hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 17:21:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,524 Commits 1,691 Branches 159 Tags
codeql-cli/v2.10.5
Commit Graph

42524 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierre
6f936942fa Add note about non-glibc systems 2022-02-22 11:29:51 +01:00
Porcuiney Hairs
e536628a66 Java : Add SSTI query 2022-02-22 15:57:53 +05:30
Asger Feldthaus
1be47db2e6 JS: Factor out more JS-specific code 2022-02-22 09:51:56 +01:00
Asger Feldthaus
2d509eb345 JS: Make Impl.qll determine the location of AccessPathSyntax.qll 2022-02-22 09:51:52 +01:00
Asger Feldthaus
42a3d8c689 JS: Treat Member[x] as a language-specific token 
In Ruby it is ambiguous whether Member[foo] means x.foo or x::foo
 2022-02-22 09:51:52 +01:00
Asger Feldthaus
acf95d6178 JS: Move summary resolution into JS-specific code 2022-02-22 09:51:52 +01:00
Asger Feldthaus
ab1642dd3f JS: Rename {Shared,Impl} -> ApiGraphModels{,Specific} 2022-02-22 09:51:48 +01:00
Harry Maclean
07c70adde5 Ruby: Update CleartextLogging fixture 
The flow summary for `String#sub` leads to two new results in this test.
They are duplicates of existing results, because the query is quite
liberal in what it considers a source.

```ruby

password = "abc"
password_masked = password.sub(/./, "x")
Logger.new(STDOUT).info password_masked

```

In the example above, the query considers lines 1 and 2 to both be
sources, with a sink at line 3. Previously there was no flow from line 1
to line 3 because of the missing flow summary for `String#sub`, and
therefore there was just one result. Now we have the flow summary, there
are two results.

Line 2 is considered a source because it is an assignment to a variable
that contains the term "password". I'm not sure how to adjust the query
to avoid these duplicates, so I'm leaving them in for now.
 2022-02-22 16:58:41 +13:00
Harry Maclean
340288e0d4 Ruby: Update summary access paths for dot syntax 2022-02-22 16:41:16 +13:00
Harry Maclean
d180a55b3a Ruby: Fix value/taint flow in String summaries 2022-02-22 16:41:16 +13:00
Harry Maclean
f07ae35b87 Ruby: Fix bug with String flow summaries 
Split summaries for methods with optional block parmaters into separate
classes. Also model the `exclusive` argument to `String#upto`.
 2022-02-22 16:41:16 +13:00
Harry Maclean
379de5581d Ruby: Disable summaries that clash with Array 
Some String methods are named identically to Array methods, and this
leads to overlapping flow summaries. These adversely affect the original
Array flow summaries.
 2022-02-22 16:41:15 +13:00
Harry Maclean
fef46e1ee4 Ruby: Add flow summaries for String methods 2022-02-22 16:41:15 +13:00
Erik Krogh Kristensen
e8df6a14ca add lodash.{clone, cloneDeep} as a clone step 2022-02-21 22:27:29 +01:00
alexet
7ea8577e23 QLSpec: Fix underline length 2022-02-21 19:25:44 +00:00
alexet
121b3f6fbf QLSpec:Allow setliterals withing inrange terms 2022-02-21 18:57:29 +00:00
alexet
5473162f23 QLSpec: Add documentation for expression pragmas 2022-02-21 18:55:56 +00:00
alexet
e2bc03c147 QLSpec: Consistency in primary expression order. 2022-02-21 18:53:53 +00:00
Henry Mercer
e42f759f6b Merge pull request #8153 from github/henrymercer/atm-add-cwe-tags 
JS: Add CWE tags for ML-powered queries
 2022-02-21 17:24:02 +00:00
Ian Lynagh
7ce9b160d0 Java: Performance tweaks 2022-02-21 17:05:00 +00:00
Henry Mercer
5a3daa9e3f JS: Add CWE tags for ML-powered queries 
- Cross-site scripting: CWE-79
- Path injection: CWE-22, CWE-23, CWE-36, CWE-73, CWE-99
- NoSQL injection: CWE-943
- SQL injection: CWE-89
 2022-02-21 16:18:33 +00:00
Henry Mercer
02cce623a6 JS: Install pack dependencies in ML CI jobs 2022-02-21 16:10:15 +00:00
Henry Mercer
a89882c14e JS: Update lockfiles for ML-powered queries packs 2022-02-21 16:03:05 +00:00
Asger Feldthaus
8194c041cc JS: Merge sources to one class 2022-02-21 16:26:02 +01:00
Asger F
00ed72ed83 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-02-21 16:24:50 +01:00
Tamas Vajk
422c2d5ccb C#: Add dynamic casts to useless upcast test 2022-02-21 16:10:00 +01:00
Henry Mercer
25f6ac3ec4 JS: Remove ML model pack from default workspace 
We only want to put the checked out version of the model pack to test a
custom model.
Given that the repo doesn't contain any models by default, most users
won't want the local checkout of the model pack to override the one
downloaded from the package registry.
 2022-02-21 15:06:30 +00:00
Henry Mercer
6fb9895367 JS: Separate the ML-powered queries model into its own pack 
This allows users to more easily get started with development. Running
`codeql pack install` from the `-queries` pack will now install the ML
model.
 2022-02-21 15:05:57 +00:00
Tom Bolton
0108642464 Merge pull request #8148 from github/tombolton/modify-counting-query 
Update counting query to match end-to-end results
 2022-02-21 15:02:43 +00:00
tombolton
e02319be9f add end to end predicate to result counting query 2022-02-21 14:35:58 +00:00
Erik Krogh Kristensen
cd4685c4c5 cache RegExpCreationNode::getAReference 2022-02-21 15:04:00 +01:00
Erik Krogh Kristensen
1407b49a8f fix some instances of ql/pred-doc-style for JS 2022-02-21 15:02:21 +01:00
Erik Krogh Kristensen
11bbd872f3 add ql-for-ql query for detecting bad predicate qldoc 2022-02-21 15:02:15 +01:00
Asger Feldthaus
cb38df5980 Go: rewrite access paths to dot-style 2022-02-21 14:56:54 +01:00
Asger Feldthaus
846a876c44 Go: update to use new API exposed by FlowSummaryImpl.qll 2022-02-21 14:53:05 +01:00
Rasmus Wriedt Larsen
d2cd77aefb Merge branch 'main' into dataflow-improvements 2022-02-21 14:49:40 +01:00
Asger Feldthaus
da52cb24f6 Go: sync FlowSummaryImpl and AccessPathSyntax.qll 2022-02-21 14:40:23 +01:00
Owen Mansel-Chan
e8c2ab745e Apply suggestions from code review from docs team 
Co-authored-by: hubwriter <hubwriter@github.com>
 2022-02-21 13:19:47 +00:00
Asger F
02c4966109 Merge pull request #7878 from asgerf/dot-separated-access-paths 
Shared: Switch to dot-separated access paths in summary specs
 2022-02-21 13:29:09 +01:00
Alex Ford
9196b64d6e Merge pull request #8138 from github/ruby/file-write 
Ruby: Implement `FileSystemWriteAccess` concept
 2022-02-21 10:13:27 +00:00
Alex Ford
746290d903 Merge pull request #7713 from github/ruby/clear-text-logging 
Ruby: Add `rb/clear-text-logging-sensitive-data` query
 2022-02-21 10:12:33 +00:00
Jeroen Ketema
fc91c82777 Add change note 2022-02-21 10:48:46 +01:00
Jeroen Ketema
e05af1e1d1 Use underlyingElement in isStructuredBinding 
Accodring to the documentation in `Element.qll`, `underlyingElement` is
supposed to be used here and not `unresolveElement`.
 2022-02-21 10:46:29 +01:00
Esben Sparre Andreasen
1d437dd722 Merge pull request #8043 from github/esbena/sharpen-hardcoded-credentials 
JS: Sharpen hardcoded credentials
 2022-02-21 10:02:58 +01:00
Rasmus Wriedt Larsen
b59ab7f5f3 Merge branch 'main' into python/promote-log-injection 2022-02-21 09:59:31 +01:00
Erik Krogh Kristensen
5f9bd7a4a1 Merge pull request #7984 from erik-krogh/fix-ql-for-ql-js 
JS: fix most ql-for-ql warnings
 2022-02-21 09:15:06 +01:00
Asger Feldthaus
7848fcec80 Shared: sync AccessPathSyntax.qll 2022-02-21 08:21:53 +01:00
Asger Feldthaus
d7f07167ac Shared: Remove getLastToken again 2022-02-21 08:21:53 +01:00
Asger Feldthaus
2c2a82a070 Shared: allow spaces between arguments in a token 2022-02-21 08:21:53 +01:00
Asger Feldthaus
55ac5cb012 Shared: auto format 2022-02-21 08:21:53 +01:00