hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-22 09:53:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,554 Commits 1,692 Branches 161 Tags
codeql-cli/v2.9.2
Commit Graph

36554 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
f8d45f04ed Revert "Revert "C++: Work around extractor issue CPP-383"" 
**Revert the revert** of the workaround for CFG issues when a
`FunctionCall` has a `getTarget` that does not exist. While we've fixed
the main cause of the problem, it can apparently still happen in rare
cases as a result of extractor crashes.

This reverts commit ee5eaef5e4.
 2021-04-16 16:44:58 +02:00
Arthur Baars
bf4f91e038 Address comments 2021-04-16 16:37:42 +02:00
edvraa
c3deb48efa Charpred for InstanceMethodSink 2021-04-16 17:19:42 +03:00
Tom Hvitved
40b74167e0 C#: Improve performance of DisposeNotCalledOnException.ql 2021-04-16 14:34:16 +02:00
Rasmus Wriedt Larsen
3c8ea167c4 Merge pull request #5668 from tausbn/python-use-api-graphs-in-fabric 
Python: Use API graphs in Fabric model
 2021-04-16 14:27:55 +02:00
Rasmus Wriedt Larsen
6ed1016bb8 Merge pull request #5669 from tausbn/python-use-api-graphs-for-invoke 
Python: Use API graphs for Invoke
 2021-04-16 14:27:19 +02:00
Taus
92b4eb7f02 Python: Cleanup and more explanation 
Goes into some detail about the intended semantics of local source nodes
and `flowsTo`.
 2021-04-16 11:54:20 +00:00
Geoffrey White
e1028a2765 Merge pull request #5667 from MathiasVP/use-range-analysis-in-overflow 
C++: Use range analysis in Overflow.qll
 2021-04-16 12:00:28 +01:00
Taus
5c79ad2412 Python: Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-16 11:38:29 +02:00
Taus
af0c32c01d Python: Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-16 11:35:12 +02:00
Anders Schack-Mulligen
605f28f741 Merge pull request #5686 from smowton/haby0/JsonHijacking 
Java: JSONP Injection w/cleanups
 2021-04-16 11:09:17 +02:00
Arthur Baars
07726fd979 Add some module and method tests 2021-04-16 11:07:57 +02:00
Tom Hvitved
946fcf1c82 C#: Speedup DispatchMethodOrAccessorCall::getAViableOverrider() 
In addition to improved performance, the analysis no longer applies a closed-world
assumption to type parameters. That is, if the type of a receiver is a type parameter,
then the call may target any method of a compatible receiver type, not just the
types that actually instantiate the type parameter.
 2021-04-16 10:43:17 +02:00
Tamas Vajk
b0975bb3ea Update supported C#/.NET versions 2021-04-16 09:15:43 +02:00
Rasmus Lerchedahl Petersen
a8280f9b12 Python: update test expectation 2021-04-16 08:25:29 +02:00
Rasmus Lerchedahl Petersen
0678745677 Python: refactor based on review suggestion 2021-04-16 08:22:00 +02:00
Rasmus Lerchedahl Petersen
341dbcef2e Python: simplify code following review suggestion 
also standardise on camelCase.
 2021-04-16 07:41:00 +02:00
Rasmus Lerchedahl Petersen
8aa6b1a87c Python: use standard tracking construction 2021-04-16 07:36:04 +02:00
Taus
451d36dc97 Python: Allow _some_ PostUpdateNodes 
Specifically, allow the ones arising from calls, but not reads or
writes. This should fix the tests.
 2021-04-15 21:26:12 +00:00
edvraa
a412581556 reintroduce UnsafeDeserializer 2021-04-15 22:32:42 +03:00
thank_you
a854fb8f8b Add documentation and refactor code 2021-04-15 15:22:15 -04:00
edvraa
3aedd2c1f4 Use TaintTracking2 2021-04-15 22:12:01 +03:00
Taus
c9c8259ed0 Python: Disallow PostUpdateNode as LocalSourceNode 
Previously, in cases like

```python
def foo(x):
    x.bar()
    x.baz()
    x.quux()
```

we would have flow from the first `x` to each use _and_ flow from the
post-update node for each method call to each subsequent use, and all
of these would be `LocalSourceNode`s. For large functions with the above
pattern, this would lead to a quadratic blowup in `hasLocalSource`.

With this commit, only the first of these will count as a
`LocalSourceNode`, and the blowup disappears.
 2021-04-15 17:56:14 +00:00
Andrew Eisenberg
5d827b6fc8 Actions: Change staleness calculation 
Calculate staleness on issues that have the
`Stale` label. Leave all other issues untouched.
 2021-04-15 10:14:13 -07:00
Rasmus Wriedt Larsen
3e7dc12246 Python: Port taint tests to use inline expectations 
The meat of this PR is described in the new python/ql/test/experimental/meta/InlineTaintTest.qll file:

> Defines a InlineExpectationsTest for checking whether any arguments in
> `ensure_tainted` and `ensure_not_tainted` calls are tainted.
>
> Also defines query predicates to ensure that:
> - if any arguments to `ensure_not_tainted` are tainted, their annotation is marked with `SPURIOUS`.
> - if any arguments to `ensure_tainted` are not tainted, their annotation is marked with `MISSING`.
>
> The functionality of this module is tested in `ql/test/experimental/meta/inline-taint-test-demo`.
 2021-04-15 18:00:33 +02:00
Chris Smowton
c37994089c Revert changes to unrelated query 2021-04-15 16:24:29 +01:00
Chris Smowton
254de76078 Remove unnecessary stubs 2021-04-15 16:20:27 +01:00
haby0
dedf765542 Update java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjectionLib.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-04-15 22:59:22 +08:00
Rasmus Lerchedahl Petersen
42ae5f4f7d Python: support / from the right 
Will also support both operands being paths
 2021-04-15 16:07:35 +02:00
edvraa
773556e5e0 Use hasFlow where path is not needed 2021-04-15 16:27:09 +03:00
edvraa
1581a27d3d Simplify getTarget check 2021-04-15 16:24:36 +03:00
Rasmus Wriedt Larsen
b359205d17 Python: Add taint tests for .get() in flask 2021-04-15 14:53:44 +02:00
CodeQL CI
578ce1e512 Merge pull request #5683 from asgerf/js/typescript-template-literal-type-crash 
Approved by erik-krogh
 2021-04-15 05:11:11 -07:00
Mathias Vorreiter Pedersen
7fbc62358e C++: Accept test changes after making the exprMightOverFlow predicates more sound. 2021-04-15 13:57:44 +02:00
haby0
0e183ab4a4 Finish comment 2021-04-15 19:49:06 +08:00
Chris Smowton
fa36ba901a Merge pull request #5471 from artem-smotrakov/el-injection 
Java: Query for detecting Jakarta Expression Language injections
 2021-04-15 12:39:34 +01:00
haby0
d269a7e717 CWE-598 reduction 2021-04-15 19:33:15 +08:00
haby0
216f204438 delete FilterClass 2021-04-15 19:28:25 +08:00
haby0
583d0889e2 delete tomcat-embed-core stub, update the ServletGetMethod class 2021-04-15 17:40:51 +08:00
Arthur Baars
bf556a2b53 Implement method lookup 2021-04-15 11:32:43 +02:00
Arthur Baars
5837af0936 Add MethodBase::getMethod 2021-04-15 11:32:43 +02:00
Arthur Baars
d361ef37af Rename Method -> MethodDeclaration 2021-04-15 11:32:43 +02:00
Arthur Baars
3590a2c2ac Merge pull request #164 from github/aibaars/fix-modules 
Improve module/class resolution
 2021-04-15 11:32:28 +02:00
haby0
5d05e4d224 Update java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjectionLib.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-04-15 17:28:53 +08:00
Tom Hvitved
0f24db8759 C#: Improve performance of SsaImpl::CallGraph::SimpleDelegateAnalysis 2021-04-15 11:25:27 +02:00
Asger Feldthaus
f8570bb293 JS: Update TRAP 2021-04-15 10:16:46 +01:00
Rasmus Lerchedahl Petersen
d361d999b7 Python: add some path returning functions 
that were only listed as file sytem accesses.
 2021-04-15 10:55:09 +02:00
Rasmus Lerchedahl Petersen
02e41d8018 Python: update annotations 
This because `resolve` accesses the file system,
I am open to not include that fact in the modelling.
 2021-04-15 10:49:22 +02:00
Rasmus Lerchedahl Petersen
3eb1813584 Python: update test expectations 2021-04-15 10:47:49 +02:00
Asger Feldthaus
cb736c8c82 JS: Change note 2021-04-15 09:37:57 +01:00