry Maclean
0cfe37dff4 Share TaintedFormatString between Ruby and JS 2022-03-21 12:51:46 +13:00
Harry Maclean
4249e30824 Ruby: Test tainted interpolated format arg 2022-03-21 12:51:18 +13:00
Harry Maclean
63199024a2 Add missing QLDoc 2022-03-21 12:51:18 +13:00
Harry Maclean
f6215d4c7e Ruby: Add rb/tainted-format-string query 2022-03-21 12:51:18 +13:00
Alex Ford
b79bb72153 Ruby: split up CipherInstantiation charpred 2022-03-20 18:32:47 +00:00
Jonathan Leitschuh
1d0275344d [Java]: Add precondition support for testing library asserts 2022-03-18 20:39:24 -04:00
Jeroen Ketema
f8198c3123 C++: Use flow states in cpp/command-line-injection 2022-03-18 20:06:45 +01:00
Robert Marsh
4bf35ad188 Merge pull request #8483 from jketema/command-line-injection-test-cases-with-calls 
C++: Add additional command line injection tests
 2022-03-18 15:05:12 -04:00
Arthur Baars
beef8e29bc Merge pull request #8332 from hvitved/ruby/regexp-taint-flow 
Ruby: Use taint tracking instead of type tracking to define `regExpSource`
 2022-03-18 18:24:02 +01:00
Arthur Baars
9412b331db Revert "Revert "Python: switch to shared implementation of IncompleteHostnameRegExp.ql"" 
This reverts commit 6d24591416.
 2022-03-18 16:31:22 +01:00
Jeroen Ketema
d37ef1b5ca C++: Add command line injection test that currently results in a false positive 2022-03-18 16:12:09 +01:00
Arthur Baars
bf888f0f0b Merge remote-tracking branch 'upstream/main' into incomplete-url-string-sanitization 
Conflicts:
	config/identical-files.json
	javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql
	javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.qll
	ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.qll
 2022-03-18 16:09:20 +01:00
Arthur Baars
117fb5be7d Merge pull request #7917 from aibaars/incomplete-hostname 
Ruby: IncompleteHostnameRegExp.ql
 2022-03-18 16:00:09 +01:00
Alex Ford
2bd25da8e3 Ruby: Tidy an exists 2022-03-18 14:43:45 +00:00
Alex Ford
62bc0357ea Ruby: Improve Cryptography module qldoc 2022-03-18 14:38:14 +00:00