hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-07 18:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,840 Commits 1,691 Branches 160 Tags
codeql-cli/v2.12.0
Commit Graph

48840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Marsh
9442be1a27 Autoformat 2022-03-29 16:23:57 -04:00
Porcupiney Hairs
92033047a5 Python : Add query to detect PAM authorization bypass 
Using only a call to `pam_authenticate` to check the validity of a login can
lead to authorization bypass vulnerabilities. A `pam_authenticate` only
verifies the credentials of a user. It does not check if a user has an
appropriate authorization to actually login. This means a user with a
expired login or a password can still access the system.

This PR includes a qhelp describing the issue, a query which detects instances where a call to
`pam_acc_mgmt` does not follow a call to `pam_authenticate` and it's
corresponding tests.

This PR has multiple detections. Some of the public one I can find are :
* [CVE-2022-0860](https://nvd.nist.gov/vuln/detail/CVE-2022-0860) found
in [cobbler/cobbler](https://www.github.com/cobbler/cobbler)
* [fredhutch/motuz](https://www.huntr.dev/bounties/d46f91ca-b8ef-4b67-a79a-2420c4c6d52b/)
 2022-03-30 00:47:58 +05:30
Robert Marsh
8d21c8b7c5 Merge pull request #8423 from 4B5F5F4B/main 
[CPP][Linux Kernel]Add ql to detect CVE-2017-5123
 2022-03-29 15:10:15 -04:00
luchua-bc
fa2a6a7da3 Remove unnecessary taint step and update qldoc 2022-03-29 17:52:49 +00:00
Jeroen Ketema
e5ac492b62 Merge pull request #8593 from jketema/pointless-options 
C++: Remove debugging options from library tests
 2022-03-29 17:55:47 +02:00
Jeroen Ketema
d1857a9e37 C++: Remove debugging options from library tests 2022-03-29 17:24:18 +02:00
Geoffrey White
e04298d532 C++: Delete experimental PrivateData.qll. 2022-03-29 15:26:46 +01:00
Asger Feldthaus
8bb58a3222 Merge branch 'js/decorated-method-or-class' of github.com:asgerf/codeql into js/decorated-method-or-class 2022-03-29 16:13:54 +02:00
Asger Feldthaus
75a84378ac JS: Do not generate def-nodes for decorated parameters 2022-03-29 16:13:45 +02:00
Asger Feldthaus
ca145f21b0 JS: Add test showing why parameter-sinks wont actually work well in JS 2022-03-29 16:06:53 +02:00
Geoffrey White
cf5c6baadd C++: More test cases for salary. 2022-03-29 15:05:27 +01:00
Asger Feldthaus
3bcfca421f JS: Add test case for decorated parameter sinks 2022-03-29 15:55:43 +02:00
Geoffrey White
0e3e145e53 C++: Add CWE-359 tag to cpp/cleartext-transmission. 2022-03-29 14:44:06 +01:00
Asger F
6e630cccc2 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-03-29 15:41:20 +02:00
Michael Nebel
db7abb429f C#: Remove unneeded exists. 2022-03-29 14:59:32 +02:00
Michael Nebel
6be41b0c29 C#/Java: Address review comments. 2022-03-29 14:52:57 +02:00
Michael Nebel
b0a24a7a44 C#: Change the implementation on getAnInput and getAnOutput based on hvitveds recommendations. 2022-03-29 14:52:57 +02:00
Michael Nebel
c2196a04aa C#: Update the description of the telemetry queries. 2022-03-29 14:52:57 +02:00
Michael Nebel
bfb206c810 C#: Let ExternalApi extend DataFlowCallable instead of Callable. 2022-03-29 14:52:57 +02:00
Michael Nebel
e1d4c1b68c C#/Java: Reorder code in terms of dependency, rename ExternalAPI to ExternalApi and add some missing predicate qualifiers. 2022-03-29 14:52:52 +02:00
Michael Nebel
4f00666591 C#: Add query and test case for supported external taint. 2022-03-29 14:49:37 +02:00
Michael Nebel
03c1bf6d87 C#: Mark Xunit as uninteresting. 2022-03-29 14:49:37 +02:00
Michael Nebel
18b1b51d07 C#: Add test for known sources telemetry query. 2022-03-29 14:49:37 +02:00
Michael Nebel
1f1059bfc6 C#: Add telemetry query for supported sources. 2022-03-29 14:49:37 +02:00
Michael Nebel
a7ece69f2b C#: Add test for supported sinks query. 2022-03-29 14:49:37 +02:00
Michael Nebel
d81e73f9c6 C#: Add telemetry query for supported sinks. 2022-03-29 14:49:37 +02:00
Michael Nebel
e4f6321851 C#: Add test for unsupported uses of library code. 2022-03-29 14:49:37 +02:00
Michael Nebel
e014cae7df C#: Add test and output for all library usages. 2022-03-29 14:49:37 +02:00
Michael Nebel
7cef859253 C#: Add sample code file that calls both supported and unsupported library code with respect to flow summaries. 2022-03-29 14:49:37 +02:00
Michael Nebel
918a6c7425 C#: Telemetry query for measuring (unsupport dataflow) library usage. 2022-03-29 14:49:37 +02:00
Michael Nebel
c023808657 C#: Telemetry query for measuring all library usage. 2022-03-29 14:49:37 +02:00
Michael Nebel
0650c6d395 C#: Add initial port of the java implementation of ExternalAPI.qll. 2022-03-29 14:49:37 +02:00
Michael Nebel
e9070b010b C#: Add getCall predicate to ArgumentNode. 2022-03-29 14:49:37 +02:00
Michael Nebel
c552ab4138 Java: Remove duplicate import statement in ExternalAPI.qll. 2022-03-29 14:49:37 +02:00
Michael Nebel
c3ac5aba57 Merge pull request #8482 from michaelnebel/csharp/capturesourcesink-models 
C#: Capture[Source|Sink]Models utility.
 2022-03-29 14:43:10 +02:00
yoff
3416f074e8 Update python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql 
Explain why `TestScope` is not used.

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-03-29 13:59:04 +02:00
Dave Bartolomeo
c9f79047b3 Improve QLDoc 2022-03-29 07:27:45 -04:00
Dave Bartolomeo
01c747ccb7 Remove debugging code 2022-03-29 07:14:51 -04:00
Dave Bartolomeo
820beed085 Remove Java portion (moved to separate PR) 2022-03-29 07:09:33 -04:00
Tony Torralba
e564481e9f Organize imports 2022-03-29 11:38:24 +02:00
Asger F
68575f3655 Merge pull request #8579 from asgerf/js/literal-csv-rows 
JS: write all CSV rows as literals
 2022-03-29 11:13:19 +02:00
Michael Nebel
8e60073d5a Java: Remove dataflow imports for java.qll. 2022-03-29 11:07:58 +02:00
Michael Nebel
f734edf8ff C#/Java: Minor refactor and re-arranging of code to align the CaptureModel specific implementations. 2022-03-29 11:07:58 +02:00
Michael Nebel
dd267b353a C#: Move isRelevantMemberAccess out of PropagateToSinkConfigurationSpecific. 2022-03-29 11:07:58 +02:00
Michael Nebel
3933dfa78e Java: Make imports private and add parts of the dataflow library to java.qll (same as in C#). 2022-03-29 11:07:58 +02:00
Michael Nebel
ad90c55bc6 C#: Improve encapsulation in CaptureModelsSpecific. 2022-03-29 11:07:57 +02:00
Michael Nebel
26d5eb64b3 C#/Java: Initial merge ModelGeneratorUtils into CaptureModels. 2022-03-29 11:07:57 +02:00
Michael Nebel
9b7691a5fc C#/Java: Address comments on re-exposing functionality. 2022-03-29 11:07:57 +02:00
Michael Nebel
1710b66003 C#/Java: Some minor variable name changes and QL Doc updates. 2022-03-29 11:07:57 +02:00
Michael Nebel
4298024cd6 C#: Refactor isRelevantForModels. 2022-03-29 11:07:57 +02:00