hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-27 20:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,078 Commits 1,697 Branches 161 Tags
codeql-cli/v2.11.6
Commit Graph

47078 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
0f3168f293 record more parse errors 2021-05-10 21:23:24 +01:00
thank_you
3ace49549a Add tests for SqlAlchemy modeling library 
After researching SqlAlchemy and it's various query methods, I discovered several types of SQL injection possibilities.

The SQLExecution.py file contains these examples and can be broken up into two types of injections. Injections requiring the text() taint-step and injections NOT requiring the text() taint step.
 2021-05-10 16:12:15 -04:00
Marcono1234
2e098f050e Java: Ignore char array based closeables for CloseReader.ql and CloseWriter.ql 2021-05-10 18:33:07 +02:00
Mathias Vorreiter Pedersen
5016c6436a Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type 
C++: Fix false positive in `cpp/comparison-with-wider-type`
 2021-05-10 17:58:31 +02:00
Jonathan Leitschuh
d27316eb3e Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-05-10 11:55:31 -04:00
Chris Smowton
0afe22d60c Merge pull request #5710 from p0wn4j/jsch-os-injection 
[Java] CWE-078: Add JSch lib OS Command Injection sink
 2021-05-10 16:12:00 +01:00
Tamas Vajk
dd86da3f24 C#: Remove base class from type IDs in trap files 2021-05-10 17:06:10 +02:00
Tamas Vajk
31ac6442e8 C#: Fix default parameter value generation in case of error symbols 2021-05-10 17:03:08 +02:00
Rasmus Wriedt Larsen
1b0d5053e7 Python: simplejson load/dump only works with lib installed 
Which I had done locally. Problem is the same about not having PostUpdateNode
when points-to is not able to resolve the call, so I'm happy to just make CI
happy right now, and hopefully we'll get a fix to the underlying problem soon 😊
 2021-05-10 16:21:29 +02:00
Mathias Vorreiter Pedersen
d55db836cb C++: Remove implied conjunct. 2021-05-10 16:13:54 +02:00
Tom Hvitved
498f9b2547 Merge pull request #5848 from hvitved/csharp/trap-key-escape 
C#: Escape IDs in TRAP label definitions
 2021-05-10 16:13:13 +02:00
Tony Torralba
8553ca1019 Autoformatting 2021-05-10 15:42:20 +02:00
Mathias Vorreiter Pedersen
51d04cb5b3 C++: Correct test annotation. 2021-05-10 15:30:35 +02:00
Slavomir
f644194354 Add package predicates 2021-05-10 15:18:47 +02:00
Mathias Vorreiter Pedersen
c0b65314be C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions. 2021-05-10 15:18:42 +02:00
Slavomir
06fac54da3 Add web framework: github.com/gofiber/fiber 2021-05-10 15:12:32 +02:00
Rasmus Wriedt Larsen
c2a6b811fc Python: Add modeling of ujson PyPI package 
The problem with `tainted_filelike` not having taint, is that in the call

`ujson.dump(tainted_obj, tainted_filelike)`

there is no PostUpdateNote for `tainted_filelike` :( The reason is that
points-to is not able to resolve the call, so none of the clauses in
`argumentPreUpdateNode` matches

See 08731fc6cf/python/ql/src/semmle/python/dataflow/new/internal/DataFlowPrivate.qll (L101-L111)

Let's deal with that issue in an other PR though
 2021-05-10 15:10:31 +02:00
Rasmus Wriedt Larsen
72d08f4d6e Python: Model json load/dump 2021-05-10 15:10:30 +02:00
Rasmus Wriedt Larsen
63f28d7d9b Python: Model keyword args to json loads/dumps 2021-05-10 15:10:29 +02:00
Rasmus Wriedt Larsen
784e0cdb96 Python: Improve tests of json module 
Inspired by the work on previous commit
 2021-05-10 15:10:28 +02:00
Rasmus Wriedt Larsen
3fe9a3d933 Python: Add modeling of simplejson PyPI package 
I noticed that we don't handle PostUpdateNote very well in the concept tests,
for exmaple for `json.dump(...)` there _should_ have been an `encodeOutput` as
part of the inline expectations.

I'll work on fixing that up in a separate PR, to keep things clean.
 2021-05-10 15:10:27 +02:00
Mathias Vorreiter Pedersen
c7cd75437f C++: Add testcase demonstrating false positive from conversions. 2021-05-10 14:58:33 +02:00
CodeQL CI
a3d17a1437 Merge pull request #5769 from erik-krogh/libXss 
Approved by esbena
 2021-05-10 05:58:07 -07:00
yoff
78370cf63f Update python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll 2021-05-10 14:53:40 +02:00
Erik Krogh Kristensen
504c34ed2c use shouldPrint to filter out regular expressions from other files 2021-05-10 14:51:13 +02:00
Chris Smowton
879666682d Merge pull request #537 from gagliardetto/fix-clevergo 
CleverGo: Update generated naming
 2021-05-10 12:32:08 +01:00
Erik Krogh Kristensen
d6f9e37e39 add printAst.ql support for regular expressions 2021-05-10 13:31:00 +02:00
ihsinme
9e5a38debd Update DeclarationOfVariableWithUnnecessarilyWideScope.expected 2021-05-10 14:17:40 +03:00
Asger Feldthaus
3e5dc1efb7 JS: More robust hasUnderlyingType 2021-05-10 13:17:25 +02:00
ihsinme
d3c6093f37 Update test.c 2021-05-10 14:16:38 +03:00
ihsinme
c8f2937df9 Update DeclarationOfVariableWithUnnecessarilyWideScope.ql 2021-05-10 14:16:11 +03:00
Tom Hvitved
7f1f2b4dd3 C#: Fix GetHashCode/Equals on EscapingTextWriter 2021-05-10 13:05:51 +02:00
Alex Denisov
dcdd54593e C++: Adjust user-defined literals test' expectations 2021-05-10 13:03:40 +02:00
Alex Ford
2154b7df30 add doc for IntegerLiteral.getValue 2021-05-10 11:02:48 +01:00
Alex Ford
48add9ffbc remove internal import in rb/overly-permissive-file 2021-05-10 11:00:59 +01:00
Max Schaefer
8f91e9eba0 JavaScript: Model chaining calls in sqlite3. 2021-05-10 10:58:58 +01:00
Rasmus Wriedt Larsen
8afdf26540 Python: Add modeling of idna PyPI package 2021-05-10 11:47:11 +02:00
Tony Torralba
d99b5bfc66 Reuse previous tests from experimental 2021-05-10 11:17:20 +02:00
Asger F
f4e636dcd6 Update javascript/ql/src/semmle/javascript/frameworks/ClassValidator.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-05-10 10:08:10 +01:00
CodeQL CI
097b6e5e33 Merge pull request #5794 from erik-krogh/rxPipe 
Approved by asgerf
 2021-05-10 02:06:34 -07:00
Erik Krogh Kristensen
d913668943 move hasPathWithoutUnmatchedReturn to Configuration.qll 2021-05-10 10:55:33 +02:00
Rasmus Wriedt Larsen
7ed20a8b2c Python: Add reminder to update docs for new frameworks 2021-05-10 10:55:21 +02:00
Chris Smowton
1f9097430e Merge pull request #535 from owen-mc/update-dataflow-libraries-2021-05-05 
Update dataflow libraries 2021-05-05
 2021-05-10 09:53:32 +01:00
Erik Krogh Kristensen
b4e35f54d9 fix typo 2021-05-10 10:48:43 +02:00
Erik Krogh Kristensen
646bf99489 rewrite the qhelp to focus more on documenting unsafe functions 2021-05-10 10:48:40 +02:00
Asger Feldthaus
df5eab33f9 JS: Update relevantTaintSource() 2021-05-10 09:43:33 +01:00
CodeQL CI
b1f28afcbd Merge pull request #5741 from asgerf/js/more-cheat-sheet 
Approved by erik-krogh
 2021-05-10 01:34:56 -07:00
Mathias Vorreiter Pedersen
474b337eeb C++: Add change-note. 2021-05-10 10:22:44 +02:00
Mathias Vorreiter Pedersen
c91ed80e6c C++: Fix false positive by computing range of the converted expression. 2021-05-10 10:12:43 +02:00
Mathias Vorreiter Pedersen
7ac7830973 C++: Add testcase with false positive involving a conversion on the large-expression side of the comparison. 2021-05-10 10:11:31 +02:00