hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 19:02:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,948 Commits 1,685 Branches 158 Tags
codeql-cli/v2.4.0
Commit Graph

17948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
704bfe7184 CPP: Support taint flow from qualifiers. 2020-01-22 16:22:29 +00:00
Geoffrey White
e6daf3b7ee CPP: Support taint flow to qualifiers. 2020-01-22 16:16:31 +00:00
Jonas Jensen
7376daf16e C++: Some data flow through partial chi operands 2020-01-22 17:14:32 +01:00
Geoffrey White
974994ed49 CPP: Slight rearrange. 2020-01-22 16:11:51 +00:00
Geoffrey White
1a6f7febe7 CPP: Add tests of taint through qualifiers. 2020-01-22 16:11:13 +00:00
Jonas Jensen
adc557fd66 C++: Reformat a predicate 
This allows adding a multi-line case without the auto-formatting changes
becoming too disruptive.
 2020-01-22 16:50:25 +01:00
Jonas Jensen
3827411095 Merge branch 'dbartol/NoEscape' into HEAD 2020-01-22 16:21:24 +01:00
Asger Feldthaus
7e8fb1428e TS: Support tsconfig.json extending from ./node_modules 2020-01-22 15:03:03 +00:00
Taus Brock-Nannestad
0924a973de Python: Modernise remaining web libraries. 2020-01-22 15:27:29 +01:00
Calum Grant
a868456628 C#: Address review comments 2020-01-22 14:21:12 +00:00
Erik Krogh Kristensen
6345e9bde1 add change note 2020-01-22 15:14:10 +01:00
Erik Krogh Kristensen
b526a2ea0f implement a model of WebSocket and ws based on the EventEmitter model 2020-01-22 14:46:53 +01:00
semmle-qlci
007b0795ec Merge pull request #2636 from erik-krogh/NewSocketIO 
Approved by esbena
 2020-01-22 13:46:11 +00:00
Rasmus Wriedt Larsen
772538ff46 Python: Move tests of collection-taint to own dir 2020-01-22 14:24:50 +01:00
Rasmus Wriedt Larsen
df8be438bb Python: Show that list(tainted_string) works 2020-01-22 14:24:50 +01:00
Rasmus Wriedt Larsen
0da78f216a Python: Show that e, f, g = tainted_list doesn't work 2020-01-22 14:24:50 +01:00
Rasmus Wriedt Larsen
a55c13e61c Python: Improve tests for StringDictKind taint 
+ show we handle dict.values()
+ show we don't handle dict.items()
 2020-01-22 14:24:50 +01:00
Jonas Jensen
66914e52c6 C++: accept test changes 2020-01-22 14:08:05 +01:00
Jonas Jensen
5ae1e2c4e8 C++: Autoformat 2020-01-22 14:07:55 +01:00
Rasmus Wriedt Larsen
7d9f1f08ee Python: Autoformat 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
12bb05522a Python: Make py/weak-cryptographic-algorithm a path-problem 
and stop using deprecated hasFlow
 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
c5091f1ce7 Python: Make py/hardcoded-credentials a path-problem 
and stop using deprecated hasFlow
 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
96d5703f2c Python: Remove use of deprecated methods 2020-01-22 13:45:14 +01:00
Rasmus Wriedt Larsen
e6425bb4cf Python: Add deprecated keyword to deprecated functions 2020-01-22 13:45:14 +01:00
Jonas Jensen
6cdca29aa6 C++: Flow through read side effects 
Until we have better tracking of indirections, these flow rules conflate
pointers and their contents.
 2020-01-22 13:27:10 +01:00
Jonas Jensen
c24bceddcd C++: Add ReadSideEffectInstruction to IR 
There was already a `WriteSideEffectInstruction` class that served as a
superclass for all the specific write side effects. This new class
serves the same purpose for read side effects.
 2020-01-22 13:27:10 +01:00
Jonas Jensen
2aaf41a0d8 C++: Test lack of flow through read side effect 2020-01-22 13:27:10 +01:00
semmle-qlci
bc88c41e0b Merge pull request #2668 from erik-krogh/MoreEvents 
Approved by esbena
 2020-01-22 11:57:11 +00:00
Erik Krogh Kristensen
1228d506b4 update change notes to reflect that library models have improved 2020-01-22 12:52:45 +01:00
Asger Feldthaus
5719b44fa5 TS: Add some documentation 2020-01-22 11:47:02 +00:00
Asger Feldthaus
a220268ad8 TS: Install deps under scratch dir 2020-01-22 11:47:02 +00:00
Asger Feldthaus
303bac9710 TS: Guess main file location 2020-01-22 11:25:24 +00:00
Tom Hvitved
d5daee4450 Merge pull request #2661 from aschackmull/java/remove-dataflowlocation 
Java/C++/C#: Remove DataFlowLocation as it's no longer needed.
 2020-01-22 12:11:24 +01:00
Anders Schack-Mulligen
b92203a87f Java: Allow null literals as sources in data flow. 2020-01-22 12:04:42 +01:00
Asger Feldthaus
21eecc4c9c JS: Make return type class for installDependencies() 2020-01-22 10:52:38 +00:00
Asger Feldthaus
71b540755d TS: Print TypeScript semantic errors in log 2020-01-22 10:52:37 +00:00
Asger Feldthaus
dde0f868b3 TS: Handle monorepos by rewriting package.json 2020-01-22 10:52:37 +00:00
Anders Schack-Mulligen
cf004ac9d8 Java: Remove the deprecated ParityAnalysis. 2020-01-22 11:45:18 +01:00
Rasmus Wriedt Larsen
aeaaab6437 Python: Modernise Resources/ queries 2020-01-22 11:20:31 +01:00
Rasmus Wriedt Larsen
47b932d6ce Python: Autoformat Resources/ queries 2020-01-22 11:20:28 +01:00
Erik Krogh Kristensen
5063e3820d update expected output 2020-01-22 11:18:47 +01:00
Erik Krogh Kristensen
750e9786f6 add change note for EventEmitter 2020-01-22 10:31:38 +01:00
Dave Bartolomeo
9d35ff73c4 C++/C#: Make escape analysis unsound by default 
When building SSA, we'll be assuming that stack variables do not escape, at least until we improve our alias analysis. I've added a new `IREscapeAnalysisConfiguration` class to allow the query to control this, and a new `UseSoundEscapeAnalysis.qll` module that can be imported to switch to the sound escape analysis. I've cloned the existing IR and SSA tests to have both sound and unsound versions. There were relatively few diffs in the IR dump tests, and the sanity tests still give the same results after one change described below.

Assuming that stack variables do not escape exposed an existing bug where we do not emit an `Uninitialized` instruction for the temporary variables used by `return` statements and `throw` expressions, even if the initializer is a constructor call or array initializer. I've refactored the code for handling elements that initialize a variable to share a common base class. I added a test case for returning an object initialized by constructor call, and ensured that the IR diffs for the existing `throw` test cases are correct.
 2020-01-22 00:15:30 -07:00
Grzegorz Golawski
c5a974788b Add check for disabled CSRF protection in Spring 
Fix the help according to review comments.
 2020-01-21 21:54:36 +01:00
Robert Marsh
c79d7acbfc Merge pull request #2656 from jbj/asDefiningArgument 
C++: Add DataFlow::Node.asDefiningArgument in IR
 2020-01-21 15:42:57 -05:00
Erik Krogh Kristensen
8370699344 add support for creating a promise with another resolved promise, e.g: Promise.resolve(otherPromise) 2020-01-21 20:11:27 +01:00
Erik Krogh Kristensen
8679132624 copy data from both callbacks in Promise data-flow 2020-01-21 18:00:06 +01:00
Erik Krogh Kristensen
86477a2249 changes based on review 2020-01-21 16:45:53 +01:00
Calum Grant
3d460aeb44 C#: ZipSlip query reports alert at source 2020-01-21 15:17:06 +00:00
Erik Krogh Kristensen
fe0b6a86d7 add data-flow steps for when Promise handlers return other promises 2020-01-21 16:15:18 +01:00