hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-15 14:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,690 Branches 160 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Ford
91bde8d85d Support ActiveRecord SQL executing calls where there is a self receiver (implicit or explicit) 2021-06-24 18:12:25 +01:00
Alex Ford
5386c776b3 Implement rb/sql-injection 2021-06-24 18:12:25 +01:00
Alex Ford
957b29b5af Add more defaultAdditionalTaintSteps 2021-06-24 18:12:25 +01:00
Alex Ford
6e5665da8c Make ActiveRecord model flag more potentially dangerous SQL executions 2021-06-24 18:12:25 +01:00
Alex Ford
8761873cd1 Implement two common barrier guards 2021-06-24 18:12:25 +01:00
Alex Ford
98313d0a56 Convenience classes for wrapping some Exprs as ExprCfgNodes 2021-06-24 18:12:25 +01:00
Alex Ford
ad1d8420f3 Make BarrierGuard abstract 2021-06-24 18:12:25 +01:00
Alex Ford
adf32e973a Create Frameworks.qll to act as a container for all framework models 2021-06-24 18:12:25 +01:00
Nick Rolfe
17a59ef824 Add basic test for regex parsing 2021-06-24 18:06:08 +01:00
Arthur Baars
f69c5dc19b Merge pull request #221 from github/package-depend-on-compile-queries 
make the package job depend on compile-queries
 2021-06-24 19:03:44 +02:00
Arthur Baars
22990a938d Add support for LGTM_INDEX_FILTERS environment variable 
* re-implement autobuilder script in Rust
* add additional --include/--exclude flags based on LGTM_INDEX_FILTERS
  environment variable
 2021-06-24 18:45:31 +02:00
Tom Hvitved
7a9f9e245f C#: Handle CSV data-flow summaries with out/ref parameters 2021-06-24 18:34:25 +02:00
Nick Rolfe
51b0ffdaf8 Fix printAst to support adding edges in AstDesugar test 2021-06-24 17:14:23 +01:00
Nick Rolfe
f7e89f47fd Comment out temporarily-unused predicates 2021-06-24 17:06:41 +01:00
Chris Smowton
2acb4de2cb Merge pull request #5955 from haby0/java/JShellCodeInjection 
Java: JShell Injection
 2021-06-24 17:03:30 +01:00
Alex Ford
58e9b69ea4 make the package job depend on compile-queries 2021-06-24 16:52:22 +01:00
Rasmus Wriedt Larsen
a9469b73d9 Python: Port py/clear-text-storage-sensitive-data 2021-06-24 17:39:08 +02:00
Rasmus Wriedt Larsen
8926b3edc7 Python: Add change-note for CookieWrite 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
7017beca47 Python: Model CookieWrite for twisted 
Had to split the call to `request.cookies.append` since inline
expectation tests didn't like the expectation that contained `=` :(
 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
4606444b85 Python: Model CookieWrite for flask 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
65c526df86 Python: Model CookieWrite for tornado 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
9340d658a4 Python: Model CookieWrite for django 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
930ed0a712 Python: Minor django fixup 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
226425e831 Python: Model CookieWrite for aiohttp 2021-06-24 17:34:43 +02:00
Rasmus Wriedt Larsen
e1af1f11ee Python: Add HTTP::Server::CookieWrite concept 
along with tests, but no implementations (to ease reviewing).

---

I've put quite some thinking into what to call our concept for this.

[JS has `CookieDefinition`](581f4ed757/javascript/ql/src/semmle/javascript/frameworks/HTTP.qll (L148-L187)), but I couldn't find a matching concept in any other languages.

We used to call this [`CookieSet`](f07a7bf8cf/python/ql/src/semmle/python/web/Http.qll (L76)) (and had a corresponding `CookieGet`).

But for headers, [Go calls this `HeaderWrite`](cd1e14ed09/ql/src/semmle/go/concepts/HTTP.qll (L97-L131)) and [JS calls this `HeaderDefinition`](581f4ed757/javascript/ql/src/semmle/javascript/frameworks/HTTP.qll (L23-L46))

I think it would be really cool if we have a naming scheme that means the name for getting the value of a header on a incoming request is obvious. I think `HeaderWrite`/`HeaderRead` fulfils this best. We could go with `HeaderSet`/`HeaderGet`, but they feel a bit too vague to me. For me, I'm so used to talking about def-use, that I would immediately go for `HeaderDefinition` and `HeaderUse`, which could work, but is kinda strange.

So in the end that means I went with `CookieWrite`, since that allows using a consistent naming scheme for the future :)
 2021-06-24 17:34:43 +02:00
Nick Rolfe
a6dd2fa0a1 Split ReDoS query into .ql and .qll, and add .qhelp 2021-06-24 16:32:45 +01:00
Arthur Baars
7574d1cad7 Merge pull request #220 from github/aibaars/update-build-yml 
Update build.yml
 2021-06-24 16:38:26 +02:00
Arthur Baars
be1d4c3d2c Address comment 2021-06-24 16:31:24 +02:00
Arthur Baars
ade36691b6 Remove unnecessary qualifier 2021-06-24 16:13:29 +02:00
Arthur Baars
dfc96de4cc Update build.yml 2021-06-24 16:09:45 +02:00
Mathias Vorreiter Pedersen
a294fb07f5 C++: Add change-note. 2021-06-24 16:01:59 +02:00
Arthur Baars
95399b2d0a Refactor ApiGraphs.qll 2021-06-24 15:58:02 +02:00
Arthur Baars
4f96834711 Add ConstantAccessCfgNode 2021-06-24 15:57:48 +02:00
Mathias Vorreiter Pedersen
af56c782bf C++: Add QLDoc. 2021-06-24 15:57:01 +02:00
Mathias Vorreiter Pedersen
38c487abf9 Merge branch 'main' into more-random-sources-in-uncontrolled-arithmetic 2021-06-24 15:56:15 +02:00
Mathias Vorreiter Pedersen
5bfb78b583 C++: Block flow through all bitwise 'and' and 'or' operations. This seems to be a common source of false positives on LGTM. 2021-06-24 15:53:59 +02:00
Mathias Vorreiter Pedersen
e8bba78825 C++: Convert 'cpp/uncontrolled-arithmetic' to use a 'TaintTracking::Configuration'. 2021-06-24 15:51:44 +02:00
Felicity Chapman
4a8b71a245 Make initial changes for multi-db options 2021-06-24 14:44:08 +01:00
Anders Schack-Mulligen
95ad8b55fe Merge pull request #6107 from aschackmull/dataflow/implicit-reads 
Dataflow: Add support for implicit reads
 2021-06-24 15:38:35 +02:00
Anders Schack-Mulligen
01fc3e6559 C++/C#/Java/Python: Add change notes. 2021-06-24 14:29:34 +02:00
Anders Schack-Mulligen
cd0efbe7ce Dataflow: Sync. 2021-06-24 14:19:17 +02:00
Anders Schack-Mulligen
1c1d11a4a4 DataFlow: Address review comments. 2021-06-24 14:18:45 +02:00
Mathias Vorreiter Pedersen
c0ffd9027f C++: Add more random sources. 2021-06-24 13:40:00 +02:00
haby0
3cf71c50b8 Mobile stubs 2021-06-24 19:24:38 +08:00
Anders Schack-Mulligen
1e511c0a9e Merge pull request #6137 from smowton/smowton/feature/java-util-optional 
Java: Model java.util.Optional
 2021-06-24 13:21:36 +02:00
Arthur Baars
6bed50a86b Rename predicate with snake cased name 2021-06-24 11:59:13 +02:00
Tamás Vajk
173be0cce0 Merge pull request #6144 from tamasvajk/feature/stub-dapper 
C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlC…
 2021-06-24 11:41:12 +02:00
Rasmus Wriedt Larsen
686638a65f Merge pull request #6049 from RasmusWL/jmespath 
Python: Add modeling of `jmespath`
 2021-06-24 11:13:19 +02:00
Tamas Vajk
477dfa28ec Fix framework coverage commenting action 
This commit handles the case when the current run finds no coverage change and the previous run is identified,
but it doesn't have the required artifacts.
 2021-06-24 10:44:36 +02:00
Mathias Vorreiter Pedersen
c8c77396fa C++: Get rid of the trivial 'True' condition. Turns out it's not actually needed. 2021-06-24 09:57:54 +02:00