hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-09 23:14:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,446 Commits 1,775 Branches 169 Tags
codeql-cli/v2.25.5
Commit Graph

87446 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
MarkLee131
a9449cc991 Add EC to secure algorithm whitelist for Java CWE-327 query 2026-03-28 16:48:58 +08:00
Taus
a0b3c2f13a Python: Update change note 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-27 23:46:50 +01:00
Taus
187f7c7bcf Python: Move isNetworkBind check into isSink 2026-03-27 22:45:26 +00:00
Owen Mansel-Chan
37aac05964 Replace branch with acceptingValue 2026-03-27 22:39:10 +00:00
Taus
c5ef1f6342 Python: Port UseOfExit.ql 2026-03-27 22:28:38 +00:00
Owen Mansel-Chan
a7fdc4b543 Replace acceptingvalue with acceptingValue 2026-03-27 22:15:45 +00:00
Owen Mansel-Chan
a8b52acaa9 Merge pull request #21585 from github/copilot/convert-models-to-yml 
C++: Convert remaining CSV models to .model.yml and remove CSV model infrastructure
 2026-03-27 20:48:34 +00:00
Geoffrey White
a9cce1c0fa C++: Undo increasing query precision. 2026-03-27 17:32:03 +00:00
Geoffrey White
4f3108c444 C++: Update change note. 2026-03-27 17:04:05 +00:00
Taus
4f74d421b9 Python: Exclude AF_UNIX sockets from BindToAllInterfaces 
Looking at the results of the the previous DCA run, there was a bunch of
false positives where `bind` was being used with a `AF_UNIX` socket (a
filesystem path encoded as a string), not a `(host, port)` tuple. These
results should be excluded from the query, as they are not vulnerable.

Ideally, we would just add `.TupleElement[0]` to the MaD sink, except we
don't actually support this in Python MaD...

So, instead I opted for a more low-tech solution: check that the
argument in question flows from a tuple in the local scope.

This eliminates a bunch of false positives on `python/cpython` leaving
behind four true positive results.
 2026-03-27 16:55:10 +00:00
Geoffrey White
50681a3c42 C++: Add note to the .qhelp. 2026-03-27 16:47:31 +00:00
Geoffrey White
bb9873dc8f C++: Increase the query precision to high. 2026-03-27 16:40:45 +00:00
Jeroen Ketema
0f8e39a236 C++: Silence ExtractionRecoverableWarnings when BMN is active 2026-03-27 13:42:44 +01:00
Taus
47d24632e6 Python: Port ShouldUseWithStatement.ql 
Only trivial test changes.
 2026-03-27 12:34:20 +00:00
Taus
0ea80ac184 Python: Port UnusedExceptionObject.ql 
Depending on whether other queries depend on this, we may end up moving
the exception utility functions to a more central location.
 2026-03-27 12:34:14 +00:00
Taus
60f9ce4ce7 Python: Port UnreachableCode.ql 2026-03-27 12:33:04 +00:00
Owen Mansel-Chan
b3285c6ae2 Make description of acceptingvalue column clearer 2026-03-27 11:35:22 +00:00
Owen Mansel-Chan
c07a814515 Add comments to converted MaD file 2026-03-27 11:23:33 +00:00
Mathias Vorreiter Pedersen
8fc914f636 Merge pull request #21591 from MathiasVP/restrict-pair-cand 
C++: Fix join orders in virtual dispatch computation
 2026-03-27 11:20:53 +00:00
Owen Mansel-Chan
7e1ad825c3 Fix model row with misaligned columns 
The original CSV had too many columns, and copilot cut off the last one, before adding the provenance column at the end.
 2026-03-27 11:17:15 +00:00
Tom Hvitved
6dc98cfd01 Rust: Infer argument types based on trait bounds on parameters 2026-03-27 11:39:03 +01:00
Owen Mansel-Chan
f897575d3f Update change note 2026-03-27 10:11:13 +00:00
Paolo Tranquilli
55b95d22e9 Merge pull request #21580 from github/dependabot/bazel/rules_shell-0.7.1 
Bump rules_shell from 0.6.1 to 0.7.1
 2026-03-27 11:08:39 +01:00
Owen Mansel-Chan
5451424e75 Rust: Fix columns for neutrals 2026-03-27 09:47:36 +00:00
Owen Mansel-Chan
886a16bfad C++: Add provenance column 2026-03-27 09:47:34 +00:00
Owen Mansel-Chan
e680d49c93 Shared: document extensible relations rather than CSV 2026-03-27 09:47:32 +00:00
Owen Mansel-Chan
df842665b7 Rust: Add neutrals to MaD format explanation 2026-03-27 09:47:30 +00:00
Owen Mansel-Chan
805d2ec46c Go: Add provenance to MaD format explanation 2026-03-27 09:47:28 +00:00
Owen Mansel-Chan
61b13d5702 C++: Add provenance to MaD format explanation 2026-03-27 09:47:26 +00:00
Owen Mansel-Chan
10fddc7b96 Add barriers and barrier guards to MaD format explanations 2026-03-27 09:47:24 +00:00
Michael Nebel
73360eefb3 Merge pull request #21452 from michaelnebel/csharp/expandedassignment 
C#: Remove expanded assignments.
 2026-03-27 09:18:55 +01:00
yoff
08e115056d Merge pull request #21519 from github/tausbn/python-port-no-alert-change 2026-03-27 08:44:28 +01:00
Taus
c9832c330a Python: Convert BindToAllInterfaces to path-problem 
Now that we're using global data-flow, we might as well make use of the
fact that we know where the source is.
 2026-03-26 21:10:43 +00:00
Henry Mercer
4f79d6a2de Merge branch 'main' into henrymercer/yaml-regression-test 2026-03-26 19:36:21 +00:00
Michael Nebel
c4c363d4e5 Merge pull request #21589 from michaelnebel/csharp/updateintegrationtests 
C#: Update integration tests to use SDK 10.0.201.
 2026-03-26 19:51:22 +01:00
Mathias Vorreiter Pedersen
56153d583e C++: Switch to doublyBoundedFastTC when computing virtual dispatch edges and inline pairCand to avoid a giant tuple explosion. 2026-03-26 17:31:18 +00:00
Michael Nebel
1a4f333c4a C#: Update integration tests to use SDK 10.0.201. 2026-03-26 18:07:05 +01:00
Tom Hvitved
b8a8a160c5 Rust: More type inference tests 2026-03-26 18:06:32 +01:00
Owen Mansel-Chan
8a99ef4531 Update csv model tests to use MaD 2026-03-26 16:44:58 +00:00
Owen Mansel-Chan
21ecf230ce Small tweaks 2026-03-26 16:39:10 +00:00
Óscar San José
7a4b88fadc Merge pull request #21586 from github/oscarsj/hotfix-2.25.1-base 
Release 2.25.1 preparations
codeql-cli/v2.25.1 		2026-03-26 16:36:02 +01:00
Taus
c0ce6699a5 Python: Add change note 2026-03-26 15:35:33 +00:00
Taus
c439fc5d45 Python: Replace type tracking with global data-flow 
This takes care of most of the false negatives from the preceding
commit.

Additionally, we add models for some known wrappers of `socket.socket`
from the `gevent` and `eventlet` packages.
 2026-03-26 15:35:33 +00:00
Owen Mansel-Chan
de4fe6d25c Use inline expectations for query test 2026-03-26 15:27:17 +00:00
copilot-swe-agent[bot]
d69bcca687 Remove CSV model infrastructure from ExternalFlow.qll 
Remove SourceModelCsv, SinkModelCsv, SummaryModelCsv classes,
single-argument CSV predicates, CSV parsing in MadInput, and
CSV-specific validation checks. Simplify MadInput to only contain
the namespace separator. Convert test models to .ext.yml format.

Agent-Logs-Url: https://github.com/github/codeql/sessions/89ff81fe-5585-446d-99e2-6fe6966495c5

Co-authored-by: owen-mc <62447351+owen-mc@users.noreply.github.com>
 2026-03-26 15:07:39 +00:00
Taus
1ecd9e83b8 Python: Add test cases for BindToAllInterfaces FNs 
Adds test cases from github/codeql#21582 demonstrating false negatives:
- Address stored in class attribute (`self.bind_addr`)
- `os.environ.get` with insecure default value
- `gevent.socket` (alternative socket module)
 2026-03-26 14:57:24 +00:00
Taus
824d004a27 Python: Convert BindToAllInterfaces test to inline expectations 2026-03-26 14:56:57 +00:00
Óscar San José
fe565baf06 Apply suggestions from code review 
Co-authored-by: Óscar San José <oscarsj@github.com>
 2026-03-26 15:54:35 +01:00
Owen Mansel-Chan
64a52ba07f Update test that uses zmq models 2026-03-26 14:53:33 +00:00
Óscar San José
a5be35170b Missing file 2026-03-26 15:26:16 +01:00