hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-22 21:27:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,446 Commits 1,783 Branches 169 Tags
codeql-cli/v2.25.5
Commit Graph

87446 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Wriedt Larsen
d475bb998e Python: Add abstract class CommandSink 
I'm going to add more in a sec, and listing *all* of them in CommandInjection.ql
started to be silly
 2020-03-23 17:04:08 +01:00
intrigus
1f635806b3 Fix copy-paste errors, remove debugging code 2020-03-23 16:49:45 +01:00
intrigus-lgtm
9187bacd3c Apply suggestion from code review 
Use getUnderlyingType() to account for named aliases.

Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-03-23 16:45:56 +01:00
Max Schaefer
55e7b22cdf JavaScript: Autoformat. 2020-03-23 14:37:04 +00:00
kyprizel
49e5a22cab Fixed code style for SockJS 
also fixed appCreation, thanks to Erik Krogh.
 2020-03-23 17:16:17 +03:00
Jonas Jensen
13465921a3 Merge pull request #3092 from dbartol/dbartol/VarArgIR2_ElectricBoogaloo 
C++: Better IR for varargs
 2020-03-23 14:13:54 +01:00
Erik Krogh Kristensen
833183c706 change note 2020-03-23 14:13:30 +01:00
Erik Krogh Kristensen
7bc7ffffd6 autoformat 2020-03-23 14:10:07 +01:00
Erik Krogh Kristensen
f1e0d37273 Update javascript/ql/test/library-tests/frameworks/Concepts/file-access.js 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-23 14:02:22 +01:00
Sauyon Lee
4ff3177fae Merge pull request #67 from max-schaefer/more-qldoc 
Add missing Qldoc for modules.
 2020-03-23 05:29:40 -07:00
Max Schaefer
b13e6141a2 JavaScript: Inline promiseStep/4. 2020-03-23 12:01:52 +00:00
Asger F
6c2842bd49 Merge pull request #2919 from asger-semmle/js/property-barriers 
JS: Make sanitizers no longer block taint inside an object
 2020-03-23 11:43:18 +00:00
Rasmus Wriedt Larsen
dcfc9a8796 Python: TarSlip sanitizer: explain tests with not 
It was a bit confusing what was meant before
 2020-03-23 12:00:59 +01:00
Anders Schack-Mulligen
4bc0cb0d28 Java: Fixup FinalizeMethod definition. 2020-03-23 11:11:00 +01:00
Erik Krogh Kristensen
2c43d1d731 fix FP in superfluous-trailing-arguments related to Function.arguments 2020-03-23 10:40:35 +01:00
Luke Cartey
9eee16b2d6 Merge pull request #3091 from hvitved/csharp/xpath-injection-more-sinks 
C#: Teach XPath injection query about `XPathNavigator`
 2020-03-23 09:39:26 +00:00
semmle-qlci
2c7af72f14 Merge pull request #2858 from RasmusWL/python-support-django2 
Approved by tausbn
 2020-03-23 09:35:46 +00:00
Anders Schack-Mulligen
6d3717cff8 Java: Sharpen return type of LambdaExpr.getStmtBody(). 2020-03-23 10:27:36 +01:00
Anders Schack-Mulligen
c78906500d Java: Fix missing jump step from PostUpdate to capture. 2020-03-23 10:24:25 +01:00
Max Schaefer
62b79721ea Track taint through element writes. 
This adds a taint step from `pred` to (the post-update node) of `succ` in `succ[idx] = pred` and its syntactic variants.

Unlike for structs, where partially tainted values are quite common, the theory is that arrays, maps, and slices are usually either completely tainted or completely clean.
 2020-03-23 09:15:01 +00:00
Anders Schack-Mulligen
888c504f55 Merge pull request #2903 from hvitved/dataflow/performance 
Data flow: Refactoring + performance improvements
 2020-03-23 10:01:20 +01:00
intrigus
d81c9b145e Update query help to use goxpath 2020-03-20 21:38:46 +01:00
intrigus
948b79df87 Update xpath example, use goxpath package 2020-03-20 21:38:46 +01:00
intrigus
c7ead88b91 Restructure query, add default sanitizer 2020-03-20 21:38:46 +01:00
intrigus-lgtm
ec40cf0379 Apply suggestions from review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-03-20 21:38:02 +01:00
Jonas Jensen
79d5b88e33 C++: Remove redundant case 2020-03-20 19:40:53 +01:00
Eldar T. Zaitov
ee0b65ad39 Added experimental SockJS support 2020-03-20 21:24:16 +03:00
Dave Bartolomeo
fb71f781a0 C++: Fix formatting 2020-03-20 14:23:58 -04:00
Robert Marsh
d529fedbad C++: accept extractor changes to IR 2020-03-20 11:00:54 -07:00
yo-h
16f2957029 Merge pull request #3081 from aschackmull/java/urldecoder-step 
Java: Add URLDecoder.decode as taint step.
 2020-03-20 13:53:20 -04:00
yo-h
bcda481d4a Merge pull request #3086 from aschackmull/java/apache-base64-taint 
Java: Add apache Base64 taint steps.
 2020-03-20 13:49:20 -04:00
Max Schaefer
60fe6f4390 Add missing Qldoc for modules. 2020-03-20 17:36:08 +00:00
Jonas Jensen
f6f9afe462 C++: Implement Instruction.isResultConflated 
This predicate replaces `isChiForAllAliasedMemory`, which was always
intended to be temporary. A test is added to `IRSanity.qll` to verify
that the new predicate corresponds exactly with (a fixed version of) the
old one.

The implementation of the new predicate,
`Cached::hasConflatedMemoryResult` in `SSAConstruction.qll`, is faster
to compute than the old `isChiForAllAliasedMemory` because it uses
information that's readily available during SSA construction.
 2020-03-20 17:57:18 +01:00
Dave Bartolomeo
82e2816915 C++: Fix handling of std::va_list that is used as a function parameter 
In the Unix ABI, `std::va_list` is defined as `typedef struct __va_list_tag { ... } va_list[1];`, which means that any `std::va_list` used as a function parameter decays to `struct __va_list_tag*`. Handling this actually made the QL code slightly cleaner. The only tricky bit is that we have to determine what type to use as the actual `va_list` type when loading, storing, or modifying a `std::va_list`. To do this, we look at the type of the argument to the `va_*` macro. A detailed QLDoc comment explains the details.

I added a test case for passing a `va_list` as an argument, and then manipulating that `va_list` in the callee.
 2020-03-20 12:53:09 -04:00
Geoffrey White
bb2ce6e5d9 C++: More missing override tags. 2020-03-20 16:23:15 +00:00
Taus Brock-Nannestad
a3bd46d4fe Python: Autoformat remaining .qll. 2020-03-20 16:43:10 +01:00
Taus Brock-Nannestad
6904898a8b Python: Autoformat query-local libs. 2020-03-20 16:42:46 +01:00
Taus Brock-Nannestad
9044ff6959 Python: Autoformat rest of semmle/python. 2020-03-20 16:42:22 +01:00
Taus Brock-Nannestad
810e91ea00 Python: Autoformat semmle/python top-level. 2020-03-20 16:41:45 +01:00
Taus Brock-Nannestad
f406a45ce0 Python: Autoformat web. 2020-03-20 16:38:27 +01:00
Taus Brock-Nannestad
5b121b7723 Python: Autoformat values. 2020-03-20 16:37:06 +01:00
Taus Brock-Nannestad
51f1cf020c Python: Autoformat security. 2020-03-20 16:36:48 +01:00
Taus Brock-Nannestad
4852bb7355 Python: Autoformat pointsto. 2020-03-20 16:36:25 +01:00
Taus Brock-Nannestad
d8b942f922 Python: Autoformat objects. 2020-03-20 16:36:07 +01:00
Taus Brock-Nannestad
165dcd37a1 Python: Autoformat library-tests. 2020-03-20 16:35:37 +01:00
Geoffrey White
ccf5e03fc8 C++: Autoformat. 2020-03-20 15:01:22 +00:00
Geoffrey White
9e117709bc C++: mustwrite = false. 2020-03-20 14:59:57 +00:00
luchua-bc
d9327705d2 Fix the issue of mixed tabs and spaces 2020-03-20 08:16:45 -04:00
luchua-bc
dfb42ecf42 Address sensitive info logging 2020-03-20 08:14:48 -04:00
Tom Hvitved
2d90e7daca Autoformat 2020-03-20 09:34:34 +01:00