Erik Krogh Kristensen
62fd3fd90f
add test that we detect the used type variable in an infer type
2022-05-27 14:15:27 +00:00
Erik Krogh Kristensen
d199173923
add a getAPrimaryQlClass predicate to ExpressionWithTypeArguments
2022-05-25 16:10:13 +00:00
Erik Krogh Kristensen
efa895e912
update expected output
2022-05-25 10:33:39 +00:00
Erik Krogh Kristensen
f38d1f9a4e
merge main into ts47
2022-05-25 10:13:25 +00:00
Tom Bolton
67572bb770
Merge pull request #9193 from github/tombolton/add-counting-queries
...
JS: Add individual per-security-query counting queries
2022-05-25 10:02:28 +01:00
Michael Nebel
e9d371c650
Merge pull request #8600 from michaelnebel/csharp/dotnetruntimemodels
...
C#: Dotnet Runtime models.
2022-05-25 10:33:09 +02:00
AlexDenisov
8b131adeb1
Merge pull request #9283 from github/alexdenisov/swift-integration-tests
...
Swift: add integration tests
2022-05-25 10:04:08 +02:00
Michael Nebel
9cab92b16f
C#: Update flow summaries test after rebase. The rebase included a fix to the isAutoGenerated predicate, which means that a summary is only considered autogenerated, if no hand-written version exist. This affects the printing as well.
2022-05-25 08:28:15 +02:00
Michael Nebel
5b405bb4cf
C#: Update FlowSummaries test with generated printing (needed due to rebase).
2022-05-25 08:28:15 +02:00
Michael Nebel
ba7238d6e2
C#: Update XML Injectiont test output after rebase (query has been turned into a path-problem and the output is now affected by the added summaries for NameValueCollection).
2022-05-25 08:28:15 +02:00
Michael Nebel
75532432af
C#: Update flow summaries test (note that the test doesn't correctly print the generated flag at the moment).
2022-05-25 08:28:15 +02:00
Michael Nebel
c8ede58704
C#: Flow summaries has now been added for Exception stack trace, but not for ToString. The latter will be encoded as an extra taintstep in the analysis. To reduce noise for all uses of an exception itself an isSanitizerIn is introduced.
2022-05-25 08:28:15 +02:00
Michael Nebel
4d6d1c8376
C#: Since NameValueCollection now has a flow summary for the string indexer it is no longer consider an unsafe external api, which is why it has disappared from the result.
2022-05-25 08:28:14 +02:00
Michael Nebel
ee027f845c
C#: Since NameValueCollection now has a flow summary for the indexer it is considered a SafeExternalApiCallable and will thus not be included in the result of the test.
2022-05-25 08:28:14 +02:00
Michael Nebel
268230ef19
C#: Add QlDoc to the Generated file.
2022-05-25 08:28:14 +02:00
Michael Nebel
e2d6cd20c7
C#: Update tests due to new summaries for ProcessStartInfo.
2022-05-25 08:28:14 +02:00
Michael Nebel
9b8636aa23
C#: Update test because we now have a flow summary the string indexer for NameValueCollection.
2022-05-25 08:28:14 +02:00
Michael Nebel
d9c7ba471d
C#: Update taint steps test as the generated models now include a model for the getters for KeyValuePair (we only had manual summaries for the constructor).
2022-05-25 08:28:14 +02:00
Michael Nebel
f8e729025f
C#: Add generated Dotnet Runtime summary models that allows to up two reads and two stores and update flow summaries test.
2022-05-25 08:28:14 +02:00
Michael Nebel
3b62b45ea8
C#: Add generated framework models to ExternalFlow.
2022-05-25 08:28:14 +02:00
Tom Hvitved
efda248bea
Merge pull request #9315 from michaelnebel/swift/dataflowsync
...
Swift: Sync changes to DataFlowImplCommon from PR #9024 .
2022-05-25 08:24:15 +02:00
Michael Nebel
5f3a039c65
Swift: Sync changes to DataFlowImplCommon from PR #9024 .
2022-05-25 08:05:22 +02:00
Erik Krogh Kristensen
2da001ebd7
bump TypeScript version to stable release
2022-05-24 22:55:59 +02:00
Robert Marsh
8cc509e5e9
Merge pull request #9275 from MathiasVP/swift-add-dataflow-lib
...
Swift: Add shared dataflow library
2022-05-24 15:11:42 -04:00
Robert Marsh
54ac36718c
Merge pull request #9284 from MathiasVP/more-cfg-for-exprs
...
Swift: CFG for `TypeExpr`, `MemberRefExpr`, `DefaultArgumentExpr` and `ForceValueExpr`
2022-05-24 14:51:26 -04:00
Chris Smowton
98ef22358e
Merge pull request #9213 from smowton/smowton/fix/inherited-single-abstract-method
...
Kotlin: fix implementation of SAM classes that inherit their abstract method
2022-05-24 18:22:55 +01:00
Ian Lynagh
2e1db7ddcd
Merge pull request #9290 from igfoo/igfoo/kotlin1.7
...
Kotlin: Add support for the 1.7 RC
2022-05-24 16:16:19 +01:00
Nick Rolfe
dd52a70454
Merge pull request #9292 from github/nickrolfe/cfg_scope
...
Ruby: rename CfgScope::Range_ to CfgScopeImpl
2022-05-24 15:53:16 +01:00
Michael Nebel
daace0fe68
Merge pull request #9270 from michaelnebel/csharp/summarized-callable-fix
...
C#: Summarized callable
2022-05-24 16:36:44 +02:00
Jeroen Ketema
1075a141a4
Merge pull request #9293 from jketema/query-typo
...
C++: Fix missing closing quote in `cpp/potential-buffer-overflow` qldoc
2022-05-24 16:16:57 +02:00
Ian Lynagh
81e876a27b
Kotlin: Update build.gradle to include the 1.7.0 RC
2022-05-24 15:14:17 +01:00
Ian Lynagh
d7c17b2bac
Kotlin: Add more withHasQuestionMark.kt's
2022-05-24 15:12:29 +01:00
Ian Lynagh
398f86bcc3
Kotlin: Build system tweaks
2022-05-24 15:11:35 +01:00
Ian Lynagh
f46a7c0a0f
Kotlin: Add 1.7.0 RC
2022-05-24 15:11:13 +01:00
Ian Lynagh
846edf825a
Kotlin: Use withHasQuestionMark wrapper
2022-05-24 15:10:39 +01:00
Ian Lynagh
807f03a878
Kotlin: Add withHasQuestionMark for older releases
2022-05-24 15:10:39 +01:00
Ian Lynagh
4448ba1111
Kotlin: Add compatibility source for 1.7.0-RC
2022-05-24 15:10:39 +01:00
Ian Lynagh
078733c5fe
Merge pull request #9263 from tamasvajk/kotlin-versions
...
Kotlin: Add support for versions 1.5.0, 1.5.10, and 1.5.21
2022-05-24 15:10:09 +01:00
tombolton
91fa17a05e
simplify imports in counting queries
2022-05-24 15:02:26 +01:00
tombolton
7e32614c25
refactor counting code into a library
2022-05-24 15:02:26 +01:00
tombolton
33964383d7
add individual per-security-query counting queries
2022-05-24 15:02:26 +01:00
Jeroen Ketema
f93fde564b
C++: Fix missing closing quote in cpp/potential-buffer-overflow qldoc
2022-05-24 15:36:37 +02:00
Nick Rolfe
4b4a15c1b6
Ruby: rename CfgScope::Range_ to CfgScopeImpl
2022-05-24 14:34:44 +01:00
Chris Smowton
edb678f7d0
Rename function
2022-05-24 14:15:40 +01:00
Tom Hvitved
728ccafe2b
Merge pull request #9024 from hvitved/dataflow/content-flow-lib
...
Data flow: Introduce `ContentDataFlow.qll`
2022-05-24 15:09:16 +02:00
Tom Hvitved
d61f6453d0
Merge pull request #8942 from hvitved/ruby/dataflow/hashes
...
Ruby: Data-flow through hashes
2022-05-24 14:48:55 +02:00
Tom Hvitved
1ae8087379
Update ruby/ql/lib/codeql/ruby/frameworks/core/Hash.qll
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-05-24 14:27:59 +02:00
Tom Hvitved
daf81ae90d
Address review comments
2022-05-24 14:27:59 +02:00
Tom Hvitved
ab46c075f7
Ruby: Add change note
2022-05-24 14:27:58 +02:00
Tom Hvitved
63c70b9e7a
Address review comments
2022-05-24 14:27:58 +02:00
Tom Hvitved
faf24a4f18
Ruby: Data-flow through hashes
2022-05-24 14:27:55 +02:00
Arthur Baars
6781a76b96
Merge pull request #9206 from aibaars/instance-variable-flow
...
Ruby: flow through instance variables
2022-05-24 14:02:33 +02:00
Tamás Vajk
730f54ade2
Merge pull request #9280 from tamasvajk/kotlin-map-kj-properties
...
Kotlin: Fix missing kotlin to java property mapping
2022-05-24 13:16:29 +02:00
Chris Smowton
ae56b823e0
Merge pull request #9282 from github/smowton/admin/go-tests-owner
...
Change owner of Go-related workflows
2022-05-24 11:47:09 +01:00
Chris Smowton
71017a3b44
Alphabetically sort workflow codeowners
2022-05-24 11:20:51 +01:00
Erik Krogh Kristensen
2423c77b0c
Merge pull request #9281 from erik-krogh/jsQL
...
JS: various QL-for-QL fixes
2022-05-24 12:12:31 +02:00
Ian Lynagh
07e450d513
Merge pull request #9269 from igfoo/igfoo/cfg
...
Kotlin: Fix CFG
2022-05-24 10:53:00 +01:00
Alex Denisov
fa09078976
Swift: do not keep trap files for tests
2022-05-24 11:48:45 +02:00
Alex Denisov
8e8da66325
Swift: share .gitignore across all tests
2022-05-24 11:48:06 +02:00
Chris Smowton
fd60ab420d
Merge pull request #9278 from github/dependabot/github_actions/actions/setup-go-3
...
Bump actions/setup-go from 1 to 3
2022-05-24 10:24:31 +01:00
Mathias Vorreiter Pedersen
3e1a6a777e
Swift: Accept test changes.
2022-05-24 10:22:06 +01:00
Mathias Vorreiter Pedersen
dda60abfef
Swift: Add CFG for a couple more expressions.
2022-05-24 10:21:04 +01:00
Erik Krogh Kristensen
b2d3a7dca5
add change-note for the public renamed predicate
2022-05-24 11:20:08 +02:00
Alex Denisov
528f6f73c5
Swift: add integration tests
2022-05-24 11:12:35 +02:00
Mathias Vorreiter Pedersen
7752a38ee5
Merge pull request #9274 from MathiasVP/swift-extract-semantics-and-accessor-kinds
...
Swift: Extract semantics and accessor kinds
2022-05-24 10:12:30 +01:00
Chris Smowton
bd06a071c4
Change owner of Go-related workflows
2022-05-24 10:11:36 +01:00
Erik Krogh Kristensen
a404a8c61a
use more set literals instead of big disjunctions
2022-05-24 11:09:10 +02:00
Erik Krogh Kristensen
b48806968c
delete redundant import
2022-05-24 11:02:41 +02:00
Erik Krogh Kristensen
395ec106b9
remove unused field
2022-05-24 11:02:18 +02:00
Mathias Vorreiter Pedersen
21641eb1cd
Swift: Make the 'semantics.ql' test plantform-independent.
2022-05-24 10:00:14 +01:00
Erik Krogh Kristensen
d58fe8e193
add explicit this
2022-05-24 10:59:13 +02:00
Erik Krogh Kristensen
d1ad08ecb5
fix misspellings in predicate names
2022-05-24 10:57:13 +02:00
Tom Hvitved
6345816acf
Rework ContentDataFlow implementation
2022-05-24 10:34:06 +02:00
Mathias Vorreiter Pedersen
be453142b8
Merge pull request #8730 from geoffw0/reachesperf
...
C++: Better join order for reachesWithoutAssignment.
2022-05-24 09:22:21 +01:00
Jeroen Ketema
05f09919b0
Merge pull request #9276 from jketema/upgrade-script-script
...
Support Go and Swift in the `prepare-db-upgrade` script
2022-05-24 10:09:31 +02:00
Tamas Vajk
5a54218ac7
Kotlin: Fix missing kotlin to java property mapping
2022-05-24 10:03:17 +02:00
Tamas Vajk
19400249a9
Kotlin: Add test for missing kotlin to java property mapping
2022-05-24 10:02:32 +02:00
Mathias Vorreiter Pedersen
a0659072b5
Swift: Add tests and accept test changes.
2022-05-24 09:00:34 +01:00
Mathias Vorreiter Pedersen
cf5f1e593e
Swift: Extract new entities.
2022-05-24 08:57:05 +01:00
Mathias Vorreiter Pedersen
cdb081eaec
Swift: Update schema and update generated files.
2022-05-24 08:57:05 +01:00
Michael Nebel
42be60ea57
C#: Address codereview comments.
2022-05-24 08:21:39 +02:00
Michael Nebel
a8b103b89c
Java: Update dependencies.
2022-05-24 08:21:39 +02:00
Michael Nebel
94664f11f5
C#/Java/Ruby: Sync files.
2022-05-24 08:21:39 +02:00
Michael Nebel
eed02a2a9f
C#: Fix issue with isAutoGenerated predicate and make sure that data flow only use relevant summaries.
2022-05-24 08:21:38 +02:00
dependabot[bot]
dfa9d9ff85
Bump actions/setup-go from 1 to 3
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 1 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v1...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-05-24 03:39:16 +00:00
Arthur Baars
8248f607e4
Merge pull request #9277 from github/aibaars/go-test-workflow
...
Go: trigger CI jobs on Go related changes only
2022-05-23 23:51:34 +02:00
Aditya Sharad
7853ea607f
Merge pull request #9243 from github/adityasharad/merge-codeql-go-docs
...
Docs: Update references to github/codeql-go
2022-05-23 14:37:23 -07:00
Arthur Baars
7a85ab1690
Go: trigger CI jobs on Go related changes only
2022-05-23 21:25:27 +02:00
Erik Krogh Kristensen
aa01cf11c2
Merge pull request #9125 from erik-krogh/exportObj
...
JS: recognize functions that return object of methods as library input
2022-05-23 19:57:34 +02:00
Erik Krogh Kristensen
0c10927adc
Merge pull request #9261 from erik-krogh/passport
...
JS: remove support for passport in the session-fixation query
2022-05-23 19:56:42 +02:00
Aditya Sharad
42f2fc2287
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-05-23 10:55:50 -07:00
Jeroen Ketema
34df9dc835
Support Go and Swift in the prepare-db-upgrade script
2022-05-23 19:09:00 +02:00
Mathias Vorreiter Pedersen
9b67912da2
Updated sync-identical-files.
2022-05-23 18:04:32 +01:00
Mathias Vorreiter Pedersen
f46fc34481
Swift: Add skeleton for shared dataflow library.
2022-05-23 18:03:47 +01:00
Mathias Vorreiter Pedersen
b681a10bfe
Swift: Add shared SSA library.
2022-05-23 18:01:43 +01:00
Arthur Baars
cf2eb0d3a1
Merge branch 'main' into instance-variable-flow
2022-05-23 18:48:51 +02:00
Chuan-kai Lin
d3ebc814f5
Merge pull request #8631 from github/cklin/merge-codeql-go
...
Merge codeql-go repository into codeql
2022-05-23 09:22:28 -07:00
Mathias Vorreiter Pedersen
9b0d84c1a3
Merge pull request #9268 from MathiasVP/swift-add-cfg-library
...
Swift: Extend AST classes and add control-flow library
2022-05-23 16:37:51 +01:00
Harry Maclean
905a37c273
Merge pull request #9137 from hmac/hmac/cfg-ql-class
...
Ruby: Add getAPrimaryQlClass to CfgNodes classes
2022-05-23 15:37:51 +01:00
Mathias Vorreiter Pedersen
358a8aba7a
Merge pull request #8994 from HansmannThibaut/main
...
C/C++ : Wrong Uint access
2022-05-23 15:31:23 +01:00
Mathias Vorreiter Pedersen
4ba29845e9
Swift: Fix Code Scanning alerts.
2022-05-23 15:18:36 +01:00
Ian Lynagh
8e64978ffd
Kotlin: Autoformat
2022-05-23 14:51:41 +01:00
Geoffrey White
dcbd5dd98a
Merge branch 'main' into reachesperf
2022-05-23 14:49:32 +01:00
Taus
3745526d69
Merge pull request #9108 from RasmusWL/promote-pam
...
Python: Promote `py/pam-auth-bypass`
2022-05-23 15:27:12 +02:00
Mathias Vorreiter Pedersen
ba28632c96
Update cpp/ql/src/experimental/Best Practices/WrongUintAccess.qhelp
2022-05-23 14:11:13 +01:00
CodeQL CI
04ca9cfaf4
Merge pull request #9234 from asgerf/js/api-graph-accessors
...
Approved by erik-krogh
2022-05-23 06:08:50 -07:00
Erik Krogh Kristensen
aadbc989ce
fix typo in comment
...
Co-authored-by: Asger F <asgerf@github.com >
2022-05-23 15:07:29 +02:00
Harry Maclean
ae3a30256b
Ruby: Add getAPrimaryQlClass to CfgNode
2022-05-23 14:02:23 +01:00
Tom Hvitved
64be958c52
Merge pull request #9262 from hvitved/ruby/local-source-node-antijoin
...
Ruby: Eliminate bad `isLocalSourceNode` antijoin
2022-05-23 14:36:03 +02:00
Tamas Vajk
ccc6d2501a
Kotlin: adjust build scripts to include versions 1.5.0, 1.5.10, and 1.5.21
2022-05-23 14:19:53 +02:00
Tamas Vajk
0dfbe7adfb
Kotlin: Add 1.5.21 specific files
2022-05-23 14:19:53 +02:00
Tamas Vajk
9df9d3ad03
Kotlin: Add 1.5.10 specific files
2022-05-23 14:19:53 +02:00
Tamas Vajk
83a1f687a1
Kotlin: Add 1.5.0 specific files
2022-05-23 14:19:52 +02:00
Erik Krogh Kristensen
ba844aa0ab
Merge branch 'main' into exportObj
2022-05-23 14:18:31 +02:00
yoff
23d64ffa04
Merge pull request #9135 from tausbn/python-modernise-py-jinja2-autoescape-false
...
Python: Modernise py/jinja2/autoescape-false
2022-05-23 14:18:06 +02:00
Mathias Vorreiter Pedersen
2882c42698
Swift: Sync identical files.
2022-05-23 13:13:26 +01:00
Mathias Vorreiter Pedersen
6540e1e8bf
Swift: Share 'ControlFlowGraphImplShared.qll' for Swift with Ruby and C#.
2022-05-23 13:12:45 +01:00
Mathias Vorreiter Pedersen
e98728b788
Swift: Fix casing on import alias.
2022-05-23 13:08:09 +01:00
Mathias Vorreiter Pedersen
83bcb53199
Swift: Add tests accept test changes.
2022-05-23 13:05:55 +01:00
Tamás Vajk
487425670e
Merge pull request #9229 from tamasvajk/kotlin-df-fix-list
...
Kotlin: extract non-private members of class supertypes
2022-05-23 14:04:31 +02:00
Mathias Vorreiter Pedersen
9f8fbd7aa7
Swift: Add control-flow library.
2022-05-23 12:59:06 +01:00
Mathias Vorreiter Pedersen
26f0d3ac43
Swift: Add helper predicates on AST classes
2022-05-23 12:51:51 +01:00
Paolo Tranquilli
06a8cf6f1e
Merge pull request #9198 from github/redsun82/swift-self-contained-cpp-code-gen
...
Swift: make C++ code generation more self-contained
2022-05-23 13:45:58 +02:00
Asger F
0929f5eb49
JS: Update test assertions to new syntax
2022-05-23 13:12:52 +02:00
Asger Feldthaus
33dac5e95f
JS: API graph support for accessors (and classes)
2022-05-23 13:12:52 +02:00
Tom Hvitved
9cc9991c74
C#: Update ContentDataFlow test
...
Illustrates missing flow when the sink is inside a method that is also part of
a `subpath`.
2022-05-23 13:05:28 +02:00
Paolo Tranquilli
1e9fcfb338
Merge pull request #9265 from github/redsun82/swift-rm-codeqlmanifest
...
Swift: remove `.codeqlmanifest`
2022-05-23 13:00:58 +02:00
Erik Krogh Kristensen
7a3bbede1b
remove support for passport in the session-fixation query
2022-05-23 12:55:11 +02:00
Paolo Tranquilli
63f5a86699
Merge pull request #9264 from github/redsun82/swift-fix-ndebug-build
...
Swift: fix extractor built with `NDEBUG`
2022-05-23 12:50:49 +02:00
Paolo Tranquilli
a3f6682bbb
Swift: remove .codeqlmanifest
...
The extractor pack entry in there has been moved to the root manifest.
2022-05-23 12:49:08 +02:00
Paolo Tranquilli
ea6a249fee
Swift: fix extractor built with NDEBUG
...
There was a call with side effects in an `assert`, that was therefore
not being called with `NDEBUG` turned on, changing extractor results.
2022-05-23 12:35:54 +02:00
Ian Lynagh
62ece16cf4
Kotlin: Accept test changes
2022-05-23 11:27:22 +01:00
Ian Lynagh
42da7c6c58
Kotlin: Fix CFG
2022-05-23 11:27:22 +01:00
Arthur Baars
965f83e198
Reformat ControlFlowGraphImpl.qll
2022-05-23 12:22:47 +02:00
Arthur Baars
eabf2ed2d3
Apply suggestions from code review
...
Co-authored-by: Tom Hvitved <hvitved@github.com >
2022-05-23 12:18:48 +02:00
Tom Hvitved
d6b0772f7c
Ruby: Improve performance of instanceVariableSelfSynthesis
2022-05-23 12:08:41 +02:00
Arthur Baars
d86983b7c8
Ruby: use InstanceVariableRead/WriteAccess CFG nodes
2022-05-23 12:03:11 +02:00
Arthur Baars
5fa4f07f7d
Improve QLDoc
2022-05-23 11:59:28 +02:00
Arthur Baars
7ed60b19a2
Ruby: improve test case
2022-05-23 11:59:12 +02:00
Arthur Baars
29ea1b2f24
Ruby: rename getSelfVariableAccess to getReceiver
2022-05-23 11:30:29 +02:00
Arthur Baars
f6ca3921f9
Add change note
2022-05-23 10:59:54 +02:00
Tom Hvitved
bbdedf5f14
Ruby: Eliminate bad isLocalSourceNode antijoin
...
Gets rid of
```
Tuple counts for DataFlowPrivate::Cached::isLocalSourceNode#462ff392#f#antijoin_rhs@dd2f927s:
20905019 ~3% {2} r1 = JOIN DataFlowPrivate::Cached::TExprNode#462ff392#ff_1#higher_order_body WITH boundedFastTC(DataFlowPrivate::Cached::localFlowStepTypeTracker#462ff392#ff_10#higher_order_body,DataFlowPrivate::Cached::TExprNode#462ff392#ff_1#higher_order_body) ON FIRST 1 OUTPUT Rhs.1, Lhs.0
10420128 ~1496% {1} r2 = JOIN r1 WITH DataFlowPrivate::Cached::TExprNode#462ff392#ff_1#higher_order_body ON FIRST 1 OUTPUT Lhs.1
480918 ~8% {1} r3 = JOIN r1 WITH DataFlowPrivate::Cached::entrySsaDefinition#462ff392#f ON FIRST 1 OUTPUT Lhs.1
10901046 ~1218% {1} r4 = r2 UNION r3
return r4
```
2022-05-23 10:54:17 +02:00
Tamas Vajk
4732793fb6
Change type tests
...
Linux and MacOS produced different results, so the queried types are now limited to ones that are visible in the source code.
2022-05-23 10:39:22 +02:00
Tamas Vajk
d3e64f5135
Kotlin: extract non-private members of class supertypes
2022-05-23 10:39:22 +02:00
Tamas Vajk
b0c6db4cfc
Kotlin: add missing dataflow test for List::iterator
2022-05-23 10:39:22 +02:00
Tamas Vajk
ab920d31dc
Repro for kotlin-java difference with generic types
2022-05-23 10:39:22 +02:00
Michael Nebel
bf958ff5bb
Merge pull request #9255 from michaelnebel/csharp/test-clearscontent
...
C#: Remove default clears content.
2022-05-23 10:30:30 +02:00
Michael Nebel
c82ab6813f
Merge pull request #9256 from michaelnebel/csharp/test-ranking
...
C#: Rank summaries and source code in dataflow callables.
2022-05-23 10:29:52 +02:00
Anders Schack-Mulligen
f2218944f6
Merge pull request #9214 from hvitved/dataflow/lambda-fp-flow
...
Data flow: Do not discard call context when computing reverse lambda flow through jumps
2022-05-23 10:02:51 +02:00
Michael Nebel
217c414b6e
C#: Now that SummarizedCallableDefaultClears content has been removed, we need to explicitly say that fields are cleared.
2022-05-23 08:58:09 +02:00
Michael Nebel
ddde1d4607
C#: Remove default clears content.
2022-05-22 15:16:44 +02:00
Michael Nebel
f141336f64
C#: Fake location of methods as we want to use the defined summaries for testing purposes.
2022-05-22 15:14:58 +02:00
Michael Nebel
9f611d79ac
C#: Rank summaries and source code such that only one is used.
2022-05-22 15:14:19 +02:00
Chris Smowton
5119de8d22
Merge pull request #9238 from atorralba/atorralba/remove-xxe-sinks
...
Java: Remove org.dom4j.DocumentHelper:parseText as XXE sink
2022-05-21 17:33:06 +01:00
Erik Krogh Kristensen
7971b54771
Merge pull request #8891 from erik-krogh/qlMergeFix
...
QL: point the dataset measure workflow to a merge_stats.py file that exists
2022-05-20 22:33:59 +02:00
Aditya Sharad
4d74282175
Actions: Avoid cloning codeql-go when building query list docs
2022-05-20 12:10:21 -07:00
Aditya Sharad
beddd306f5
Docs: Update references to github/codeql-go
...
github/codeql-go is being merged into github/codeql.
Update references to `codeql-go` within the CodeQL CLI docs.
Add Go to the list of mentioned languages where applicable.
Leave an explanatory note in the setup instructions about the
previous requirement to check out `github/codeql-go`, and
mention this is no longer necessary.
The remaining references are to historical commits,
which will continue to exist.
2022-05-20 12:10:21 -07:00
Chuan-kai Lin
7f96319b37
Clean up direct references to codeql-go
...
This commit removes special handling of the github/codeql-go repository in the
ql-for-ql-dataset_measure.yml and the query-list.yml workflows.
2022-05-20 10:23:48 -07:00
Chuan-kai Lin
827c7ab153
Go: fix search and tool paths for 'make test'
2022-05-20 10:22:47 -07:00
Arthur Baars
7bc6c10f5b
Go: fix search-path for 'make test'
2022-05-20 10:22:47 -07:00
Chuan-kai Lin
c58b5397c2
Go: delete test qhelp file
...
There shouldn't be qhelp files in the ql/test tree.
https://github.com/github/codeql/pull/8631#issuecomment-1087316116
2022-05-20 10:22:47 -07:00
Chuan-kai Lin
1276c41e83
codeql-go merge prep: integrate go/ into codeql
2022-05-20 10:22:47 -07:00
Chuan-kai Lin
097d5189e9
Merge branch 'main' into cklin/merge-codeql-go-prep
2022-05-20 10:22:19 -07:00
Chuan-kai Lin
aa514fff32
codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00
Arthur Baars
439dcc0731
Merge pull request #9241 from aibaars/fix-history
...
Kotlin changes
2022-05-20 17:31:57 +02:00
Arthur Baars
f3f0e06127
Merge branch 'main' into fix-history
2022-05-20 17:20:42 +02:00
Paolo Tranquilli
f2bc73bf8f
Merge pull request #9239 from github/redsun82/swift-visitors
...
Swift: transfer all visitors
2022-05-20 16:38:06 +02:00
Arthur Baars
68aeb2ba85
Update test output
2022-05-20 16:30:58 +02:00
Arthur Baars
d9c2b78aa2
Ruby: flow through instance variables
2022-05-20 16:30:58 +02:00
Paolo Tranquilli
fc165c1975
Swift: remove IDE generated comment header
2022-05-20 16:25:33 +02:00
Paolo Tranquilli
f52a849ab8
Merge branch 'main' into redsun82/swift-self-contained-cpp-code-gen
2022-05-20 16:16:35 +02:00
Tamás Vajk
144937a753
Merge pull request #9154 from tamasvajk/kotlin-error-warning-1
...
Kotlin: Adjust diagnostic message severity
2022-05-20 16:12:39 +02:00
Paolo Tranquilli
e6f2ab003c
Swift: remove empty DB-CHECK.expected files
2022-05-20 16:01:56 +02:00
Paolo Tranquilli
b0668ee6c2
Swift: remove unused decl properties
2022-05-20 15:42:28 +02:00
Paolo Tranquilli
553930d9e3
Swift: type visitor
...
This transfers the current state of `TypeVisitor` from the
proof-of-concept.
2022-05-20 15:42:20 +02:00
Paolo Tranquilli
922608c65a
Swift: expression visitor
...
This transfers the current status of `ExprVisitor` from the
proof-of-concept, together with some changes required for swift 5.6.
2022-05-20 15:41:27 +02:00
Paolo Tranquilli
3f45b73d62
Swift: pattern visitor
...
This transfers the current state of `PatternVisitor` from the
proof-of-concept.
2022-05-20 15:41:27 +02:00
Paolo Tranquilli
19506dae74
Swift: statement visitor
...
This transfers the current state of `StmtVisitor` in the PoC, plus some
changes required for the update to swift 5.6.
Also `getLabel` in `SwiftDispatcher` got renamed to `createLabel`, and
is now correctly outputting the label assignment to the trap file.
2022-05-20 15:41:27 +02:00
Paolo Tranquilli
d6ced16aa8
Swift: declaration visitor
...
This transfers the current state of `DeclVisitor` from the
proof-of-concept.
TODO: make the `declarations` tests in `extractor-tests` more
comprehensive.
2022-05-20 15:41:22 +02:00
Paolo Tranquilli
da7e700a8f
Merge pull request #9185 from github/redsun82/swift-tbd-rework
...
Swift: move TBD code to ql
2022-05-20 15:39:31 +02:00
Stephan Brandauer
cdceb66b07
add test for moduleSuffixes
2022-05-20 15:10:13 +02:00
Ian Lynagh
6652c27591
Merge pull request #9236 from igfoo/igfoo/kotlinc
...
Kotlin: Use 'which' to find kotlinc
2022-05-20 14:06:59 +01:00
Tamas Vajk
7aafc5f88c
Kotlin: Adjust diagnostic message severity
...
Make extraction messages `warning` if code is still extracted regardless of the reported issue. Make extraction messages `error` if some code is not extracted.
2022-05-20 14:55:16 +02:00
Ian Lynagh
73759705ae
Merge pull request #9121 from github/igfoo/mjson
...
Kotlin: Write the log file as Line-delimited JSON
2022-05-20 13:51:20 +01:00
Tony Torralba
98f70dc7d3
Remove org.dom4j.DocumentHelper:parseText as XXE sink
2022-05-20 14:45:26 +02:00
Tony Torralba
aba4a9aa4a
Merge pull request #9233 from atorralba/atorralba/fix-field-init-test
...
Kotlin: Fix test to correctly highlight lack of flow from field init
2022-05-20 14:37:22 +02:00
Stephan Brandauer
d6abb2e6bd
add new supported file types to versions-compilers.rst
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-05-20 14:34:53 +02:00
Stephan Brandauer
cb4b2e983b
delete test of removed feature
2022-05-20 14:33:07 +02:00
Ian Lynagh
3fd61581b3
Kotlin: Call the right kotlinc
2022-05-20 12:59:04 +01:00
Ian Lynagh
44efb34447
Kotlin: Use 'which' to find kotlinc
...
This means we handle kotlinc.batr and kotlinc.cmd on Windows.
2022-05-20 12:44:55 +01:00
Stephan Brandauer
813fbf27de
support for .mts and .cts file extensions
2022-05-20 13:33:52 +02:00
Ian Lynagh
4eddb6224b
Kotlin: Format a query
2022-05-20 12:07:35 +01:00
Ian Lynagh
df9f75832c
Kotlin: Fix diagnostics test
2022-05-20 12:07:35 +01:00
Ian Lynagh
f7fa00ef6c
Kotlin: Accept test output
2022-05-20 12:07:35 +01:00
Ian Lynagh
d6f8342431
Kotlin: Write the log file as Line-delimited JSON
2022-05-20 12:07:35 +01:00
Ian Lynagh
b5ad6f9c04
Kotlin: Add a LogMessage class
2022-05-20 12:07:35 +01:00
Ian Lynagh
d900c3d994
Merge pull request #9221 from smowton/smowton/admin/handle-missing-kotlinc-gracefully
...
Kotlin: Handle missing kotlinc gracefully
2022-05-20 12:06:06 +01:00
Ian Lynagh
d2cb1aa89c
Merge pull request #9218 from igfoo/igfoo/geninst
...
Kotlin: Avoid "generic specialisation" label collisions
2022-05-20 11:42:22 +01:00
Ian Lynagh
9844ae703e
Merge pull request #9219 from igfoo/igfoo/livelits
...
Improve LiveLiterals
2022-05-20 11:42:16 +01:00
Anders Schack-Mulligen
8beef45599
Merge pull request #9195 from aschackmull/java/perf-local-flow
...
Java: Performance fixes for local flow relation
2022-05-20 12:38:02 +02:00
Tony Torralba
775b53b7b4
Fix test to correctly highlight lack of flow from field init
2022-05-20 12:36:10 +02:00
Paolo Tranquilli
09967bfd42
Swift: add comment about CRTP
2022-05-20 12:35:58 +02:00
Paolo Tranquilli
f5b2c31a3c
Swift: rename DispatcherWrapper to VisitorBase
2022-05-20 12:25:45 +02:00
Paolo Tranquilli
da00bf99a1
Swift: move TBD code to ql
...
This allows to avoid bypassing label type correcness in the extractor,
and allows to independently resolve TBD extractions, as with this
approach TBD nodes do have the correctly typed trap label. The TBD
status is now a predicate on the QL side.
This requires:
* a default visit using the correct type, which is achieved via macro
metaprogramming in `VisitorBase.h`, following the way
`swift::ASTVisitor` is programmed
* a mapping from labels to corresponding binding trap entries. The
functor is defined in `TrapTagTraits.h` and instantiated in generated
`TrapEntries.h`
* Binding trap entries for TBD unknown entities must not have any other
field than the `id` (after all, we are supposed to not extract them
yet). This is why all unextracted fields in `schema.yml` have been
commented out, and will be uncommentend when visitors are added
2022-05-20 09:52:27 +02:00
Michael Nebel
20af134ff0
Merge pull request #9210 from michaelnebel/dataflow/summarizedcallablerefactor
...
DataFlow - SummarizedCallable refactor
2022-05-20 09:32:30 +02:00
Tamás Vajk
3407b0f055
Merge pull request #9152 from tamasvajk/kotlin-fix-parcelize-reflection-1
...
Kotlin: Fix extraction of reflective call generated by Parcelize
2022-05-20 09:06:21 +02:00
Chris Smowton
d9f65fe34f
Handle missing kotlinc gracefully
2022-05-19 21:54:18 +01:00
Chris Smowton
e80254b0a6
Fix generated implementation of an inherited single abstract method
...
For example, UnaryOperator<T> extends Function<T, T> without overriding / defining its own `apply` method.
2022-05-19 20:57:54 +01:00
Ian Lynagh
f918b2e763
Merge pull request #9217 from igfoo/igfoo/tweak_logging
...
Kotlin: Tweak logging
2022-05-19 18:31:40 +01:00
Tony Torralba
5498f41248
Apply code review suggestion to increase precision in getValue
2022-05-19 17:35:34 +01:00
Tony Torralba
bc84ff2031
Improve docs of LiveLiteral
...
Also remove transitive closure from calls
2022-05-19 17:35:27 +01:00
Ian Lynagh
e153f30c01
Kotlin: Avoid "generic specialisation" label collisions
...
We had a global set of labels for generic specialisations that we'd
extracted, but these labels could contain references to other labels,
and thus you can get false collisions between labels for different TRAP
files. We now only keep the set for a single TRAP file, and live with
the extra TRAP duplication that we get from that.
2022-05-19 17:29:41 +01:00
Ian Lynagh
9e3cde001a
Kotlin: Tweak logging
...
Makes it easier to filter out the peak memory info
2022-05-19 16:59:52 +01:00
Chris Smowton
01aaa6ccbf
Merge pull request #9123 from smowton/smowton/fix/type-variable-in-scope-consistency
...
Kotlin: fix cases where type variables were used out of scope
2022-05-19 16:57:41 +01:00
Tom Hvitved
3ebd4af24e
C#: Fix another test
2022-05-19 16:23:31 +02:00
Chris Smowton
c9232c075c
Autoformat
2022-05-19 15:18:10 +01:00
Stephan Brandauer
67697e1066
update meta information and release note for typescript 4.7 upgrade
2022-05-19 15:45:27 +02:00
Stephan Brandauer
0f3448dc24
update tests for typescript 4.7
2022-05-19 15:45:19 +02:00
Tom Hvitved
909ad2a61a
Address review comment
2022-05-19 15:37:18 +02:00
Tom Hvitved
f83deb6571
Data flow: Sync files
2022-05-19 15:20:43 +02:00
Tom Hvitved
a18aef23f9
Data flow: Do not discard call context when computing reverse lambda flow through jumps
2022-05-19 15:19:41 +02:00
Tom Hvitved
ea703bc49a
Ruby: Add test that illustrates false negative lambda flow
2022-05-19 15:19:34 +02:00
Ian Lynagh
d18e03cf9a
Merge pull request #9212 from igfoo/igfoo/kotlin_mem
...
Kotlin: Log peak memory usge before and after extractor
2022-05-19 14:01:07 +01:00
Ian Lynagh
e319ab1b70
Kotlin: Format a query
2022-05-19 13:56:04 +01:00
Chris Smowton
1039e29b90
Adjust test result
2022-05-19 13:42:28 +01:00
Michael Nebel
575b8376f3
C#: Update Flow summaries QL test code based on refactor.
2022-05-19 14:41:24 +02:00
Chris Smowton
4f08981586
Expand warning message to note that there are known Java extractor bugs relating to this query
2022-05-19 13:37:18 +01:00
Ian Lynagh
9b40724dcb
Kotlin: Log peak memory usge before and after extractor
...
Ideally this would be in a more JSON-friendly format, and also in the
database, but this at least makes the information available.
2022-05-19 13:36:11 +01:00
AlexDenisov
480c6b985b
Merge pull request #9211 from github/redsun82/swift-no-pip-install
...
remove `pip install` mention from README.md
2022-05-19 13:55:14 +02:00
Tom Hvitved
0a52420581
C#: Add ContentDataFlow test
2022-05-19 13:28:56 +02:00
Tom Hvitved
2b2ac06128
Data flow: Sync files
2022-05-19 13:28:56 +02:00
Tom Hvitved
bd9b6567c7
Data flow: Introduce ContentDataFlow.qll
2022-05-19 13:28:56 +02:00
Michael Nebel
ff1e6637ac
C#: Fix issue with summaryElement predicate.
2022-05-19 13:06:24 +02:00
Chris Smowton
e722c99218
Autoformat
2022-05-19 11:55:31 +01:00
Chris Smowton
4f54bb66b8
Accept consistency check failure
...
The Java extractor assigns a type with unbound type variables to the result of ImmutableSortedMap.of calls.
2022-05-19 11:55:31 +01:00
Chris Smowton
ea9aa59627
Add test
2022-05-19 11:55:31 +01:00
Chris Smowton
8a90ddefbb
Accept test changes
...
These are mainly moving the source locations and type specialisations in SAM-converted methods.
2022-05-19 11:55:31 +01:00
Chris Smowton
ada31f3075
Distinguish result type parameter names
...
This makes debugging a little easier.
2022-05-19 11:55:31 +01:00
Chris Smowton
49c9c36daf
Type-variable-in-scope consistency query: account for all enclosing elements that declare type parameters.
2022-05-19 11:55:31 +01:00
Chris Smowton
4e15f5f8c7
Fix extracted type arguments of kotlin.jvm.functions.FunctionN
...
Previously we accidentally extracted an argument type instead of the result type.
2022-05-19 11:55:31 +01:00
Chris Smowton
102cdcdab8
Fix type substitution and source locations in SAM-converted generic interface implementations
...
For example, in implementing Producer<T> by an actual lambda of type () -> Int, the return type should be Int, not T. This produced type-variable-out-of-scope consistency check failures.
2022-05-19 11:55:31 +01:00
Chris Smowton
048a530aac
Type parameter scoping check: distinguish type arguments from type parameters
...
I had forgotten that the Java QL lib regards a ParameterizedType as either an instantiation Generic<String>, or the unbound declaration Generic<T>.
2022-05-19 11:55:31 +01:00
Chris Smowton
b09b769932
Extract type parameters without substituting their parent functions
...
Otherwise references to type variables declared on kotlin.Xyz.someFunction can refer to its Java equivalent java.Xyz.someFunction if it has one.
2022-05-19 11:55:31 +01:00
Chris Smowton
d291e0cf10
Fix typeParametersInScope consistency query
...
The selection of type variables mentioned in a particular class previously didn't work as intended, so the consistency query would always pass.
2022-05-19 11:55:31 +01:00
Paolo Tranquilli
b66f1b27b0
remove pip install mention from README.md
...
It is not needed any more since pip requirements were coded in bazel.
2022-05-19 12:47:20 +02:00
Anders Schack-Mulligen
651d9d0a44
Java: Ensure cached predicates are in the same stage.
2022-05-19 11:39:41 +02:00
Michael Nebel
22b9ef2e7b
Java: Adapt ExternalApi to refactor.
2022-05-19 11:30:36 +02:00
Anders Schack-Mulligen
0e830f6052
C#/Ruby/Java: Fix pragmas.
2022-05-19 11:26:38 +02:00
Michael Nebel
94a72ec051
Java: Refactor SummarizedCallable.
2022-05-19 11:10:58 +02:00
Michael Nebel
73802cbd6d
Ruby: Refactor SummarizedCallable.
2022-05-19 11:04:18 +02:00
Michael Nebel
be79f20ef1
C#: Refactor SummarizedCallable.
2022-05-19 11:03:50 +02:00
Stephan Brandauer
b928ca518f
update dependency version to 4.7.1-rc
2022-05-19 10:47:08 +02:00
Erik Krogh Kristensen
fff70da650
Merge pull request #9182 from erik-krogh/useStringComp
...
use string equality instead of regexps to compare constant strings
2022-05-19 10:42:37 +02:00
Tom Hvitved
eef5022e3d
Merge pull request #9014 from michaelnebel/csharp/dataflowcallablerefactor
...
C#: Dataflow callable refactoring.
2022-05-19 09:02:38 +02:00
Erik Krogh Kristensen
215a6a72cc
Merge branch 'main' into useStringComp
2022-05-18 10:55:31 +02:00
Rasmus Wriedt Larsen
6611e5b4b8
Merge branch 'main' into promote-pam
2022-05-18 10:35:39 +02:00
Anders Schack-Mulligen
a4dac9fd2b
Merge pull request #9201 from Marcono1234/marcono1234/NumericType-type-qll
...
Java: Move `NumericType` to `Type.qll`
2022-05-18 10:31:40 +02:00
Rasmus Wriedt Larsen
b54de13d97
Python: Apply suggestions from code review
...
Co-authored-by: Taus <tausbn@github.com >
2022-05-18 10:30:29 +02:00
Tom Hvitved
209a1e4bd8
Merge pull request #9202 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-05-18 10:26:55 +02:00
Tom Hvitved
5e57e82997
Merge pull request #9191 from hvitved/ruby/taint-tracking-stage
...
Ruby: Force cached taint tracking predicates to be evaluated in data flow stage
2022-05-18 09:54:38 +02:00
Anders Schack-Mulligen
af7df79289
Autoformat
2022-05-18 09:38:11 +02:00
Anders Schack-Mulligen
a4a004a322
Java: Simplify recursion prevention.
2022-05-18 09:27:55 +02:00
Anders Schack-Mulligen
d4c9fddae3
Java: Use fastTC.
2022-05-18 09:27:54 +02:00
Anders Schack-Mulligen
48ab5b2403
C#/Ruby/Java: Fix references.
2022-05-18 09:27:54 +02:00
Anders Schack-Mulligen
829eb7f7a5
C#/Ruby: Sync FlowSummaryImpl.
2022-05-18 09:27:48 +02:00
Anders Schack-Mulligen
25fda206b2
Java: Prevent accidental recursion through AdditionalValueStep.
2022-05-18 09:25:23 +02:00
Anders Schack-Mulligen
1d3b3204df
Merge pull request #9190 from hvitved/dataflow/summary-arg-param-no-materialize
...
Data flow: Do not materialize `summaryArgParam`
2022-05-18 09:17:57 +02:00
Erik Krogh Kristensen
7245591468
Merge pull request #7763 from erik-krogh/unused-field
...
QL: add unused-field query
2022-05-18 09:15:16 +02:00
Tom Hvitved
23ee033a57
C#: Review fixes
2022-05-18 07:48:21 +02:00
Michael Nebel
df6d86b9aa
C#: Use getUnderlyingCallable instead of asCallable.
2022-05-18 07:48:21 +02:00
Michael Nebel
6f7af11517
C#: Needs to be updated as SummaryParameterNodes are printed slightly different.
2022-05-18 07:48:21 +02:00
Michael Nebel
b41bb3fe08
C#: System.Web.HttpResponse.Write is now considered safe (known) and will this not show up as untrusted external API.
2022-05-18 07:48:21 +02:00
Michael Nebel
97c6d7884d
C#: Source and Sink models are now also considered summarized callables and thus considered safe as they are known external APIs.
2022-05-18 07:48:21 +02:00
Michael Nebel
aeadad62be
C#: Improve implementation.
2022-05-18 07:48:21 +02:00
Michael Nebel
26e2cad528
C#: Improve getCallable.
2022-05-18 07:48:21 +02:00
Michael Nebel
f78def5316
C#: Hide SummaryParamterNodes from path explanations.
2022-05-18 07:48:21 +02:00
Michael Nebel
220526f305
C#: Fix issues with summarized callables parameter types and other casting issues.
2022-05-18 07:48:21 +02:00
Michael Nebel
2c414b2201
C#: Add Summary parameter nodes.
2022-05-18 07:48:21 +02:00
Michael Nebel
0e3fc464a3
C#: Use SummarizedCallable external instead of the internal.
2022-05-18 07:48:20 +02:00
Michael Nebel
b578fcb069
C#: Use the external SummarizedCallable implementation.
2022-05-18 07:48:20 +02:00
Michael Nebel
4f7297715d
C#: Also extract callable from FlowSummary SummarizedCallable in DataFlowCallable.
2022-05-18 07:48:20 +02:00
Michael Nebel
3fa990a984
C#: Make sure that all callables with a summary are added to the external SummarizedCallable class.
2022-05-18 07:48:20 +02:00
Michael Nebel
4810419dfd
C#: Extend SummarizedCallable from FlowSummaryImpl.
2022-05-18 07:48:20 +02:00
Michael Nebel
eb022118f3
C#: Fix issue in ExternalApi.
2022-05-18 07:48:20 +02:00
Michael Nebel
68055bc022
C#: Update flow summaries test code.
2022-05-18 07:48:20 +02:00
Michael Nebel
c8a7354086
C#: Refactor to align implementation between languages.
2022-05-18 07:48:20 +02:00
Michael Nebel
0d61a2c797
C#: Add QL doc to SummarizedCallable.
2022-05-18 07:48:20 +02:00
Michael Nebel
2f2ca18898
C#: Update dependencies.
2022-05-18 07:48:20 +02:00
Michael Nebel
e70a283cfd
C#: Initial refactor of SummarizedCallable and DataFlowCallable (dependencies needs to be updates).
2022-05-18 07:48:19 +02:00
github-actions[bot]
91694b4bac
Add changed framework coverage reports
2022-05-18 00:15:25 +00:00
Marcono1234
c53d315697
Java: Move NumericType to Type.qll
2022-05-18 01:40:17 +02:00
Cornelius Riemenschneider
415c3d1c72
Merge pull request #740 from github/criemen/lua-tracing-config
...
Update Lua tracing config.
2022-05-18 01:03:16 +02:00
Cornelius Riemenschneider
d352253b02
Merge pull request #9187 from github/criemen/lua-tracing-configs
...
Update Lua tracing configs.
2022-05-18 01:03:15 +02:00
Mathias Vorreiter Pedersen
5d625d6156
Merge pull request #9188 from MathiasVP/fix-GetAPrimaryQlClassConsistency-for-swift
2022-05-17 20:47:24 +01:00
Erik Krogh Kristensen
6c7c9b6a4b
Merge pull request #9082 from erik-krogh/countZero
...
QL: add query warning about `count(...) = 0`.
2022-05-17 21:46:58 +02:00
Mathias Vorreiter Pedersen
a6ac14f4de
QL: Allow class + 'Base' in 'ql/primary-ql-class-consistency'.
2022-05-17 16:54:12 +01:00
Paolo Tranquilli
3a46db3f81
Swift: make C++ code generation more self-contained
...
This is solving a papercut, where the C++ build was relying on the
local dbscheme file to be up-to-date, even if all the information for
building is actually in `schema.yml`. This made a pure C++ development
cycle with changes to `schema.yml` clumsy, as it required a further
dbscheme generation step.
Now for C++ the dbscheme is generated internally in the build files, and
thus a change in `schema.yml` is reflected immediately in the C++ build.
A `swift/codegen` step for checked in generated code (including the
dbscheme) is still required, but a developer can do it just before
running QL tests or committing, instead of during each C++
recompilation.
Some directory reorganization was also carried out, moving specific
generator modules to a new `generators` python package, and only leaving
the two drivers at the top level.
2022-05-17 17:05:16 +02:00
Paolo Tranquilli
fbe7c5be81
Swift: move TBD code to ql
...
This allows to avoid bypassing label type correcness in the extractor,
and allows to independently resolve TBD extractions, as with this
approach TBD nodes do have the correctly typed trap label. The TBD
status is now a predicate on the QL side.
This requires:
* a default visit using the correct type, which is achieved via macro
metaprogramming in `VisitorBase.h`, following the way
`swift::ASTVisitor` is programmed
* a mapping from labels to corresponding binding trap entries. The
functor is defined in `TrapTagTraits.h` and instantiated in generated
`TrapEntries.h`
* Binding trap entries for TBD unknown entities must not have any other
field than the `id` (after all, we are supposed to not extract them
yet). This is why all unextracted fields in `schema.yml` have been
commented out, and will be uncommentend when visitors are added
2022-05-17 16:31:10 +02:00
Tony Torralba
53f32f5a97
Merge pull request #9186 from atorralba/atorralba/kotlin-inline-expectations-tests
...
Kotlin: Add support for InlineExpectationsTest
2022-05-17 15:28:03 +02:00
Cornelius Riemenschneider
3b4d04dcc4
Update Lua tracing config.
2022-05-17 13:18:56 +00:00
Cornelius Riemenschneider
3836d1550a
Update Lua tracing configs.
2022-05-17 13:18:28 +00:00
Taus
ea32299ab0
Python: Use API-graph flow for boolean tracking
...
Introduces a false positive, but arguably that false positive should
have been there with the local flow as well.
2022-05-17 13:14:55 +00:00
Erik Krogh Kristensen
86e97c32d6
fix all ql/use-string-compare
2022-05-17 14:11:05 +02:00
Taus
ba8d73c2be
Python: Use API::CallNode
2022-05-17 12:00:17 +00:00
Geoffrey White
629e90f14b
Merge pull request #9176 from geoffw0/xxe9
...
C++: Clean up the XXE query QL.
2022-05-17 12:40:39 +01:00
Erik Krogh Kristensen
440e6214f0
CPP: correctly escape underscores in calls to .matches()
2022-05-17 13:21:02 +02:00
Erik Krogh Kristensen
e32a04fc06
QL: add use-string-compare query
2022-05-17 13:20:49 +02:00
Tony Torralba
dbf249b199
Accept only EOL comments as Kotlin expectation comments
2022-05-17 13:05:51 +02:00
Tom Hvitved
f1f96b7e5c
Ruby: Force cached taint tracking predicates to be evaluated in data flow stage
2022-05-17 12:54:26 +02:00
Tom Hvitved
284357d2a0
Data flow: Do not materialize summaryArgParam
2022-05-17 12:50:01 +02:00
Geoffrey White
246093d375
C++: Move the two implementation imports.
2022-05-17 11:03:21 +01:00
Arthur Baars
fcb3b82bde
Merge pull request #9178 from aibaars/update-tree-sitter-ruby
...
Ruby: update tree-sitter-ruby
2022-05-17 11:47:41 +02:00
Mathias Vorreiter Pedersen
1280d43e36
Merge pull request #9141 from github/post-release-prep/codeql-cli-2.9.2
...
Post-release preparation for codeql-cli-2.9.2
2022-05-17 10:01:37 +01:00
Mathias Vorreiter Pedersen
0b0161f261
Merge pull request #737 from github/post-release-prep/codeql-cli-2.9.2
...
Post-release preparation for codeql-cli-2.9.2
2022-05-17 10:01:21 +01:00
Tony Torralba
2b6d7bb3d8
Add support for InlineExpectationsTest to Kotlin
2022-05-17 10:55:00 +02:00
Tamás Vajk
3b07fe70a1
Merge pull request #9174 from tamasvajk/kotlin-fix-isUnspecialised
...
Kotlin: Fix parent class lookup from field initializers in `isUnspecialised`
2022-05-17 10:48:52 +02:00
Erik Krogh Kristensen
7abb7552a7
Merge pull request #9184 from erik-krogh/actionInjection
...
JS: change @id from js/actions/injection to js/actions/command-injection
2022-05-17 10:24:51 +02:00
Anders Schack-Mulligen
4f5ccfd76c
Merge pull request #9181 from Marcono1234/marcono1234/FloatingPointLiteral-rename
...
Java: Rename `FloatingPointLiteral` to `FloatLiteral`
2022-05-17 10:08:49 +02:00
Tom Hvitved
f2e28c311a
Merge pull request #9180 from hvitved/csharp/entity-framework-sql-sinks
...
C#: Add missing EntityFramework SQL sinks
2022-05-17 09:50:49 +02:00
Erik Krogh Kristensen
2550988006
change @id from js/actions/injection to js/actions/command-injection
2022-05-17 09:25:05 +02:00
Tamás Vajk
350d137b2e
Merge pull request #9145 from tamasvajk/kotlin-useless-param
...
Kotlin: Respect `override` modifier in useless parameter query
2022-05-17 08:43:59 +02:00
Tamás Vajk
fcb3d78eae
Merge pull request #9146 from tamasvajk/kotlin-inner-class-static
...
Kotlin: exclude Kotlin source from 'inner class could be static' check
2022-05-17 08:43:39 +02:00
Tamás Vajk
26553cefc5
Merge pull request #9149 from tamasvajk/kotlin-maybe-null
...
Kotlin: Exclude operands of `NotNullExpr` from NullMaybe query
2022-05-17 08:43:24 +02:00
Tamás Vajk
d8c22901c9
Merge pull request #9150 from tamasvajk/kotlin-MissingInstanceofInEquals
...
Kotlin: Add more type check casts to MissingInstanceofInEquals query
2022-05-17 08:43:06 +02:00
Marcono1234
4e1a73f4d9
Java: Rename FloatingPointLiteral to FloatLiteral
...
"Floating point" refers to both `double` and `float`, and is also used by
the JLS in this way. Therefore the old CodeQL class name for `float` literals
was misleading.
2022-05-16 22:06:04 +02:00
Tom Hvitved
15449b701f
C#: Add missing EntityFramework SQL sinks
2022-05-16 20:57:40 +02:00
Arthur Baars
05dce09037
Ruby: update tree-sitter-ruby
2022-05-16 19:08:46 +02:00
Geoffrey White
cf932eb21c
C++: Repair typo fix from main.
2022-05-16 16:46:14 +01:00
Geoffrey White
7b1cd70300
Merge branch 'main' into xxe9
2022-05-16 16:45:24 +01:00
Nick Rolfe
c518150b49
Merge pull request #9132 from github/nickrolfe/misspelling
...
QL for QL: generalise non-US spelling query
2022-05-16 16:03:36 +01:00
Paolo Tranquilli
9abb3f0066
Merge pull request #9172 from github/redsun82/swift-variant-in-label-store
...
Swift: replace `getCanonicalPointer` with `std::variant`
2022-05-16 16:21:47 +02:00
Paolo Tranquilli
16e3b5bfc4
Swift: make monostate explicit
2022-05-16 15:51:43 +02:00
Erik Krogh Kristensen
23981cb323
Merge pull request #7626 from erik-krogh/CWE-377
...
JS: add query for detecting insecure temporary files
2022-05-16 15:25:17 +02:00
Tamas Vajk
d4cf877259
Rework parent lookup in isUnspecialised
2022-05-16 14:59:28 +02:00
Geoffrey White
9f3fa1c45d
C++: Consistent QLDoc.
2022-05-16 13:48:57 +01:00
Geoffrey White
b4a840e3ef
C++: Make the checks happy.
2022-05-16 13:36:41 +01:00
Geoffrey White
9976825234
C++: Slightly more logical layout.
2022-05-16 12:51:04 +01:00
Geoffrey White
19d1578733
C++: Clean up.
2022-05-16 12:49:01 +01:00
Geoffrey White
b332659fcb
C++: Split the XXE query into library files.
2022-05-16 12:41:41 +01:00
Geoffrey White
0ffd0b23ca
C++: Create an XmlLibrary class to clean up the code in XXE.ql.
2022-05-16 12:17:20 +01:00
Tamas Vajk
8ebdaf1fc2
Kotlin: Fix parent class lookup from field initializers
2022-05-16 12:14:28 +02:00
Tamas Vajk
de133e80a9
Kotlin: add diagnostic test for 'Unexpected specialised instance of generic anonymous class'
2022-05-16 12:13:33 +02:00
Tom Hvitved
a9f6d203cd
Merge pull request #8971 from aibaars/safe-nagivation
...
Ruby: add safe navigation operator
2022-05-16 10:53:56 +02:00
Tamas Vajk
47ec38c35a
Kotlin: Exclude Kotlin files altogether from NullMaybe query
2022-05-16 10:52:20 +02:00
Mathias Vorreiter Pedersen
cee7aed81f
Merge pull request #9142 from geoffw0/xxe8
...
C++: Fixes some typos and increases the XXE query precision.
2022-05-16 09:45:33 +01:00
Anders Schack-Mulligen
83f817ca45
Merge pull request #9134 from aschackmull/dataflow/perf-std-order
...
Dataflow: Improve standard order through easier type check elimination.
2022-05-16 10:05:17 +02:00
Paolo Tranquilli
1b9dcac2dd
Swift: replace getCanonicalPointer with std::variant
...
This turned out easier than expected previously. `llvm::PointerUnion`
was also considered, which would have less memory footprint, but it
would require more effort as it is lacking the same implicit conversions
and operators that `std::variant` provides.
Also renamed `ToTag<E>` to `TrapTagOf<E>` and introduced a derived
convenience functor `TrapLabelOf<E>`.
2022-05-16 09:59:36 +02:00
Tamás Vajk
f7d2b2767c
Merge pull request #9151 from tamasvajk/kotlin-comments-variables-1
...
Kotlin: Handle variables as comment owners
2022-05-16 09:32:19 +02:00
Tony Torralba
616b12d011
Merge pull request #8956 from atorralba/atorralba/intent-redirection-sanitizer-fix
...
Java: Fix Intent Redirection sanitizer
2022-05-16 09:21:04 +02:00
thibaut hansmann
e150a39fa0
C/C++ : fix name of cpp file + fix autoformat
2022-05-15 14:27:46 +02:00
Chris Smowton
ae83190629
Merge pull request #9164 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-05-14 08:44:37 +01:00
github-actions[bot]
1d39726604
Add changed framework coverage reports
2022-05-14 00:19:04 +00:00
Chris Smowton
77461f7ad6
Merge pull request #730 from owen-mc/bugfix/build/go-mod-tidy
...
Run `go mod tidy -e` before building
2022-05-13 19:40:05 +01:00
Chris Smowton
32e294955a
Merge pull request #734 from cokeBeer/main
...
fix https://github.com/github/codeql/issues/9097
2022-05-13 19:38:55 +01:00
Chris Smowton
07c2f6e514
Merge pull request #9155 from smowton/smowton/fix/field-initializer-flow
...
Kotlin: Fix initializer field flow by extracting field finality
2022-05-13 18:41:55 +01:00
Chris Smowton
305ddb2169
Accept test changes
2022-05-13 17:44:26 +01:00
Chris Smowton
fbdd5a13c5
Autoformat
2022-05-13 17:40:58 +01:00
Chris Smowton
c76a774e35
Accept test changes
2022-05-13 17:40:58 +01:00
Chris Smowton
498d3700bd
Update java/ql/test/kotlin/library-tests/field-initializer-flow/test.ql
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
2022-05-13 17:40:58 +01:00
Chris Smowton
81baca2c17
Fix initializer field flow by extracting field finality
2022-05-13 17:40:58 +01:00
Chris Smowton
2930bd4cc2
Only attempt go.mod updating if go >= 1.16
...
Prior to this (a) Go will attempt to update go.mod/sum anyhow, and (b) the `mod tidy -e` option isn't available.
2022-05-13 17:32:00 +01:00
AlexDenisov
eacb9f1dba
Merge pull request #9144 from github/alexdenisov/introduce-visitors
...
Swift: Introduce visitors
2022-05-13 17:57:47 +02:00
cokeBeer
7f21c0c3b7
fix format
2022-05-13 23:36:50 +08:00
Ian Lynagh
7ef9a19085
Merge pull request #9131 from github/igfoo/capture_output
...
Kotlin: Don't use capture_output or text
2022-05-13 15:59:14 +01:00
Tony Torralba
168a184602
Merge pull request #9127 from atorralba/atorralba/sensitive-info-log-improvs
...
Java: Sensitive Info Log query improvements
2022-05-13 16:57:32 +02:00
Alex Denisov
1b75034634
Swift: simplify CRTP monkey-patching
2022-05-13 16:54:15 +02:00
Alex Denisov
f857cd11c4
Swift: add comments about SwiftDispatcher lifetime
2022-05-13 16:47:45 +02:00
Ian Lynagh
153fd3a221
Kotlin: Fix diagnostics test
2022-05-13 15:36:30 +01:00
Ian Lynagh
98b0463e09
Kotlin: Accept test output
2022-05-13 15:36:30 +01:00
Ian Lynagh
b94597568a
Kotlin: Write the log file as Line-delimited JSON
2022-05-13 15:36:30 +01:00
Ian Lynagh
3ae5e1a5f7
Kotlin: Add a LogMessage class
2022-05-13 15:36:30 +01:00
Alex Denisov
acbe9ff9f9
Swift: introduce visitors
2022-05-13 16:26:41 +02:00
AlexDenisov
4e9706470d
Merge pull request #9112 from AlexDenisov/alexdenisov/introduce-dispatcher
...
Swift: introduce dispatcher
2022-05-13 16:26:26 +02:00
Alex Denisov
43199fa723
Swift: clarify getCanonicalPointer
2022-05-13 16:14:16 +02:00
Alex Denisov
35467bc252
Swift: rely on llvm::sys::fs::real_path to get absolute path
2022-05-13 16:13:30 +02:00
cokeBeer
aa2d4450ad
add v1modulePath()
2022-05-13 21:24:58 +08:00
cokeBeer
75f2edd220
add v2modulePath()
2022-05-13 21:22:23 +08:00
cokeBeer
808dde2fc1
add v2modulePath()
2022-05-13 21:21:16 +08:00
Alex Denisov
043b1b9c4a
Swift: resolve symlinks
2022-05-13 15:20:30 +02:00
Alex Denisov
d7f4c6fb0b
Swift: add a comment about lifetime
2022-05-13 15:20:30 +02:00
Alex Denisov
c92576690f
Swift: change the return types of getCanonicalPointer
2022-05-13 15:20:30 +02:00
Alex Denisov
2f00945a23
Swift: change the return types of getCanonicalPointer
2022-05-13 15:20:30 +02:00
Alex Denisov
039aaec6b7
Swift: make TrapLabelStore store untyped label internally
2022-05-13 15:20:30 +02:00
Alex Denisov
e584afb895
Swift: fix format
2022-05-13 15:20:30 +02:00
Alex Denisov
7b9f88637e
Swift: describe TrapTagTraits API and implementation
2022-05-13 15:20:30 +02:00
Alex Denisov
efa4565af2
Swift: move generated code to generated directory
2022-05-13 15:20:29 +02:00
Tony Torralba
b9f3b3bd37
Apply code review suggestion
2022-05-13 15:09:06 +02:00
cokeBeer
252b19063e
Merge branch 'github:main' into main
2022-05-13 20:23:24 +08:00
Tamas Vajk
ef08554adb
Fix extraction of reflective call generated by Parcelize
2022-05-13 14:01:37 +02:00
Tamas Vajk
7376ec5d42
Handle variables as comment owners
2022-05-13 13:58:06 +02:00
Tamas Vajk
7d5844a9a4
Kotlin: Add more type check casts to MissingInstanceofInEquals query
2022-05-13 13:52:52 +02:00
Tamas Vajk
e2efef7bd7
Kotlin: Add more type check tests for MissingInstanceofInEquals query
2022-05-13 13:50:59 +02:00
Paolo Tranquilli
f52119dc81
Merge branch 'main' into alexdenisov/introduce-dispatcher
2022-05-13 13:44:01 +02:00
Tamas Vajk
c2a8965c90
Kotlin: Exclude operands of NotNullExpr from NullMaybe query
2022-05-13 13:42:10 +02:00
Tamas Vajk
e5d78687aa
Kotlin: Add test for NullMaybe query
2022-05-13 13:41:25 +02:00
Paolo Tranquilli
d531631a3a
Merge pull request #9147 from github/redsun82/swift-codegen-artifacts
...
Swift: publish C++ generated code as artifacts
2022-05-13 13:36:25 +02:00
Paolo Tranquilli
ccc77fa4a6
Merge branch 'main' into alexdenisov/introduce-dispatcher
2022-05-13 13:23:21 +02:00
Ian Lynagh
624cd41bd5
Merge pull request #9136 from igfoo/igfoo/qldoc
...
Kotlin: QLDoc tweaks from intrigus
2022-05-13 12:17:28 +01:00
Chris Smowton
7daba0bf55
Merge pull request #9122 from smowton/smowton/admin/update-kotlin
...
Kotlin: Apply changes since https://github.com/github/codeql/pull/9109 branched away from kotlin-main
2022-05-13 12:00:03 +01:00
Chris Smowton
e91a51aae6
Merge pull request #9113 from github/smowton/admin/claim-golang-support
...
Claim Go 1.18 support
2022-05-13 11:58:53 +01:00
Paolo Tranquilli
7a8ab7d2f5
Swift: merge generated headers into one artifact
2022-05-13 12:25:48 +02:00
Paolo Tranquilli
8cb9fd7eec
Swift: publish C++ generated code as artifacts
2022-05-13 11:48:27 +02:00
Chris Smowton
211580e608
Merge pull request #738 from hvitved/xml-dbscheme-files-folders
...
Drop redundant columns from `files` and `folders` relations in `xml.dbscheme`
2022-05-13 10:35:45 +01:00
Tamas Vajk
631ba8adcf
Kotlin: exclude Kotlin source from 'inner class could be static' check
2022-05-13 11:20:28 +02:00
Tamas Vajk
cd17e2eb28
Kotlin: add potentially static inner class test
2022-05-13 11:19:29 +02:00
Tamas Vajk
5ce2573cc1
Kotlin: Respect override modifier in useless parameter query
2022-05-13 11:08:35 +02:00
Tamas Vajk
6af4b74528
Kotlin: add useless parameter test for generic override
2022-05-13 11:07:22 +02:00
Tony Torralba
39fd1b48fc
Merge pull request #9143 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-05-13 09:37:29 +02:00
github-actions[bot]
05070fb6c4
Add changed framework coverage reports
2022-05-13 00:19:40 +00:00
Chris Smowton
5ec9390482
Autoformat
2022-05-12 22:37:54 +01:00
Chris Smowton
63dadd88aa
Revert "Identify data classes during extraction"
...
This reverts commit a61ba65c9f2182a578a7f4dbdb1c1657197f16cd, pending
adding a proper upgrade script for the DB change.
2022-05-12 22:37:30 +01:00
Tony Torralba
e3c2656ef1
Update java/ql/lib/semmle/code/java/frameworks/KotlinStdLib.qll
2022-05-12 22:37:06 +01:00
Tamas Vajk
cc92c6517b
Fix labels of extension function parameters
2022-05-12 22:37:06 +01:00
Tamas Vajk
a0f4960e31
Add test case for extension function called from java
2022-05-12 22:37:06 +01:00
Tamas Vajk
ccaafd74f3
Fix declaring type of companion field
2022-05-12 22:37:06 +01:00
Tamas Vajk
a8cf0383cf
Add test for companion field declaring type
2022-05-12 22:37:06 +01:00
Tamas Vajk
8b1a7c845c
Fix return type of <clinit> methods
2022-05-12 22:37:06 +01:00
Tamas Vajk
de003fd122
Add test for return type of <clinit> methods
2022-05-12 22:37:06 +01:00
Tamas Vajk
b0ee557a51
Fix expected test files
2022-05-12 22:37:06 +01:00
Tamas Vajk
59581439dd
Fix colliding property accessor and function names
2022-05-12 22:37:06 +01:00
Tamas Vajk
a51c2c496f
Add test with colliding property accessor and function names
2022-05-12 22:37:06 +01:00
Tamas Vajk
857a74cf14
Adjust class label generation to handle classes in field initializers
2022-05-12 22:37:06 +01:00
Tamas Vajk
394ec56d9d
Add test case for local class declaration in field initializer
2022-05-12 22:37:06 +01:00
Chris Smowton
4ceb2f13c4
Add test
2022-05-12 22:37:06 +01:00
Chris Smowton
2600dcd182
Fix extracting type accesses relating to proprerty getters/setters and SAM-converted methods
...
These should be handled the same as regular methods: extract type accesses for parameters and methods only if we're extracting "from source", i.e. at some point we're descended from extractFileContents.
2022-05-12 22:37:06 +01:00
Chris Smowton
301fa11450
Only extract parameter and method type-accesses once
...
Previously we extracted them whenever something was non-external, but this led to re-extraction when an instance of a generic type defined in source was extracted multiple times.
2022-05-12 22:37:06 +01:00
Chris Smowton
8d970a3cbd
Don't extract private members of instantiated or external classes
...
This is both consistent with the Java extractor's behaviour, and prevents us from trying to refer to anonymous types (e.g. anonymous objects that directly initialize properties) out of scope.
2022-05-12 22:37:06 +01:00
Tamas Vajk
fbae0f5053
Revert dataflow changes, extract actual iterator function
2022-05-12 22:37:06 +01:00
Tamas Vajk
538e05995a
Fix dataflow for kotlin.Array.iterator()
2022-05-12 22:37:03 +01:00
Tamas Vajk
776322bac2
Add foreach dataflow tests
2022-05-12 22:36:28 +01:00
Chris Smowton
7e17074b41
Allow arithmetic functions not mapping to Java equivalents
2022-05-12 22:36:28 +01:00
Chris Smowton
b1849f5f0a
Expand error message
2022-05-12 22:36:28 +01:00
Chris Smowton
22e48ca39a
Accept test changes
2022-05-12 22:36:28 +01:00
Chris Smowton
16af811b69
Allow imprecise matching for Kotlin -> Java method translation
...
This allows the particular case of Collection.toArray(IntFunction<T>) to match, since both Java and Kotlin functions take an IntFunction<T> but they use different function-local type variables.
This would also allow toArray(Array<T>) to work similarly.
2022-05-12 22:36:28 +01:00
Chris Smowton
77056c9bff
Add test expectations
2022-05-12 22:36:28 +01:00
Chris Smowton
71d2e7be3e
Don't replace own callables, and use a more exact replacement-finding test
2022-05-12 22:36:28 +01:00
Chris Smowton
ce87a89009
Replace Map and similar functions with their Java cousins
...
This didn't appear to be necessary because the Kotlin and Java versions of Map (for example) are designed to be compatible, but in certain cases their functions have the same erasure but not the same type (e.g. Map.getOrDefault(K, V) vs. Map.getOrDefault(Object, V).
These have different erasures which was leading to callable-binding inconsistencies.
2022-05-12 22:36:28 +01:00
Tamas Vajk
fa0bd0366c
Fix extension property labels
2022-05-12 22:36:28 +01:00
Tamas Vajk
25fce5f6bb
Identify data classes during extraction
2022-05-12 22:36:28 +01:00
Chris Smowton
1e78f2893c
Add test for special method getters
2022-05-12 22:36:28 +01:00
Chris Smowton
134f88fe8e
Accept test results
2022-05-12 22:36:27 +01:00
Chris Smowton
12e3401ae0
Map special getters onto their correct JVM names
...
These include Collection.size() for example, which has a Kotlin property called `size` but whose getter is not named `getSize()`.
These would normally be accounted for using `@JvmName`, but some core methods are lowered by a special compiler pass instead.
2022-05-12 22:36:27 +01:00
Chris Smowton
cb6941d212
Account for JVM type equivalency when recognising unspecialised types
...
(As before, these are not really unspecialised, they are instantiated by their own type parameters, but this replicates the behaviour of the Java extractor)
2022-05-12 22:36:27 +01:00
github-actions[bot]
11c95c576e
Post-release preparation for codeql-cli-2.9.2
2022-05-12 18:21:57 +00:00
Tom Hvitved
e68a727f9a
Drop redundant columns from files and folders relations in xml.dbscheme
2022-05-12 20:21:48 +02:00
github-actions[bot]
b7cbd8fd75
Post-release preparation for codeql-cli-2.9.2
2022-05-12 18:21:38 +00:00
Geoffrey White
776857e08b
C++: Change note.
2022-05-12 18:26:32 +01:00
Geoffrey White
7a35a346dc
C++: Increase query precision to 'high'.
2022-05-12 17:46:16 +01:00
Geoffrey White
0ad6289618
C++: Fix typos.
2022-05-12 16:32:20 +01:00
Nick Rolfe
6c52831143
Java: sync spelling correction in shared qll
2022-05-12 16:11:29 +01:00
Nick Rolfe
1115227f9d
Merge remote-tracking branch 'origin/main' into nickrolfe/misspelling
2022-05-12 16:10:27 +01:00
Nick Rolfe
320b6a1942
QL for QL: don't check spelling of deprecated nodes
2022-05-12 16:07:17 +01:00
Nick Rolfe
70666f6351
QL for QL: fix typos in comments
2022-05-12 16:03:39 +01:00
Nick Rolfe
8caad12011
Ruby: fix typos in comments
2022-05-12 16:02:20 +01:00
Nick Rolfe
2efa38aaa6
Python: fix typos in comments
2022-05-12 16:02:20 +01:00
Nick Rolfe
2ed42c327c
JS: fix typos in comments
2022-05-12 16:02:19 +01:00
Mathias Vorreiter Pedersen
39551fd84d
Merge pull request #9114 from geoffw0/xxe7
...
C++: Repair support for createLSParser in the CWE-611 XXE query.
2022-05-12 15:47:53 +01:00
Jeroen Ketema
941485d66f
Merge pull request #9130 from jketema/cpp17-init
...
C++: Handle C++17 if and switch initializers
2022-05-12 16:37:44 +02:00
Harry Maclean
64206a1c29
Ruby: Add getAPrimaryQlClass to CfgNodes classes
2022-05-12 15:32:36 +01:00
Anders Schack-Mulligen
8c8440a58a
Merge pull request #9101 from hvitved/dataflow/include-hidden
...
Data flow: Add `Configuration::includeHiddenNodes()`
2022-05-12 15:36:12 +02:00
Geoffrey White
df30d2286c
Merge branch 'main' into xxe7
2022-05-12 14:35:16 +01:00
Nick Rolfe
128fac4414
Java: fix typos in comments
2022-05-12 14:28:49 +01:00
Nick Rolfe
a50601c367
C#: fix typos in comments
2022-05-12 14:28:40 +01:00
Nick Rolfe
76cf8d1659
C++: fix typos in comments
2022-05-12 14:28:26 +01:00
Nick Rolfe
844eef173c
QL for QL: add predicate for other typos not in the shared typo db
2022-05-12 14:25:39 +01:00
Ian Lynagh
75ca116ef9
Kotlin: QLDoc tweaks from intrigus
2022-05-12 14:12:01 +01:00
Jeroen Ketema
723f3b09fe
C++: Address review comments
2022-05-12 15:09:06 +02:00
Ian Lynagh
02101fab6a
Kotlin: Don't use capture_output or text
...
Older python versions don't support them
2022-05-12 14:08:19 +01:00
Taus
a0f8e2f0b1
Python: Modernise py/jinja2/autoescape-false
...
A simple rewrite to use API graphs instead.
The handling of falsy values is potentially a bit more restrictive now,
as it only accounts for local flow. We should probably figure out a
better way of capturing this pattern, but I felt that this was out of
scope for the present PR.
2022-05-12 12:55:42 +00:00
Erik Krogh Kristensen
762f7bf7fe
Merge pull request #9115 from erik-krogh/fileAndFolder
...
JS: resolve main module when there is a folder with the same name as the main file
2022-05-12 14:55:28 +02:00
Jeroen Ketema
72823e9576
Apply suggestions from code review
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-05-12 14:54:43 +02:00
Taus
e8b7262712
Merge pull request #9133 from tausbn/devcontainer-install-test-extension-dependencies
...
Devcontainer: Install test dependencies
2022-05-12 14:51:18 +02:00
Joe Farebrother
59e400d2e0
Merge pull request #7723 from joefarebrother/redos
...
Java: Add ReDoS queries
2022-05-12 13:50:38 +01:00
Erik Krogh Kristensen
4bef451156
Merge pull request #9021 from erik-krogh/actions
...
JS: promote `js/actions/injection` out of experimental
2022-05-12 14:38:38 +02:00
Anders Schack-Mulligen
adb56dfa39
Dataflow: Improve standard order through easier type check elimination.
2022-05-12 14:31:38 +02:00
Nick Rolfe
6058352fb0
QL for QL: add small test for misspelling query
2022-05-12 13:17:32 +01:00
Nick Rolfe
4321b5e1fa
QL for QL: generalise non-US spelling query
...
1. Catch common misspelling as well.
2. Also check names of classes, predicates, etc.
2022-05-12 13:17:32 +01:00
Taus
12b34bcf04
Devcontainer: Install test dependencies
...
These _should_ get installed automatically if missing, by in my
experience this can be a bit flaky. Installing theme here should make
this a bit more robust.
2022-05-12 12:17:04 +00:00
Rasmus Wriedt Larsen
7cd51d6147
Merge pull request #9126 from RasmusWL/moduleimport-with-dots
...
Python: Fully disallow `API::moduleImport` of module with dots
2022-05-12 14:16:25 +02:00
Alex Denisov
d0e2e2bec8
Swift: introduce SwiftDispatcher
2022-05-12 14:09:44 +02:00
Alex Denisov
8f8ece63e7
Swift: add extractor test for declarations
2022-05-12 14:09:44 +02:00
Alex Denisov
cfd242e489
Swift: add human readable string representation for Location and UnkownAstNode
2022-05-12 14:09:44 +02:00
AlexDenisov
dd900e622c
Merge pull request #9107 from redsun82/swift-arena
...
Swift: `TrapOutput`
2022-05-12 14:09:18 +02:00
Mathias Vorreiter Pedersen
b13123e66e
Merge pull request #9128 from github/release-prep/2.9.2
...
Release preparation for version 2.9.2
2022-05-12 13:04:08 +01:00
Mathias Vorreiter Pedersen
3423729f4c
Merge pull request #736 from github/release-prep/2.9.2
...
Release preparation for version 2.9.2
2022-05-12 12:55:44 +01:00
Rasmus Wriedt Larsen
795adf0566
Python: Fix API::moduleImport("foo.bar")
2022-05-12 13:33:00 +02:00
Rasmus Wriedt Larsen
3844c5b5c0
Python: Add change-note
2022-05-12 13:32:59 +02:00
Rasmus Wriedt Larsen
f8253f5fef
Python: Fully disallow API::moduleImport of module with dots
...
Inspired by discussion about this for MaD in
https://github.com/github/codeql/pull/8883#discussion_r865858084
2022-05-12 13:30:26 +02:00
Rasmus Wriedt Larsen
597a8414d9
Python: Add test of API::moduleImport with dots
...
This is currently semi-works -- the import is allowed, but doesn't
always work when used :|
2022-05-12 13:29:16 +02:00
Nick Rolfe
234a36ff61
Merge pull request #9119 from github/nickrolfe/non-us-spelling-fixes
...
Fix non-US spellings and the corresponding query
2022-05-12 12:29:14 +01:00
Erik Krogh Kristensen
fef4455ccc
apply suggestion from doc review
...
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com >
2022-05-12 13:28:45 +02:00
Jeroen Ketema
e23e5e5b12
C++: Add change notes for C++17 if and switch initializers
2022-05-12 12:56:50 +02:00
Jeroen Ketema
894380d701
C++: Update stats file
2022-05-12 12:56:50 +02:00
Jeroen Ketema
97bba115da
C++: Add upgrade and downgrade script
2022-05-12 12:56:50 +02:00
Jeroen Ketema
71c019e126
C++: Handle C++17 switch initializers
2022-05-12 12:56:50 +02:00
Jeroen Ketema
ebbd9c5b90
C++: Handle C++17 if initializers
2022-05-12 12:56:50 +02:00
Mathias Vorreiter Pedersen
46f237efcb
Update ruby/ql/lib/change-notes/released/0.2.1.md
2022-05-12 11:47:26 +01:00
Mathias Vorreiter Pedersen
103c589c1d
Update python/ql/lib/change-notes/released/0.3.0.md
2022-05-12 11:47:19 +01:00
Mathias Vorreiter Pedersen
7b8c3bdcf9
Update ruby/ql/lib/CHANGELOG.md
2022-05-12 11:47:13 +01:00
Mathias Vorreiter Pedersen
499878a44d
Update python/ql/lib/CHANGELOG.md
2022-05-12 11:47:08 +01:00
Mathias Vorreiter Pedersen
f76d52407d
Update java/ql/lib/change-notes/released/0.2.1.md
2022-05-12 11:47:01 +01:00
Mathias Vorreiter Pedersen
1143b48338
Update java/ql/lib/CHANGELOG.md
2022-05-12 11:46:53 +01:00
Mathias Vorreiter Pedersen
55ce069e30
Update java/ql/lib/change-notes/released/0.2.1.md
2022-05-12 11:43:55 +01:00
Mathias Vorreiter Pedersen
43265c4133
Update python/ql/lib/change-notes/released/0.3.0.md
2022-05-12 11:43:39 +01:00
Mathias Vorreiter Pedersen
b069d1bd17
Update python/ql/lib/CHANGELOG.md
2022-05-12 11:43:33 +01:00
Mathias Vorreiter Pedersen
eb3a35eaea
Update java/ql/src/change-notes/released/0.1.2.md
2022-05-12 11:43:27 +01:00
Mathias Vorreiter Pedersen
11707f8522
Update java/ql/src/CHANGELOG.md
2022-05-12 11:43:19 +01:00
Mathias Vorreiter Pedersen
2ef976a152
Update java/ql/src/CHANGELOG.md
2022-05-12 11:43:08 +01:00
Mathias Vorreiter Pedersen
22bdde6eaa
Update java/ql/lib/change-notes/released/0.2.1.md
2022-05-12 11:43:01 +01:00
Mathias Vorreiter Pedersen
e9e8f3810b
Update java/ql/lib/CHANGELOG.md
2022-05-12 11:41:20 +01:00
Mathias Vorreiter Pedersen
1f7eefe95c
Update java/ql/lib/CHANGELOG.md
2022-05-12 11:41:13 +01:00
github-actions[bot]
ee9980b31c
Release preparation for version 2.9.2
2022-05-12 10:17:28 +00:00
github-actions[bot]
edbd5dd77a
Release preparation for version 2.9.2
2022-05-12 10:17:26 +00:00
Tony Torralba
f0a0ac100b
Add live literals as sanitizers for sensitive logging
2022-05-12 11:57:44 +02:00
Tom Hvitved
0a7892797e
Merge pull request #8938 from hvitved/ruby/with-without-mad-tokens
...
Ruby: Introduce `With(out)Element` MaD input tokens
2022-05-12 11:49:51 +02:00
Tony Torralba
5db8306fef
Stop considering usernames sensitive info
...
Require variables to be static to be considered constants
2022-05-12 11:46:52 +02:00
Nick Rolfe
12a43b6fae
C++: fix another use of AnalysedString
2022-05-12 10:38:13 +01:00
Harry Maclean
e8972b814f
Merge pull request #8635 from hmac/hmac/io-popen
...
Ruby: Model IO.popen
2022-05-12 21:17:55 +12:00
Nick Rolfe
a86b5a1586
C++: fix changenote formatting
2022-05-12 09:26:30 +01:00
Erik Krogh Kristensen
9050f9999c
recognize functions that return object of methods as library input
2022-05-12 09:56:19 +02:00
Anders Schack-Mulligen
e0c74d4390
Merge pull request #9124 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-05-12 09:06:07 +02:00
Anders Schack-Mulligen
fad7d9ae72
Merge pull request #9120 from igfoo/igfoo/fixes
...
Kotlin: Fix some alerts
2022-05-12 08:29:34 +02:00
Erik Krogh Kristensen
b1e8b3332c
resolve main module when there is a folder with the same name as the main file
2022-05-12 08:20:30 +02:00
Erik Krogh Kristensen
6014614a31
Merge pull request #9103 from erik-krogh/nextParam
...
JS: add support for typed NextJS route-handlers
2022-05-12 08:18:26 +02:00
cokeBeer
ebcb040050
update fix
2022-05-12 09:53:49 +08:00
cokeBeer
c70358033d
update fix
2022-05-12 09:31:35 +08:00
github-actions[bot]
acaf4517c0
Add changed framework coverage reports
2022-05-12 00:17:30 +00:00
Chris Smowton
85dc1090fe
Merge pull request #9116 from smowton/smowton/feature/accept-conditional-cookie-security
...
Java: tolerate `cookie.setSecure(request.isSecure())`
2022-05-11 21:29:14 +01:00
Tom Hvitved
46ab25b61e
Merge pull request #9098 from aschackmull/dataflow/perf
...
Dataflow: Performance fixes
2022-05-11 20:41:48 +02:00
Nick Rolfe
7cd6dc1a74
CPP: add changenote for AnalysedString -> AnalyzedString
2022-05-11 18:16:26 +01:00
Ian Lynagh
33e17f1665
Kotlin: Fix some alerts
2022-05-11 17:58:50 +01:00
Nick Rolfe
e1b277386a
Fix non-US spellings: s/analyse/analyze
2022-05-11 17:48:27 +01:00
Nick Rolfe
2d246a4034
QL for QL: fix checking spelling of 'analyze' in multi-line comments
...
`.` does not match a newline in `regexpMatch`, so we were missing some
comments.
2022-05-11 17:43:39 +01:00
Nick Rolfe
0af1976b74
JS: fix typos in qldoc comment
2022-05-11 17:42:43 +01:00
Paolo Tranquilli
ddb567b639
Swift: remove Tag nested alias in TrapLabel
2022-05-11 17:44:00 +02:00
Ian Lynagh
cfde0a1491
Merge pull request #9109 from igfoo/igfoo/kotlin_merge
...
Initial Kotlin support
2022-05-11 16:16:22 +01:00
Paolo Tranquilli
f1413f29c6
Swift: move back file opening code
2022-05-11 16:53:51 +02:00
Tony Torralba
5be30209c1
Merge pull request #9036 from luchua-bc/java/hardcoded-jwt-key
...
Java: CWE-321 Query to detect hardcoded JWT secret keys
2022-05-11 16:31:34 +02:00
Henry Mercer
6ecc542ca3
Merge pull request #9117 from github/henrymercer/java/tag-telemetry
...
Java: Tag telemetry queries with `telemetry`
2022-05-11 15:13:35 +01:00
Henry Mercer
a626078423
Merge pull request #9118 from github/henrymercer/csharp/tag-telemetry
...
C#: Tag telemetry queries with `telemetry`
2022-05-11 15:13:29 +01:00
Anders Schack-Mulligen
4884520ee1
Dataflow: Review fix.
2022-05-11 15:40:49 +02:00
Chris Smowton
f7e1f3e1a5
Remove URL fragment from Google search
2022-05-11 14:38:09 +01:00
Tom Hvitved
5df87d526c
Sync files
2022-05-11 15:17:27 +02:00
Tom Hvitved
884d3b2ff4
Ruby: Introduce With(out)Element MaD input tokens
2022-05-11 15:17:27 +02:00
Tom Hvitved
333780e635
Merge pull request #8898 from hvitved/dataflow/clear-expect-summary-components
...
Data flow: Introduce 'with/without content' summary components
2022-05-11 15:16:42 +02:00
Ian Lynagh
c0a755e061
Merge remote-tracking branch 'upstream/main' into igfoo/kotlin_merge
...
Resolving conflicts:
java/ql/lib/semmle/code/java/Expr.qll
2022-05-11 14:13:09 +01:00
Rasmus Wriedt Larsen
044829c3bb
Python: Add @security-severity to py/pam-auth-bypass
...
The value 8.1 was calculated by our internal tool. This corresponds to a
'High' severity, which from my gut feeling seems reasonable for
authorization bypass.
2022-05-11 14:57:21 +02:00
Geoffrey White
94e190c63a
C++: getClassAndName.
2022-05-11 13:47:51 +01:00
Rasmus Wriedt Larsen
46f309c373
Merge pull request #6360 from jorgectf/jorgectf/python/insecure-cookie
...
Python: Add cookie security-related queries
2022-05-11 14:47:11 +02:00
Paolo Tranquilli
a46582d7d5
Swift: replace friend in TrapLabel with unsafeCreateFromExplicitId
2022-05-11 14:42:55 +02:00
Henry Mercer
b6f1ddcdab
Java: Tag telemetry queries with telemetry
...
This will exclude the results of these queries from the summary tables
produced by `codeql database analyze` in a future version of the CodeQL
CLI.
2022-05-11 13:29:25 +01:00
Henry Mercer
cdd6e0e104
C#: Tag telemetry queries with telemetry
...
This will exclude the results of these queries from the summary tables
produced by `codeql database analyze` in a future version of the CodeQL
CLI.
2022-05-11 13:27:49 +01:00
Rasmus Wriedt Larsen
cff950f5f7
Python: Fix select of py/insecure-cookie
2022-05-11 14:06:30 +02:00
Rasmus Wriedt Larsen
0956d506de
Python: Actually promote py/pam-auth-bypass
...
🤦
2022-05-11 13:44:47 +02:00
Anders Schack-Mulligen
9a4d86e9b4
Merge pull request #8571 from Marcono1234/marcono1234/statement-expression
...
Java: Add `ValueDiscardingExpr`
2022-05-11 13:37:24 +02:00
Rasmus Wriedt Larsen
fc8633cc01
Python: Fix select for py/cookie-injection
2022-05-11 13:18:14 +02:00
Chris Smowton
0044326884
Add change note
2022-05-11 12:06:27 +01:00
Chris Smowton
d9e7d34e03
Merge pull request #735 from github/smowton/admin/generics-change-note
...
Add change note announcing generics support
2022-05-11 12:06:09 +01:00
Chris Smowton
c17ef42cc7
Insecure cookie query: accept ServletRequest.isSecure(), and allow more than one possible input to a setSecure(...) call.
2022-05-11 11:59:37 +01:00
luchua-bc
f85c01c975
Correct string source
2022-05-11 10:37:22 +00:00
Paolo Tranquilli
e679612a5a
Swift: move most of TrapArena to TrapFile
2022-05-11 12:32:14 +02:00
Chris Smowton
1af0e9b619
Servlets.qll: don't use deprecated library visiblity modifier.
2022-05-11 11:31:14 +01:00
Geoffrey White
f27c2f3031
C++: Fix more capitalization.
2022-05-11 11:27:57 +01:00
Arthur Baars
e1e13b599a
Fix CFG
2022-05-11 12:09:17 +02:00
Geoffrey White
00f7453fcb
C++: Fix capitalization.
2022-05-11 11:08:03 +01:00
Arthur Baars
d91b1891f1
Add change note
2022-05-11 12:06:08 +02:00
Arthur Baars
dbd9c1859d
Add more test cases for &. operator
2022-05-11 12:06:08 +02:00
Arthur Baars
76f806159c
Ruby: desugar safe navigation calls
2022-05-11 12:06:08 +02:00
Arthur Baars
c9f7568ca3
Ruby: add Call::isSafeNavigation
2022-05-11 12:06:08 +02:00
Arthur Baars
a47e429945
Merge pull request #8909 from aibaars/tree-sitter-update
...
Tree sitter update
2022-05-11 12:02:14 +02:00
Geoffrey White
3dddc560a1
C++: Add LSParser specific transformer.
2022-05-11 11:02:01 +01:00
Geoffrey White
e3be7749ea
C++: Repair the LSParser sinks.
2022-05-11 11:02:01 +01:00
Geoffrey White
8852043558
C++: Additional test cases.
2022-05-11 11:01:26 +01:00
Rasmus Wriedt Larsen
add6579385
Merge pull request #9022 from RasmusWL/ruby-fix
...
Ruby: Fix `isLocalSourceNode` implementation
2022-05-11 11:52:44 +02:00
Chris Smowton
72022e65d5
Copyedit
2022-05-11 10:46:16 +01:00
Chris Smowton
7530943e07
Add change note announcing generics support
2022-05-11 10:42:58 +01:00
Rasmus Wriedt Larsen
27b99c51e9
Python: Add placeholder precision for py/insecure-cookie
2022-05-11 11:36:06 +02:00
Rasmus Wriedt Larsen
a902d3d8f0
Python: Add security-severity for py/insecure-cookie
...
Matching the Java query
7d4767a4f5/java/ql/src/Security/CWE/CWE-614/InsecureCookie.ql (L7)
2022-05-11 11:34:16 +02:00
Rasmus Wriedt Larsen
84ad45c665
Python: Fix Django import
2022-05-11 11:33:35 +02:00
Paolo Tranquilli
e63d079322
Swift: transfer TrapArena
2022-05-11 11:28:38 +02:00
Chris Smowton
d41da9eabb
Claim Go 1.18 support
...
As of https://github.com/github/codeql-go/pull/686 landing we support extracting generics, dataflow analysis in programs that use generics, etc. Note this hasn't gone out in a release yet but I would expect it to be in 2.9.2.
2022-05-11 10:26:22 +01:00
Chris Smowton
440b3118cb
Merge pull request #686 from owen-mc/extract-generics
...
Extract generics
2022-05-11 10:14:58 +01:00
Rasmus Wriedt Larsen
d127d2164a
Merge branch 'main' into jorgectf/python/insecure-cookie
2022-05-11 11:13:47 +02:00
Anders Schack-Mulligen
25336df302
Merge pull request #8873 from atorralba/atorralba/android-startactivity-flowstep
...
Java: Add flow step from startActivity to getIntent
2022-05-11 11:08:08 +02:00
Anders Schack-Mulligen
c217a1e502
Update java/ql/lib/semmle/code/java/Expr.qll
2022-05-11 11:03:13 +02:00
Tony Torralba
43b425d0e4
Merge pull request #9002 from atorralba/atorralba/https-urls-improvs
...
Java: Add OkHttp and Retrofit models
2022-05-11 10:48:08 +02:00
Arthur Baars
907c3db5ca
Address comments
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-05-11 09:59:42 +02:00
Erik Krogh Kristensen
f5329a3d1b
PY: fix ql/field-only-used-in-charpred warning
2022-05-11 09:54:55 +02:00
Erik Krogh Kristensen
94a9b3e873
fix all ql/counting-to-zero in some languages
2022-05-11 09:54:53 +02:00
Erik Krogh Kristensen
7149b98bb4
add ql/counting-to-zero
2022-05-11 09:51:56 +02:00
Erik Krogh Kristensen
5e02a76dfd
add support for typed NextJS route-handlers
2022-05-11 09:45:34 +02:00
Cornelius Riemenschneider
506e09ef32
Merge pull request #9105 from github/criemen/dotnet-lua-tracing-config
...
C#: Lua tracing config: Use API function.
2022-05-11 09:28:09 +02:00
cokeBeer
2b51b4206e
fix https://github.com/github/codeql/issues/9097
2022-05-11 11:22:23 +08:00
Erik Krogh Kristensen
872b275bd4
Merge pull request #9110 from erik-krogh/qlPackAll
...
QL: add implicit -all to a query pack to match the CodeQL pack resolution
2022-05-10 23:41:26 +02:00
Erik Krogh Kristensen
a5acaeb59c
QL: add implicit -all to a query pack to match the CodeQL pack resolution
2022-05-10 23:25:32 +02:00
Ian Lynagh
b7a0b56e41
Kotlin: Add a this.
2022-05-10 19:51:31 +01:00
Ian Lynagh
8a89251c4f
Kotlin: Tweak dbscheme
2022-05-10 19:51:31 +01:00
Ian Lynagh
3662611b04
Kotlin: Fix compilation_finished upgrade script
2022-05-10 19:51:31 +01:00
Ian Lynagh
b5572422df
Kotlin: Autoformat
2022-05-10 19:51:31 +01:00
Ian Lynagh
8b809459d9
Kotlin: Remove kotlin branch CI test
2022-05-10 19:51:31 +01:00
Ian Lynagh
ab2946cf10
Kotlin: Add release notes
2022-05-10 19:51:31 +01:00
Ian Lynagh
e1d832c2e9
Upgrades: All old diagnostics are generated by the Java extractor
2022-05-10 19:51:31 +01:00
Tamas Vajk
26dfca8010
Add DB upgrade scripts for diagnostics and compilation_finished
2022-05-10 19:51:31 +01:00
Tony Torralba
a5a31db835
Rename AnyEqualsExpr and AnyNotEqualsExpr
2022-05-10 19:51:31 +01:00
Tony Torralba
0e3db78eba
Make GeneratedFileMarker an instance of JavadocElement
2022-05-10 19:51:31 +01:00
Tamas Vajk
4f256d2958
Change LambdaExpr::asMethod to return the big-arity invoke instead of the wrapper
2022-05-10 19:51:31 +01:00
Ian Lynagh
af3bc4f44d
Kotlin: Apply review feedback
2022-05-10 19:51:31 +01:00
Ian Lynagh
2e3d2b8e11
Java: Use the Diagnostics class in DiagnosticsReporting.qll
...
We shouldn't use database types/tables directly in src/
2022-05-10 19:51:31 +01:00
Tamas Vajk
464d13775d
Add QL doc for LambdaExpr::isKotlinFunctionN
2022-05-10 19:51:31 +01:00
Ian Lynagh
1151f79eca
Kotlin: Apply some review feedback
2022-05-10 19:51:31 +01:00
Ian Lynagh
726a005cc2
Update java/ql/lib/semmle/code/java/Expr.qll
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-05-10 19:51:31 +01:00
Ian Lynagh
1a36b1ab53
Kotlin: Format queries
2022-05-10 19:51:31 +01:00
Ian Lynagh
efe3c0d1ea
Kotlin: Performance tweak
2022-05-10 19:51:30 +01:00
Ian Lynagh
653e74d181
Kotlin: Performance tweak
2022-05-10 19:51:30 +01:00
Ian Lynagh
b9be79473a
Kotlin: Performance tweak
2022-05-10 19:51:30 +01:00
Ian Lynagh
65afd0d776
Kotlin: Performance tweak
2022-05-10 19:51:30 +01:00
Ian Lynagh
f5c0b0ebfe
Kotlin: Performance tweak
2022-05-10 19:51:30 +01:00
Ian Lynagh
e0053cd471
Kotlin: qlformat a query
2022-05-10 19:51:30 +01:00
Ian Lynagh
bfe36558c1
Java/Kotlin: Update stats
2022-05-10 19:51:30 +01:00
Ian Lynagh
43035aef2d
Java: Add an upgrade script
2022-05-10 19:51:30 +01:00
Ian Lynagh
4a6c2c2914
Revert "Java: Add an upgrade script"
...
This reverts commit c964d3262bb344d6c8e55d9bf69ffe2291b2f2cf.
2022-05-10 19:51:30 +01:00
Tamas Vajk
e8b3bf55fa
Code quality improvements
2022-05-10 19:51:30 +01:00
Tamas Vajk
749d606f84
Fix expected file of useless null check test
2022-05-10 19:51:30 +01:00
Tamas Vajk
465a85bb8c
Explicitly check if a when expression is in the expected &&/|| form
2022-05-10 19:51:30 +01:00
Tamas Vajk
3af8273620
Modify extraction of &&/|| to resugar it from when expression
2022-05-10 19:51:30 +01:00
Tamas Vajk
d33224a058
Add test case for missing CFG successor
2022-05-10 19:51:30 +01:00
Tamas Vajk
b66a3141f6
Extract functions using their name from JvmName annotation
2022-05-10 19:51:30 +01:00
Tamas Vajk
a24753f552
Extract final modifier on local variables
2022-05-10 19:51:30 +01:00
Tamas Vajk
4efb87a7dd
Extract enum entry initializers
2022-05-10 19:51:30 +01:00
Ian Lynagh
2647a45239
Kotlin: Fix TypeVariableHidesType performance regression
2022-05-10 19:51:30 +01:00
Tamas Vajk
fc5229a0a5
Extract type access expression for static field access in initializer
2022-05-10 19:51:29 +01:00
Tamas Vajk
c6a75957e9
Fix expected files, fix type access extraction of file level static declarations
2022-05-10 19:51:29 +01:00
Tamas Vajk
1e529b2563
Add missing type access expression for static field accesses
2022-05-10 19:51:29 +01:00
Tamas Vajk
246f228a3b
Add static field access test
2022-05-10 19:51:29 +01:00
Tamas Vajk
f43296a157
Extract type access for enum value access
2022-05-10 19:51:29 +01:00
Tamas Vajk
b5c8d29e40
Extract enum field declarations
2022-05-10 19:51:29 +01:00
Tamas Vajk
d6cbcdc847
Extract type access expression for parameter types
2022-05-10 19:51:29 +01:00
Tamas Vajk
f557719fe5
Extract type access expression for function return types
2022-05-10 19:51:29 +01:00
Tamas Vajk
dcac285a99
Add type access tests
2022-05-10 19:51:29 +01:00
Chris Smowton
7ef9420bfd
Accept test changes
2022-05-10 19:51:29 +01:00
Chris Smowton
23e3bbea73
Fix: don't treat local classes as unspecialised
...
This shouldn't matter either way since they can't be subject to external references
2022-05-10 19:51:29 +01:00
Chris Smowton
4477482990
Share a class instance, not just a label
2022-05-10 19:51:29 +01:00
Chris Smowton
11fed0b4f8
Adjust test expectations
2022-05-10 19:51:29 +01:00
Chris Smowton
d63124a761
Extract a generic specialisation using its own type parameters in the same order like an unbound type
...
This replicates an oddity in the Java extractor that it doesn't differentiate a specialisation Generic<T1, T2, ...> from the unbound type, if T1, T2, ... are Generic's declared type variables occurring in the same order. For example, in `class MyList<T> { void addAll(MyList<T> param) { ... } }`, the type of `param` is an instantiated type, but
gets extracted as an unbound type. This commit can be reverted (except for the improvement to isUnspecialised) if/when that is fixed.
2022-05-10 19:51:29 +01:00
Chris Smowton
f3bd89a5cf
Adjust test expectations
2022-05-10 19:51:29 +01:00
Chris Smowton
375199508e
Always extract static initializers if a class has static members
...
This may not be necessary for anonymous objects, but it is certainly unrelated to `init { ... }` blocks.
2022-05-10 19:51:29 +01:00
Chris Smowton
e21a60bb4b
Only extract anonymous init blocks in an instance initializer context
2022-05-10 19:51:29 +01:00
Chris Smowton
a317dc4246
Extract field initializers
2022-05-10 19:51:29 +01:00
Chris Smowton
9e8e99f4c3
Add interface-delegate test
2022-05-10 19:51:28 +01:00
Chris Smowton
5219ead4d4
Plugin version selection: fix test polarity and use integer not string comparison
...
(Otherwise we'll think that 1.6.10 comes before 1.6.9, for example.) This now implements the desired test: pick a version that exactly matches major and minor versions and which is the least patchlevel that is >= the target compiler.
2022-05-10 19:51:28 +01:00
Chris Smowton
d8b163a589
Fix running on patchlevel versions below the highest of that minor version
...
(For example, picking 1.6.10 to match the host kotlinc when both 1.6.10 and 1.6.20 are available)
2022-05-10 19:51:28 +01:00
Chris Smowton
62f39d7a22
Add test expectation
2022-05-10 19:51:28 +01:00
Chris Smowton
bfe3722018
Extract synthetic coroutine classes
2022-05-10 19:51:28 +01:00
Chris Smowton
a740ead56d
Populate files table once per file, per trap file
...
Otherwise there's a chance the other trap file we're relying upon to populate the files table on our behalf gets overwritten (e.g. superceded by a newer .class file or more appropriate extractor) and we end up with a dangling reference.
This adds only populating the tables when the label is new, to avoid emitting files entries every single time a generic class specialisation is mentioned.
2022-05-10 19:51:28 +01:00
Ian Lynagh
b35b74779a
Revert "Fix CFG construction of ExprStmt and StmtExpr"
...
This reverts commit db8d718cdbf0bef9cdf246221a921b99d4b22bea.
It broke ql/java/ql/test/library-tests/successors/TestDeclarations
2022-05-10 19:51:28 +01:00
Ian Lynagh
d2f6871868
Revert "Fix ExprStmt and StmtExpr in Boolean context"
...
This reverts commit 8a42837578e1c4361ed25682312ea5497ad0a12e.
2022-05-10 19:51:28 +01:00
Ian Lynagh
3aa25013c8
C#: CastingExpr is no longer needed in the main libraries
2022-05-10 19:51:28 +01:00
Tamas Vajk
82b937dedd
Add query and script to plot CFG from DB
2022-05-10 19:51:28 +01:00
Tamas Vajk
037d66de15
Fix ExprStmt and StmtExpr in Boolean context
2022-05-10 19:51:28 +01:00
Ian Lynagh
385691287f
C#: Define CastingExpr
2022-05-10 19:51:28 +01:00
Tamas Vajk
8282e57db5
Fix CFG construction of ExprStmt and StmtExpr
2022-05-10 19:51:28 +01:00
Tamas Vajk
81cb81366b
Add test case for CFG issue with && in if condition
2022-05-10 19:51:28 +01:00
Tamas Vajk
10ef737a60
Adjust kotlin CI job
2022-05-10 19:51:28 +01:00
Tamas Vajk
953c6fdb7b
Fix expected test file
2022-05-10 19:51:28 +01:00
Tamas Vajk
47799ae040
Code quality improvements + add dedicated DeadRefTypes test
2022-05-10 19:51:28 +01:00
Tamas Vajk
cdc7ed0e14
Extract container of adapter function as compiler generated
2022-05-10 19:51:28 +01:00
Tamas Vajk
7f94495601
Add test for adapter function
2022-05-10 19:51:28 +01:00
Tamas Vajk
fc66b73e3b
Extract override modifier for lambda and reflection-like constructs
2022-05-10 19:51:28 +01:00
Tamas Vajk
505ccbbcf6
Extract override modifier
2022-05-10 19:51:28 +01:00
Tamas Vajk
92de139805
Add override tests
2022-05-10 19:51:27 +01:00
Tamas Vajk
ca99cb4999
Code quality improvements
2022-05-10 19:51:27 +01:00
Tamas Vajk
22af7f0e89
Remove duplications of locatable and element in the DB scheme
2022-05-10 19:51:27 +01:00
Ian Lynagh
400654d326
Kotlin: Add latest-url to kotlin_plugin_versions.py
2022-05-10 19:51:27 +01:00
Tamas Vajk
6ab86a1f46
Fix expected test files after 1.6.20 upgrade
2022-05-10 19:51:27 +01:00
Tamas Vajk
4e93134225
Add 1.6.20 support
2022-05-10 19:51:27 +01:00
Ian Lynagh
ff35088b49
Java: Add an upgrade script
2022-05-10 19:51:27 +01:00
Ian Lynagh
843310c466
Kotlin: Remove incorrect upgrade
2022-05-10 19:51:27 +01:00
Tamas Vajk
ad11b3e84a
Add consistency query to verify we always have qualifier for calls
2022-05-10 19:51:27 +01:00
Tamas Vajk
4f3e89dd49
Fix expected test file
2022-05-10 19:51:27 +01:00
Tamas Vajk
a1842f9f17
Remove ExtensionMethodAccess and revert all dataflow changes
2022-05-10 19:51:27 +01:00
Tamas Vajk
95cb0149a3
Fix data flow through ExtensionMethodAccess
2022-05-10 19:51:27 +01:00
Tamas Vajk
38ab7acf3e
Revert "Remove ExtensionMethodAccess to see extension method flows"
...
This reverts commit 9df4f2074379ba4668054a2a66eaaaaf5cb9b6c8.
2022-05-10 19:51:27 +01:00
Tamas Vajk
a9711b8c88
Remove ExtensionMethodAccess to see extension method flows
2022-05-10 19:51:27 +01:00
Tamas Vajk
6fccbaa93b
Add extension method dataflow tests
2022-05-10 19:51:27 +01:00
Ian Lynagh
fac3699a5b
Kotlin: Generate stats
2022-05-10 19:51:27 +01:00
Ian Lynagh
19270369c8
Java: Add an upgrade script
2022-05-10 19:51:27 +01:00
Ian Lynagh
c1629530e5
Kotlin: Fix build on Windows
2022-05-10 19:51:27 +01:00
Chris Smowton
de9648e515
Accept test changes
...
- generics gains extra excluded generic "specialisations" (specifically raw types)
- java_properties stops overwriting the Java extractor's output, which specifically flags isDefConstructor which kotlinc does not
- types naturally gains a lot of new raw types
2022-05-10 19:51:27 +01:00
Chris Smowton
239aab67b6
Populate the files table for generic class instances
...
This is because different instances might see the code in different locations (e.g., the class file exists in more than one jar) or with no location (seen as a .java file passed to kotlinc).
While I'm there, improve the order of checks and fix a trivial bug in withFileOfClass
2022-05-10 19:51:26 +01:00
Chris Smowton
db9ab22437
Erasure: produce raw types, not unbound types
...
This affects the trap labels for methods, and therefore consistency with the Java extractor.
TODO: check whether we can unify `erase` and `toRawType` entirely.
2022-05-10 19:51:26 +01:00
Chris Smowton
97d44d9583
Ensure external class extractions without a VirtualFile are lowest priority
...
Previously by using major version 0 to represent the no-virtual-file case these got highest priority. This meant that a class extracted relating to a .java file seen by the Kotlin compiler, which necessarily lacks a useful source-location, was highest priority. Now that should get overwritten whenever anybody sees it in the form of a .class
file, since this will have version information.
This should in particular eliminate the case where a generic class is extracted with no useful source location (based on .java source), then generic instances are extracted with a useful source location (based on a .class source), but the location isn't in the database.
2022-05-10 19:51:26 +01:00
Tamas Vajk
613d81d231
Extract static modifier and missing type access qualifier for static calls
2022-05-10 19:51:26 +01:00
Ian Lynagh
4cfda638cb
Kotlin: Use -Xopt-in=kotlin.RequiresOptIn when compiling
2022-05-10 19:51:26 +01:00
Ian Lynagh
37cf36bc33
Kotlin: useDeclarationParent: Don't use fakeLabel
2022-05-10 19:51:26 +01:00
Ian Lynagh
5c8e0ff49b
Kotlin: extractTypeParameter: Don't use fakeLabel
2022-05-10 19:51:26 +01:00
Tamás Vajk
48b6c61fdb
Quality improvement: add explicit this in QL
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
2022-05-10 19:51:26 +01:00
Tamas Vajk
e0afaa462e
Fix Parameter.getACallArgument for parameters of extension methods
2022-05-10 19:51:26 +01:00
Ian Lynagh
1e8d077522
Kotlin: Fix some warnings
2022-05-10 19:51:26 +01:00
Ian Lynagh
f75e711474
Kotlin: Make the build noisier
...
We need to capture output for some commands we run during the build,
but this ended up being refactored so that we ate the output for all
commands. This means that we don't see warnings from the compiler.
Now we not only show the output, but we also print what commands we are
running.
2022-05-10 19:51:26 +01:00
Ian Lynagh
05c062da99
Kotlin: Stop useValueDeclaration returning fakeLabel
2022-05-10 19:51:26 +01:00
Ian Lynagh
c5e73cd6df
Kotlin: Add TypeResult.cast()
2022-05-10 19:51:26 +01:00
Ian Lynagh
86c31cb2e8
Kotlin: Add Label.cast()
2022-05-10 19:51:26 +01:00
Tamas Vajk
c89f3163f9
Revert PrintAst changes related to wrong locations
2022-05-10 19:51:26 +01:00
Tamas Vajk
026ce2a27a
Fix location of parameters in methods of parameterized types
2022-05-10 19:51:26 +01:00
Tamas Vajk
bfcd553c6c
Change location of properties inside parameterized types
2022-05-10 19:51:26 +01:00
Tamas Vajk
0726b6410f
Change location of methods inside parameterized types
2022-05-10 19:51:26 +01:00
Tamas Vajk
3813e6fc10
Fix expected files
2022-05-10 19:51:26 +01:00
Tamas Vajk
acb310e46a
Change parameterized type location to the class file
2022-05-10 19:51:26 +01:00
Tamas Vajk
53f484cd98
Add test for inconsistent generic instantiation locations
2022-05-10 19:51:26 +01:00
Tamas Vajk
49bf53da5d
Make extracted file class public and final
2022-05-10 19:51:25 +01:00
Ian Lynagh
77fec17a36
Kotlin: Autoformat QL
2022-05-10 19:51:25 +01:00
Ian Lynagh
c5e3aefe10
Kotlin: Fix build on Mac (Arm)
...
We were getting:
$ echo foo > bar
$ jar -c -f baz.jar bar
-f : no such file or directory
baz.jar : no such file or directory
K-*��ϳR0�3��r.JM,IM�u�MEX��)h8������y�xk�r�rPYJO�?y_wTbarK���P�e2`wT META-INF/�`wTYJO�??=META-INF/MANIFEST.My_wT�e2~�barPK��
2022-05-10 19:51:25 +01:00
Ian Lynagh
7c571dd551
Kotlin: Allow decoding errors
...
If an error happens, we'd rather see /something/ than get a decoding
error.
2022-05-10 19:51:25 +01:00
Ian Lynagh
aed32cd69b
C#: Autoformat
2022-05-10 19:51:25 +01:00
Tony Torralba
f8ad93a530
Add test case for local variable in anonymous init
...
Also fix another instance of the same issue in extractLocalTypeDeclStmt
2022-05-10 19:51:25 +01:00
Tony Torralba
1926bef050
Don't extract static init when the class already contains an anonymous init
2022-05-10 19:51:25 +01:00
Tony Torralba
3920b64d62
Add support for live literals
2022-05-10 19:51:25 +01:00
Tony Torralba
1f812f856c
Extract static initializers of inner classes
2022-05-10 19:51:25 +01:00
Tamas Vajk
8c50e857e4
Add comments to clarify JVM type substitution for invoke methods
2022-05-10 19:51:25 +01:00
Tamas Vajk
1317d2d578
Fix DB inconsistencies with KFunction and KFunction::invoke call extraction
2022-05-10 19:51:25 +01:00
Tamas Vajk
0b4cf6ec82
Adjust extractEnclosingClass extraction
2022-05-10 19:51:25 +01:00
Tamas Vajk
44c8249a33
Remove outdated TODO comments
2022-05-10 19:51:25 +01:00
Tamas Vajk
5f729f8131
Merge two implementation of enclosing class extraction
2022-05-10 19:51:25 +01:00
Tamas Vajk
fe9333898f
Minor code quality improvements
2022-05-10 19:51:25 +01:00
Tamas Vajk
f12bcc5715
Add dataflow test for property reference being used as lambda
2022-05-10 19:51:25 +01:00
Tamas Vajk
257224aa59
Change base class of property reference classes
2022-05-10 19:51:25 +01:00
Tamas Vajk
cf0be05b44
Add property reference invoke method implementation
2022-05-10 19:51:25 +01:00
Tamas Vajk
abcb367495
Add dataflow tests for lambda-like constructs
...
This commit adds tests for dataflow involving lambdas, big-arity lambdas, SAM conversions, and function references.
2022-05-10 19:51:25 +01:00
Chris Smowton
aab271d81e
Fix extraction of data classes with array members
...
These use compiler-internal intrinsics at the IR layer, which are later lowered to java.util.Arrays calls. This performs that lowering in the same manner.
2022-05-10 19:51:25 +01:00
Chris Smowton
ae2ca183cc
Improve logging when function resolution fails
2022-05-10 19:51:25 +01:00
Ian Lynagh
7dfd99d873
Kotlin: Accept test changes
2022-05-10 19:51:25 +01:00
Ian Lynagh
dbc5e73709
Kotlin: Add a test for annotation classes
2022-05-10 19:51:24 +01:00
Ian Lynagh
34f8d9b9b7
Kotlin: Handle annotation classes
...
Fixes:
[TYPES_NOT_DISJOINT] Base types @class and @interface are not disjoint. A common value is 225832
Relevant element: id=225832
Full ID for 225832: @"class;kotlin.internal.LowPriorityInOverloadResolution"
when Kotlin and Java both see such a class.
2022-05-10 19:51:24 +01:00
Ian Lynagh
b4d04f62b2
Kotlin: Log to the right TRAP file
...
Diagnostics for external classes were ending up in the source file's
TRAP file, and then breaking because `#compilation` isn't defined.
2022-05-10 19:51:24 +01:00
Tamas Vajk
91b7de42ad
Make generated invoke/get/set public
...
The generated `invoke`/`get`/`set` methods are implementing interface members, so they need to be `public`.
2022-05-10 19:51:24 +01:00
Tamas Vajk
878352f69c
Add test for checking generated invoke/get/set visibility
2022-05-10 19:51:24 +01:00
Chris Smowton
61b0efb401
Add test case
2022-05-10 19:51:24 +01:00
Chris Smowton
96908d153d
Accept and amend check for anonymous types with type parameters
2022-05-10 19:51:24 +01:00
Chris Smowton
c0f3988aaa
Tolerate nullable references to anonymous classes
...
This also adds a test case illustrating when this can arise
2022-05-10 19:51:24 +01:00
Chris Smowton
8d6ae50d21
Don't try to assign comments to fake overrides
2022-05-10 19:51:24 +01:00
Chris Smowton
613e6b29a9
Don't log every time a type alias is ignored
...
This is a known TODO; runtime output not required.
2022-05-10 19:51:24 +01:00
Tamas Vajk
5a5d0e15eb
Extract calls to big-arity lambda's invoke by converting the artificial invoke to the existing one
...
Big arity lambda calls in IR look like standard method calls to an `invoke` with N arguments. However, this method doesn't exist in JVM, so instead we need to extract a call to `FunctionN.invoke(Object[])`.
2022-05-10 19:51:24 +01:00
Tamas Vajk
c6bc501207
Fix expected test file
2022-05-10 19:51:24 +01:00
Tamas Vajk
222f2415e2
Fix local function reference extraction
2022-05-10 19:51:24 +01:00
Ian Lynagh
62d9b85b46
Kotlin: This might fix building on Windows
2022-05-10 19:51:24 +01:00
Ian Lynagh
967619f26a
Kotlin: Remove non-ascii character
2022-05-10 19:51:24 +01:00
Ian Lynagh
f138ba5246
C#/Kotlin: Sync SignAnalysisCommon.qll
2022-05-10 19:51:24 +01:00
Chris Smowton
9f294d1ecd
Adjust more test expectations
2022-05-10 19:51:24 +01:00
Chris Smowton
2ea1a6c1f0
Adjust test expectations
...
These all just refer to re-adding empty blocks for classes whose constructors have no initializer statements for simplicity's sake.
2022-05-10 19:51:24 +01:00
Chris Smowton
35d213afc0
Extract varargs constructors
2022-05-10 19:51:24 +01:00
Chris Smowton
e24d78ae14
Create instance variable initializer block eagerly
...
Otherwise when the init block is followed by other constructor statements we can get a gap in a BasicBlock's child sequence due to the child init block never getting created at all.
2022-05-10 19:51:23 +01:00
Chris Smowton
9fd9894f6a
Move abbreviation to external-decl extractor; record full signature.
2022-05-10 19:51:23 +01:00
Chris Smowton
1a656af96a
Make truncation consistent
2022-05-10 19:51:23 +01:00
Chris Smowton
1b91a35df0
Truncate (but keep unique-ish) the names of very long file declarations
2022-05-10 19:51:23 +01:00
Tamas Vajk
b26044b327
Change extension receiver this access to be a parameter access
2022-05-10 19:51:23 +01:00
Tamas Vajk
21f6867cd4
Add test cases for delegating properties to other properties
2022-05-10 19:51:23 +01:00
Tamas Vajk
2f0ad50c08
Adjust trap file names of external file class declarations
2022-05-10 19:51:23 +01:00
Tamas Vajk
f5383bbc17
Add extension receiver type to function signature in trap file names
2022-05-10 19:51:23 +01:00
Ian Lynagh
61728e6a69
Kotlin: Tweak kotlin_plugin_versions.py
2022-05-10 19:51:23 +01:00
Ian Lynagh
0610917435
Kotlin: Workaround for CI on Windows
2022-05-10 19:51:23 +01:00
Ian Lynagh
ef5950197d
Kotlin: Broaden isFake
2022-05-10 19:51:23 +01:00
Ian Lynagh
aee74dd570
Kotlin: Be more consistent in how we deal with "fake" elements
2022-05-10 19:51:23 +01:00
Ian Lynagh
8f85f5552b
Kotlin: Accept test changes
2022-05-10 19:51:23 +01:00
Ian Lynagh
1ff6ada955
Kotlin: Tweak logging
2022-05-10 19:51:23 +01:00
Tamas Vajk
d6feb58bfc
Fix property references to fake overrides
2022-05-10 19:51:23 +01:00
Tony Torralba
4eb1e3a47b
Update ExtensionMethodAccess QLDoc
2022-05-10 19:51:23 +01:00
Tony Torralba
fcb334180d
Create ExtensionMethodAccess class
2022-05-10 19:51:23 +01:00
Ian Lynagh
270beecef5
Kotlin: Write diagnostics to the write TRAP file
...
When a TRAP writer wrote a warning, it was going to the wrong TRAP
file.
2022-05-10 19:51:23 +01:00
Ian Lynagh
62ce28eb68
Kotlin: Populate diagnostic_for
2022-05-10 19:51:23 +01:00
Tamas Vajk
ac3c635fe3
Extract set function for field accessing property references
2022-05-10 19:51:23 +01:00
Tamas Vajk
a6f036d94e
Extract property references with only backing field
2022-05-10 19:51:23 +01:00
Tamas Vajk
90ca47a46b
Extract local delegated property reference
2022-05-10 19:51:23 +01:00
Ian Lynagh
47d8eb458e
Kotlin: Improve top-level error handling
2022-05-10 19:51:23 +01:00
Ian Lynagh
a653054eb3
Kotlin: Make sure the context is empty when it should be
2022-05-10 19:51:23 +01:00
Ian Lynagh
3f4f0e5bec
Kotlin: Accept test changes
2022-05-10 19:51:22 +01:00
Ian Lynagh
43a92f60b2
Kotlin: Give context to diagnostics
...
We now get e.g.
[2022-03-09 13:59:04 K] [ERROR] Diagnostic(com.github.codeql.KotlinUsesExtractor.useSimpleType(KotlinUsesExtractor.kt:505)): Type alias ignored for <root>.Test<kotlin.String>{ <root>.Alias1<kotlin.String> }
...while extracting a function at file:///home/ian/code/dev/ql/java/ql/test/kotlin/library-tests/type_aliases/aliases_with_type_parameters.kt:7:1:7:41
...while extracting a function if real at file:///home/ian/code/dev/ql/java/ql/test/kotlin/library-tests/type_aliases/aliases_with_type_parameters.kt:7:1:7:41
...while extracting a declaration at file:///home/ian/code/dev/ql/java/ql/test/kotlin/library-tests/type_aliases/aliases_with_type_parameters.kt:7:1:7:41
...while extracting a file at file:///home/ian/code/dev/ql/java/ql/test/kotlin/library-tests/type_aliases/aliases_with_type_parameters.kt:1:1:8:0
2022-05-10 19:51:22 +01:00
Tamas Vajk
a7e6ec9d02
Add test case for delegated properties initialized through provideDelegate operator
2022-05-10 19:51:22 +01:00
Tamas Vajk
a3992950b1
Add delegated property call tests
2022-05-10 19:51:22 +01:00
Tamas Vajk
126d780f34
Add delegated property declaration test
2022-05-10 19:51:22 +01:00
Tony Torralba
a6326b69dc
Update java/ql/lib/config/semmlecode.dbscheme
...
Apply suggestion by @igfoo
Co-authored-by: Ian Lynagh <igfoo@github.com >
2022-05-10 19:51:22 +01:00
Tony Torralba
64531dd717
Fix AST representation of WhenExpr and WhenBranch
2022-05-10 19:51:22 +01:00
Tony Torralba
4b22e1a378
Extract WhenBranch as Stmt
2022-05-10 19:51:22 +01:00
Tony Torralba
10ab11cdf7
Handle WhenBranch CFG properly
2022-05-10 19:51:22 +01:00
Tony Torralba
5ea3228768
Fix test expectations
2022-05-10 19:51:22 +01:00
Tony Torralba
9735423c79
Fix WhenExpr flow
2022-05-10 19:51:22 +01:00
Tony Torralba
5979981199
Add test for missing WhenExpr flow
2022-05-10 19:51:22 +01:00
Tamas Vajk
d4701d72d9
Add DelegatedProperty QL class and use it in tests
2022-05-10 19:51:22 +01:00
Tamas Vajk
0ba2daf31a
Adjust extraction to reuse KtProperty* relations
2022-05-10 19:51:22 +01:00
Tamas Vajk
78b4c9403d
Add lazy local delegated property test case
2022-05-10 19:51:22 +01:00
Tamas Vajk
f8343b8cc7
Extract local delegated properties
2022-05-10 19:51:22 +01:00
Chris Smowton
48b99cf55c
Don't try to attribute comments to the implicit this parameter.
2022-05-10 19:51:22 +01:00
Chris Smowton
6abb2529f5
Extract a clinit method for Kotlin files
2022-05-10 19:51:22 +01:00
Tamas Vajk
2d0bb43efe
Do not extract local function containers as anonymous classes
2022-05-10 19:51:22 +01:00
Tamas Vajk
9597932112
Add test that calls a local function multiple times
2022-05-10 19:51:22 +01:00
Ian Lynagh
ea74803053
Kotlin: Add a comment
2022-05-10 19:51:22 +01:00
Ian Lynagh
44375fe1ae
Kotlin: Add LoggerBase to the list of logging classes
2022-05-10 19:51:22 +01:00
Ian Lynagh
79c2ce7f1c
Kotlin: Add tags to log messages (WARN, INFO, etc)
...
Makes it easier to see what's going on
2022-05-10 19:51:21 +01:00
Ian Lynagh
84c7b2310a
Kotlin: Catch all Throwables
...
We want to try to continue even if we hit a stack overflow or an
assertion error.
2022-05-10 19:51:21 +01:00
Chris Smowton
8f929e2498
Avoid recursion through extractFunctionLaterIfExternalFileMember -> useType -> useDeclarationParent
2022-05-10 19:51:21 +01:00
Chris Smowton
1835022c84
Extract external file declarations to individual trap files
2022-05-10 19:51:21 +01:00
Ian Lynagh
2551bb58da
Kotlin: Add a test of recursive instantiations
...
This used to cause a stack overflow
2022-05-10 19:51:21 +01:00
Ian Lynagh
0d79dfc412
Kotlin: Add a test of recursive instantiations
...
This used to cause a stack overflow
2022-05-10 19:51:21 +01:00
Ian Lynagh
90f7cc1223
Kotlin: Move anonymousTypeMapping and locallyVisibleFunctionLabelMapping
...
They're now in LabelManager, so they are shared between extractors.
2022-05-10 19:51:21 +01:00
Ian Lynagh
aad9e5601a
Kotlin: Keep our own stack of extractor contexts
...
For now we only use its length, but in the future we might use this to
give more informatino about the cause of warnings.
2022-05-10 19:51:21 +01:00
Ian Lynagh
9c2df20117
Kotlin: When verbose, make with log when it starts and finishes doing something
2022-05-10 19:51:21 +01:00
Ian Lynagh
8b56302644
Kotlin: Add a concept of 'verbosity'
2022-05-10 19:51:21 +01:00
Ian Lynagh
cffcff93a8
Kotlin: Add a log message
2022-05-10 19:51:21 +01:00
Tamas Vajk
57d4d8e2a8
Code quality improvements
2022-05-10 19:51:21 +01:00
Tamas Vajk
7b2b40cc86
Fix type access extraction of nested generic constructor references
2022-05-10 19:51:21 +01:00
Tamas Vajk
46af85621a
Add nested generic constructor reference test
2022-05-10 19:51:21 +01:00
Tamas Vajk
5e1ebb2545
Fix generic constructor reference extraction
2022-05-10 19:51:21 +01:00
Tamas Vajk
415fcaf605
Add generic constructor reference test
2022-05-10 19:51:21 +01:00
Tamas Vajk
b228ac4814
Code quality improvements
2022-05-10 19:51:21 +01:00
Tamas Vajk
91409534e2
Unify parameter order in type access extraction functions
2022-05-10 19:51:21 +01:00
Tamas Vajk
a8f595c50a
Refactor type access extraction
2022-05-10 19:51:21 +01:00
Tamas Vajk
92e59a3ae1
Add SAM conversion tests
2022-05-10 19:51:21 +01:00
Tamas Vajk
eebfe56c95
Extract more type access expressions
2022-05-10 19:51:21 +01:00
Tamas Vajk
f730aa12b6
Refactor type access extraction for function references and lambdas
2022-05-10 19:51:21 +01:00
Tamas Vajk
a70ade224f
Fix (generic) type access extraction for lambdas
2022-05-10 19:51:21 +01:00
Ian Lynagh
a8c94c500e
Kotlin: Simplify PrimitiveTypeInfo
...
Removes a load of argument-passing
2022-05-10 19:51:20 +01:00
Ian Lynagh
0bf1ff9f2f
Kotlin: Comments and tweaks in Label
2022-05-10 19:51:20 +01:00
Ian Lynagh
2c5dc42db4
Kotlin: Comments and tweaks to TrapWriter.
2022-05-10 19:51:20 +01:00
Ian Lynagh
b1ebcdd524
Kotlin: Add some warnings
2022-05-10 19:51:20 +01:00
Tamas Vajk
4af12e7c9d
Change array.get calls to array indexing in FunctionN.invoke body
2022-05-10 19:51:20 +01:00
Tony Torralba
2da98148dc
Add NotNullExpr flow
2022-05-10 19:51:20 +01:00
Tony Torralba
cf5152baa2
Add test for NotNullExpr flow
2022-05-10 19:51:20 +01:00
Tamas Vajk
4e18974889
Fix type access expression extraction for function/property references
2022-05-10 19:51:20 +01:00
Chris Smowton
73c5f8c591
Accept more test changes
2022-05-10 19:51:20 +01:00
Chris Smowton
f513fdce7b
Accept test changes
2022-05-10 19:51:20 +01:00
Chris Smowton
dc64b536b3
Ensure that initializers are only printed once in a PrintAst run
...
Otherwise the output becomes a DAG not a tree. Java achieves the same by omitting all PrintAst of `<obinit>` routines.
2022-05-10 19:51:20 +01:00
Chris Smowton
13cd145a76
Retain Member.getInitializer for Kotlin programs
...
I opt to identify any syntactic initializer. These are broader in scope than Java's member initializers, which are necessarily context-free, whereas in Kotlin the primary constructor's parameters can be referred to.
2022-05-10 19:51:20 +01:00
Chris Smowton
37543e7a86
Switch to expanding property initializers and init blocks in-place
...
Pros:
* <obinit> no longer emitted: one less function per class
* Parameters to the primary constructor, if any, are no longer referred to out of scope
* Simple primary constructor `val` and `var` declarations work as expected
Cons:
* If there are multiple secondary constructors, no primary constructor and long init blocks, there could be considerable duplicate extraction of those init blocks. Hopefully this case is very rare.
2022-05-10 19:51:20 +01:00
Ian Lynagh
af7d809b8a
Kotlin: Log to a file, not stdout
...
We shouldn't interfere with a build's stdout
2022-05-10 19:51:20 +01:00
Ian Lynagh
a112e9ab5c
Kotlin: Add conditional dumping
2022-05-10 19:51:20 +01:00
Chris Smowton
8d8a2482f1
Accept test changes
...
These are just ordering changes because the bounds of assignment statements relative to their operands have changed.
2022-05-10 19:51:20 +01:00
Chris Smowton
789fe971e4
Fix locations and enclosing statement/callable for assignments
2022-05-10 19:51:20 +01:00
Ian Lynagh
cc0f5d8700
Kotlin: KotlinExtractorExtension tweaks
...
Added/fixed a load of comments.
Adjusted some function visibilities.
2022-05-10 19:51:20 +01:00
Tamas Vajk
67be6a18de
Fix generic callable bindings inside invoke methods
2022-05-10 19:51:20 +01:00
Tamas Vajk
6742496fe3
Get type arguments for property/function references
2022-05-10 19:51:20 +01:00
Tamas Vajk
4b55dce0e9
Add generic function and property reference test cases
2022-05-10 19:51:20 +01:00
Tamas Vajk
18812c810c
Add PropertyRefExpr QL class, change extraction to use it, and add tests
2022-05-10 19:51:19 +01:00
Tamas Vajk
5fea49a3c9
Merge function and property reference extraction logic in helper class
2022-05-10 19:51:19 +01:00
Tamas Vajk
b4b1976bc4
Add get/set method extraction for property references
2022-05-10 19:51:19 +01:00
Tamas Vajk
4ce813a720
Extract anonymous class for property references (class, constructor, call to constructor, optional parameters)
2022-05-10 19:51:19 +01:00
Tamas Vajk
d057530584
Add property reference tests
2022-05-10 19:51:19 +01:00
Chris Smowton
f3b92e7549
Explain why there is no syntheticToRealPropertyMap
2022-05-10 19:51:19 +01:00
Chris Smowton
110a2c7b87
Try our best to fix up the truncated class graph exposed by the Kotlin Android extensions plugin
2022-05-10 19:51:19 +01:00
Chris Smowton
2d1308980a
Remove accidentally committed change
2022-05-10 19:51:19 +01:00
Chris Smowton
9671668782
Remove accidentally committed change
2022-05-10 19:51:19 +01:00
Chris Smowton
dbb7b0bbf0
Update control-flow test expectations
2022-05-10 19:51:19 +01:00
Chris Smowton
5fe65ed983
Extract no-when-branch-found calls
...
These are extracted as "throw new kotlin.NoWhenBranchFoundException();", which is the Java lowering of the intrinsic.
In the process, amend the control-flow graph to let when branches propagate `throw`s outwards, and similarly statement expressions.
2022-05-10 19:51:19 +01:00
Ian Lynagh
d09dff482c
Kotlin: Add diagnostics table to the 'trap' test
2022-05-10 19:51:19 +01:00
Ian Lynagh
a512ee7ac1
Kotlin: Extend long-comment test
2022-05-10 19:51:19 +01:00
Ian Lynagh
f8673d86b5
Kotlin: Don't double-escape TRAP strings
...
The TrapWriter.write* functions are going to escape them for us.
2022-05-10 19:51:19 +01:00
Ian Lynagh
4454ef7f95
Kotlin: Add tests for long comments
2022-05-10 19:51:18 +01:00
Ian Lynagh
9af99c584e
Kotlin: Tweak test
2022-05-10 19:51:18 +01:00
Ian Lynagh
dc7f8a6a5a
Kotlin: Refactor TrapWriter/Logger
...
It's now Tpossible for TrapWriter to log warnings. This required a
little juggling to break the dependency loop between the two classes.
2022-05-10 19:51:18 +01:00
Ian Lynagh
1d824a4e2f
Kotlin: Add a test for truncated literals
2022-05-10 19:51:18 +01:00
Ian Lynagh
6c19409804
Java/Kotlin: Add Diagnostics.qll
2022-05-10 19:51:18 +01:00
Ian Lynagh
0e689a9d35
Kotlin: Avoid name clash
2022-05-10 19:51:18 +01:00
Chris Smowton
da159d7239
Add test showing assign expressions
2022-05-10 19:51:18 +01:00
Chris Smowton
7cb6e19e44
Extract array update operations
...
These are of the form arrExpr[indexExpr] op= rhs
2022-05-10 19:51:18 +01:00
Tamas Vajk
d9c72b1c04
Fix changed expected file
2022-05-10 19:51:18 +01:00
Tamas Vajk
ff5bbee75a
Change extracted base type of function references
2022-05-10 19:51:18 +01:00
Tamas Vajk
55428c0c3c
Update test
2022-05-10 19:51:18 +01:00
Tamas Vajk
42803a161c
WIP: add test for reflective calls
2022-05-10 19:51:18 +01:00
Tony Torralba
c4c254587e
Add StmtExpr flow
2022-05-10 19:51:18 +01:00
Tony Torralba
b626e80a61
Add test for StmtExpr flow
2022-05-10 19:51:18 +01:00
Chris Smowton
8af0f26411
Extract simple in-place operators
...
Complex in-place operators (someFieldOrArrayCell += e) get a harder-to-parse lowering which needs to be intercepted at the IrBlock level
2022-05-10 19:51:18 +01:00
Chris Smowton
2fb54de269
Extract ordinary array get and set operations as ArrayAccesses, not calls
2022-05-10 19:51:18 +01:00
Tamas Vajk
387e8db161
Minor code quality improvements
2022-05-10 19:51:18 +01:00
Tamas Vajk
6154c2be18
Change arguments of big arity invoke call
2022-05-10 19:51:18 +01:00
Tamas Vajk
3f2c275e5f
Fix functional interface selection
2022-05-10 19:51:18 +01:00
Tamas Vajk
46bd6b096e
Add big arity SAM conversion test case
2022-05-10 19:51:18 +01:00
Tamas Vajk
8ab4335562
Add some error handling
2022-05-10 19:51:17 +01:00
Tamas Vajk
a598c7fc0c
Rework SAM conversion extraction (handle arbitrary expression that's being converted)
2022-05-10 19:51:17 +01:00
Tamas Vajk
34ae00fa62
Extract SAM lambda conversion
2022-05-10 19:51:17 +01:00
Chris Smowton
377a0f91f0
Add missing times operator
2022-05-10 19:51:17 +01:00
Chris Smowton
96f3ea460f
Make varargs extraction more Java-like:
...
* Extract varargs as if they are ordinary positional arguments
* Adapt the QL that distinguishes varargs from ordinary arguments to account for Kotlin's varargs which can occur in the middle of the arg list
* Add a test checking dataflow through varargs which doesn't work yet due to array-get and array-set not being extracted as IndexExprs
* Extract the special case arrayOf(*x) as a clone call, which is (equivalent to) the Java lowering of that operation
2022-05-10 19:51:17 +01:00
Chris Smowton
7368b49b16
Implement Any?.String using java.lang.String.valueOf
...
This is how kotlinc does it, and doesn't involve an unchecked null deref like the existing use of Object.toString.
2022-05-10 19:51:17 +01:00
Tamas Vajk
616f20fa52
Handle more cases of qualified this references
2022-05-10 19:51:17 +01:00
Chris Smowton
7fe260c1a2
Convert type-parameter-out-of-scope warning into consistency query
...
The warning in the extractor is inaccurate due to references to enclosing types' type parameters. A consistency query can check that the type parameter is indeed in scope exploiting broader knowledge of the enclosing types.
2022-05-10 19:51:17 +01:00
Chris Smowton
36356c2937
Make IntelliJ parse block TODO properly
2022-05-10 19:51:17 +01:00
Chris Smowton
2a6afff8ba
Remove TODO for method source-declarations
...
This was resolved when method type arguments were implemented.
2022-05-10 19:51:17 +01:00
Chris Smowton
1ecbf8e84b
Clean up and document erase function
2022-05-10 19:51:17 +01:00
Chris Smowton
65f3016a13
Note class-labelling todos resolved
...
Type arguments: yes outer classes can have arguments; they are appended after the full name.
String concatenation: this used to be worse before this unquoted version of the function existed; I think that's what the comment was complaining about.
2022-05-10 19:51:17 +01:00
Chris Smowton
7389e5d687
Note array type signatures are correctly extracted
2022-05-10 19:51:17 +01:00
Chris Smowton
38ad86f850
Note type substitution TODO done
...
`getUnquotedClassLabel` uses `useType` on its args to get their labels; consequently they get substituted for Java types as required.
2022-05-10 19:51:17 +01:00
Chris Smowton
d103bf65bd
Remove inapplicable TODO re: K<->J type substitution
...
Turns out the two use cases the TODO worried about are already taken care of: `Unit` is replaced with `void` only in contexts where primitives can be used, and `List` and similar only have incompatible extension methods, which are declared by `CollectionsKt` not `List`. This is likely deliberate to enable the Kotlin <-> Java substitution to be implemented simply by kotlinc.
2022-05-10 19:51:17 +01:00
Chris Smowton
d593185a8c
Quieten errors relating to generic type aliases
...
Turns out type aliases are always substituted by the compiler, with the `IrSimpleType.abbreviation` field indicating what the original alias was if any. Therefore we're already extracting the right types. This commit simply omits extracting a kt_type for a type alias that uses type parameters as this certainly won't work at present because we don't have IrTypes for the type parameters declared by the alias and used in its RHS.
2022-05-10 19:51:17 +01:00
Chris Smowton
1d47ea30eb
Remove unused function
2022-05-10 19:51:17 +01:00
Chris Smowton
f6db91f294
Update test expectations
2022-05-10 19:51:17 +01:00
Chris Smowton
7dec3f4835
Use EqualityTest for either value or ref comparions, and ReferenceEqualityTest for strictly ref comparison.
2022-05-10 19:51:17 +01:00
Chris Smowton
f95effcf82
Always extract ValueEQ/NEExpr for Kotlin ==/!=
...
I introduce AnyEqualsExpr for either reference or value equality and AnyEqualityTest for the same concept including not-equals operators, and use them wherever the written QL clearly doesn't care about the difference between reference and value comparison, typically because it is concerned with testing against null or against a primitive constant.
2022-05-10 19:51:17 +01:00
Chris Smowton
a120fab9f7
Complete implementation of equality tests
...
- Create a new operator representing an infix value [in]equality test, equivalent to Objects.equals(lhs, rhs)
- Continue to use simple equality where it is clearly possible at the callsite
- Note that ieee754equals is the same as Java's == and != operators
2022-05-10 19:51:17 +01:00
Chris Smowton
b339cf7f2b
Restore CI_TOKEN secret
2022-05-10 19:51:16 +01:00
Chris Smowton
658e6f4009
Try no token
2022-05-10 19:51:16 +01:00
Chris Smowton
f870805c0c
Create test-kotlin.yml
2022-05-10 19:51:16 +01:00
Ian Lynagh
97793b58cd
Kotlin: Tweak diagnostic writing
...
In particular, we now write full exception information, so we can
diagnose problems.
We were using `warn` to log errors in some cases, and generally using
lower-level functions than necessary. We now use the appropriate
functions. I've lost the distinction between e.g. ErrorHigh and ErrorSevere
in this, but we can add it back if it's important.
2022-05-10 19:51:16 +01:00
Ian Lynagh
48c4438a78
Kotlin: Rename the final warn function to diagnostic
2022-05-10 19:51:16 +01:00
Ian Lynagh
ee9f9bb07e
Kotlin: Move a function
2022-05-10 19:51:16 +01:00
Ian Lynagh
79f80e6541
Kotlin: Rename CODEQL_EXTRACTOR_KOTLIN_WARNING_LIMIT to CODEQL_EXTRACTOR_KOTLIN_DIAGNOSTIC_LIMIT
2022-05-10 19:51:16 +01:00
Ian Lynagh
a25b411dd0
Kotlin: Rename "warning" to "diagnostic" a lot
2022-05-10 19:51:16 +01:00
Ian Lynagh
458cb850a7
Kotlin: Accept test changes
2022-05-10 19:51:16 +01:00
Ian Lynagh
9296bf3079
Kotlin: Write extractor name to TRAP file metadata
2022-05-10 19:51:16 +01:00
Chris Smowton
629af664c6
Explicitly specify whether a dispatch or an extension receiver is intended
2022-05-10 19:51:16 +01:00
Chris Smowton
377bd8f2e9
Extract String?.plus as either an AddExpr or a call to an intrinsic
...
If it is used by the compiler to implement the infix plus operator, resugar it and extract a `+` as Java would. If it is literally called by the user (e.g. `(if (x) then "not null" else null).plus(something)`), then extract a call to the real method Intrinsics.stringPlus (a two-arg static method).
2022-05-10 19:51:16 +01:00
Chris Smowton
93e8d5a2d6
Add tests for mutually-recursive types
2022-05-10 19:51:16 +01:00
Chris Smowton
8bb23651ae
Extract type parameter bounds
2022-05-10 19:51:16 +01:00
Tamas Vajk
ec5bc8dad5
Add workaround for unbound symbols (get stub from descriptor)
2022-05-10 19:51:16 +01:00
Tamas Vajk
2965e780cc
Add local dataflow test for string templates
2022-05-10 19:51:16 +01:00
Tony Torralba
6bd6097ed1
Add taint step for StringTemplateExpr
2022-05-10 19:51:16 +01:00
Tamas Vajk
b7914ed77b
Code quality improvements
2022-05-10 19:51:16 +01:00
Tamas Vajk
695b3a6dbd
Add fallback symbol lookup for IrFunctionReference extraction
2022-05-10 19:51:16 +01:00
Tamas Vajk
d495badc1e
Rename companion object QL class
2022-05-10 19:51:16 +01:00
Tamas Vajk
535610452f
Fix missing newline in DB scheme generator
2022-05-10 19:51:16 +01:00
Chris Smowton
b9d8fe72f0
TRAP formatting: adopt Java's standards
...
* Encode dates with D"" strings
* Truncate exceedingly long string values
* Note that floats don't require any special handling
2022-05-10 19:51:16 +01:00
Tamas Vajk
4adf5829e4
Fix expected files
2022-05-10 19:51:16 +01:00
Tamas Vajk
9ff9bbe1c5
Fix merge conflict
2022-05-10 19:51:16 +01:00
Tamas Vajk
b4beddf2f9
Introduce cast for <unsafe-coerce> calls
2022-05-10 19:51:15 +01:00
Ian Lynagh
8d754f5129
Kotlin: Fix bug in, and performance of, NullGuards::clearlyNotNullExpr
2022-05-10 19:51:15 +01:00
Ian Lynagh
03c1845053
Kotlin: Add a TODO comment
2022-05-10 19:51:15 +01:00
Ian Lynagh
76ca0b2776
Kotlin: Pull Kotlin type for localvars out into its own table
2022-05-10 19:51:15 +01:00
Ian Lynagh
7862229807
Kotlin: Pull Kotlin type for params out into its own table
2022-05-10 19:51:15 +01:00
Ian Lynagh
dc26abe341
Kotlin: Pull Kotlin type for methods/constrs out into their own tables
2022-05-10 19:51:15 +01:00
Ian Lynagh
ee008773dc
Kotlin: Pull Kotlin type for fields out into its own table
2022-05-10 19:51:15 +01:00
Ian Lynagh
0f7f90dd4e
Kotlin: Add a consistency query for Kotlin types
2022-05-10 19:51:15 +01:00
Ian Lynagh
86bf126ed8
Kotlin: Pull Kotlin type for expressions out into its own table
2022-05-10 19:51:15 +01:00
Tamas Vajk
cd5555a5dd
Extract companion objects from interfaces
2022-05-10 19:51:15 +01:00
Tamas Vajk
53f40a3f31
Do not extract fake properties
2022-05-10 19:51:15 +01:00
Tamas Vajk
5c38b4e84d
Extract expression body
2022-05-10 19:51:15 +01:00
Chris Smowton
4d408159aa
When extracting a call to an inherited method, substitute the callee's type parameters appropriately.
2022-05-10 19:51:15 +01:00
Chris Smowton
8c9c37ca47
Revert "Kotlin: Extract fake overrides for now"
...
This reverts commit a1ffa7b66b6bc1a9b6fd93da60e7a16c0dc2fb21.
2022-05-10 19:51:15 +01:00
Ian Lynagh
16a27f5258
Kotlin: Provide a way for tests to cause an exception
2022-05-10 19:51:15 +01:00
Ian Lynagh
89eae2407b
Kotlin: Improve error handling
...
Each compilation, and each file within a cmopilation, now gets a
"result" indicating whether it had recoverable or non-recoverable
errors.
2022-05-10 19:51:15 +01:00
Tamas Vajk
4c68b583de
Do not report negative index warning on extension parameters
2022-05-10 19:51:15 +01:00
Ian Lynagh
8d15d0acfb
Kotlin: Extract fake overrides for now
...
When we have Kotlin:
class A {
fun foo(z: OB<G1, G2>.B<E1, E2>) {
val foo = z.someFun()
}
}
and Java:
public class OB<S1, S2> extends OC<F1, F2> {
public class B<T1, T2> extends OC<F1, F2>.C<D1, D2, T1, T2> {
}
}
class OC<U1, U2> {
public class C<X1, X2, Y1, Y2> {
int someFun() {
return 5;
}
}
}
the `someFun` call is to a fake override, and has 4 type arguments.
If we treat it as calling the real function, then 6 type are expected,
and we get IndexOutOfBoundsException when we try to reorder the
type parameters in orderTypeArgsLeftToRight.
So for now, we just extract the fake overrides, so that we at least
don't crash.
2022-05-10 19:51:15 +01:00
Ian Lynagh
46ccd45833
Kotlin: Add tests for fake overrides
2022-05-10 19:51:15 +01:00
Chris Smowton
fdb1668cff
CommentExtractor: use actual file label instead of hopefully correctly guessing its string form
2022-05-10 19:51:15 +01:00
Tamas Vajk
bb7e01988a
Change kotlin dependency version from 1.6.0-RC2 to 1.6.10
2022-05-10 19:51:15 +01:00
Chris Smowton
0d90148f3e
Prefer the Kotlin extractor's version of trap files
2022-05-10 19:51:15 +01:00
Chris Smowton
69c645a594
Log when a class version can't be read
2022-05-10 19:51:15 +01:00
Tamas Vajk
300719a07a
Do not delete temp TRAP files when file level exception is caught
2022-05-10 19:51:14 +01:00
Tamas Vajk
82fe08ea8e
Improve exception handling
2022-05-10 19:51:14 +01:00
Tamas Vajk
29f4eb96e1
Handle exceptions on file level
2022-05-10 19:51:14 +01:00
Ian Lynagh
468a911f83
Kotlin: Use with in a number more cases
2022-05-10 19:51:14 +01:00
Ian Lynagh
f985671d7f
Kotlin: Make with an inline function
2022-05-10 19:51:14 +01:00
Ian Lynagh
3cc79f8b56
Kotlin: 'with' PoC
2022-05-10 19:51:14 +01:00
Ian Lynagh
2868644d36
Kotlin: Remove some code marked 'delete'
2022-05-10 19:51:14 +01:00
Ian Lynagh
4cf88e1a8d
Kotlin: Remove some comments
...
These are now in Kotlin #38
2022-05-10 19:51:14 +01:00
Ian Lynagh
c62ad4b802
Kotlin: Pass dependencyCollector when making a new KotlinFileExtractor
...
I think this only wasn't done previously because it used to make a
KotlinSourceFileExtractor.
2022-05-10 19:51:14 +01:00
Ian Lynagh
5f176beb09
Kotlin: Refactoring: Use a more idiomatic way to prepend to a list
2022-05-10 19:51:14 +01:00
Ian Lynagh
8d2221ea60
Kotlin: getFunctionLabel: Add comments
2022-05-10 19:51:14 +01:00
Ian Lynagh
d1a0a9668f
Kotlin: Remove a default argument
...
It was only defaulted in one case, and it's probably clearer to be
explicit.
2022-05-10 19:51:14 +01:00
Ian Lynagh
c125c1a698
Kotlin: getFunctionLabel: Make parentId be nullable
...
This allows us to simplify the set of functions.
2022-05-10 19:51:14 +01:00
Ian Lynagh
dd51141029
Kotlin: Use variable names more consistently
2022-05-10 19:51:14 +01:00
Ian Lynagh
2f8ede2ae5
Kotlin: Fix a variable shadowing warning
2022-05-10 19:51:14 +01:00
Ian Lynagh
72a6bfe7db
Kotlin: getFunctionLabel: Small refactoring
...
We now pass the IrDeclarationParent of the function to the final
getFunctionLabel function, and that takes care of finding the
enclosing class.
2022-05-10 19:51:14 +01:00
Chris Smowton
27b0d579d0
Add compilation-units test
2022-05-10 19:51:14 +01:00
Chris Smowton
7a756e3be9
Extract compilation-unit package and location for class files
2022-05-10 19:51:14 +01:00
Chris Smowton
024f8c651e
Accept test changes
2022-05-10 19:51:14 +01:00
Chris Smowton
863037ec41
Always extract methods of user-class supertypes
...
This matches the Java extractor's behaviour. Also if we re-visit a class to extract its members, revisit its supertypes to extract their members too.
2022-05-10 19:51:14 +01:00
Tamas Vajk
8f48c1b161
Add test for missing generic method
2022-05-10 19:51:14 +01:00
Chris Smowton
20d56094ee
Note that unusedLocation can raise an alert for used but inaccessible locations
2022-05-10 19:51:13 +01:00
Ian Lynagh
920599fcf5
Kotlin: Make an unnecessarily-optional argument a required argument
2022-05-10 19:51:13 +01:00
Tamas Vajk
52597e5d63
Fix missing declarations in declaration stack
2022-05-10 19:51:13 +01:00
Tamas Vajk
482a37cfe3
Fix unbound symbol.owner references and add todos
2022-05-10 19:51:13 +01:00
Ian Lynagh
41c36760f7
Kotlin: Small refactorings and comments
2022-05-10 19:51:13 +01:00
Ian Lynagh
c0f194316f
Kotlin: Update test following changes to casting operators
2022-05-10 19:51:13 +01:00
Ian Lynagh
ad33c47536
Kotlin: Add a test for Kotlin seeing Java code as properties
2022-05-10 19:51:13 +01:00
Ian Lynagh
579c590ea6
Kotlin: Accept test changes following "casting" operator changes
2022-05-10 19:51:13 +01:00
Ian Lynagh
6566f7b69f
Kotlin: Add types for the different kinds of casts that Kotlin has
...
We might want to unify some of these in future, but doing that
correctly is easier than splitting them up correctly, so I've given each
one its own QL class for now.
I am not familiar with many of the libraries/queries that use CastExpr.
I've briefly looked at them and updated them in a way that looks
superficially reasonable, but some of the uses will probably want to be
refined later.
2022-05-10 19:51:13 +01:00
Ian Lynagh
7cf1289385
Kotlin: Fix build with old JDKs
2022-05-10 19:51:13 +01:00
Chris Smowton
221fa37081
Fix naming of local class instances that fall within generic functions
2022-05-10 19:51:13 +01:00
Ian Lynagh
735520a4ce
Kotlin: Accept test changes in types test
2022-05-10 19:51:13 +01:00
Ian Lynagh
e9fcd4749a
Kotlin: Use ASM9 rather than ASM7
...
This fixes
exception: java.lang.UnsupportedOperationException: PermittedSubclasses requires ASM9
when we encounter ConstantDesc.class in the JDK's modules.
2022-05-10 19:51:13 +01:00
Tamas Vajk
646fc58c25
Fix expected test files
2022-05-10 19:51:13 +01:00
Tamas Vajk
44b731c68e
Exclude extraction of fake overridden properties
2022-05-10 19:51:13 +01:00
Tamas Vajk
55b8e4400d
Code quality improvements
2022-05-10 19:51:13 +01:00
Tamas Vajk
b6e5e1977d
Extract more visibility modifiers
2022-05-10 19:51:13 +01:00
Ian Lynagh
a6d0dc7751
Kotlin: Small refactorings
2022-05-10 19:51:13 +01:00
Ian Lynagh
e1cff50c39
Kotlin: Remove KotlinSourceFileExtractor
2022-05-10 19:51:13 +01:00
Ian Lynagh
c1c4e4f86c
Kotlin: Move extractFileContents into KotlinFileExtractor
2022-05-10 19:51:13 +01:00
Ian Lynagh
d43efd4cc7
Kotlin: KotlinSourceFileExtractor: Take filePath rather than file
2022-05-10 19:51:13 +01:00
Tamas Vajk
8e31bd8ec7
Update expected files after rebase
2022-05-10 19:51:13 +01:00
Tamas Vajk
9e21fa838e
Test case for generic inner type instantiation
2022-05-10 19:51:13 +01:00
Chris Smowton
978978b86a
Accept test changes
2022-05-10 19:51:13 +01:00
Chris Smowton
f4314c1f3d
Substitute all generic types into function trap IDs and signatures, and ensure the subbed types are never primitive
...
The solution for ensuring they are primitive (making the range of the substitution always nullable) will need replacing once we export Kotlin types.
2022-05-10 19:51:12 +01:00
Chris Smowton
3365f3972e
Instantiated generic type substitution: substitute outer class parameters too
2022-05-10 19:51:12 +01:00
Chris Smowton
fd495aa783
Name non-generic functions for their non-erased parameter types
2022-05-10 19:51:12 +01:00
Chris Smowton
f177c2c5ae
Function trap ids: remove spaces between value parameters
...
Otherwise these won't match the IDs used by the Java extractor.
2022-05-10 19:51:12 +01:00
Chris Smowton
f38f03e6c9
Value parameters: provide correct source declaration
2022-05-10 19:51:12 +01:00
Chris Smowton
cd07cc448e
Class trap labels: include outer type parameters
2022-05-10 19:51:12 +01:00
Chris Smowton
94efb427fe
Type parameters: record index Java-style
...
Previously they received indices offset by the number of surrounding class type parameters.
2022-05-10 19:51:12 +01:00
Chris Smowton
178f128bdc
Function labels: include <n> suffix (where n is the number of function type parameters)
...
This matches the Java extractor's behaviour.
2022-05-10 19:51:12 +01:00
Ian Lynagh
448b3d38d3
Kotlin: Duplicate less TRAP
2022-05-10 19:51:12 +01:00
Ian Lynagh
2f435a1a95
Kotlin: file_classes consistency check now passes
2022-05-10 19:51:12 +01:00
Ian Lynagh
368c330ecf
Kotlin: Accept test changes following file-class fixes
2022-05-10 19:51:12 +01:00
Ian Lynagh
194e9fd2da
Kotlin: Handle file classes better
2022-05-10 19:51:12 +01:00
Ian Lynagh
4340fe7044
Kotlin: Comments: Small refactoring
2022-05-10 19:51:12 +01:00
Tamas Vajk
b599ff2792
Change variable location extraction
2022-05-10 19:51:12 +01:00
Tamás Vajk
75e4b6c740
Fix typo in PrintAst.qll
2022-05-10 19:51:12 +01:00
Chris Smowton
33a9b4fb16
Add explanatory comment
2022-05-10 19:51:12 +01:00
Chris Smowton
e16a135a09
Add inner generic class test
2022-05-10 19:51:12 +01:00
Chris Smowton
0a4f97b151
Accept changes to standard library types
...
These are inner classes of the generic class java.lang.invoke.ClassSpecializer, whose generic parameters are no longer inappropriately attributed to its children.
2022-05-10 19:51:12 +01:00
Chris Smowton
997f818643
Accept java-and-kotlin result improvements
...
This happened because setting the type context for the return-type part of a function's label meant that the label now matches Java <-> Kotlin, and therefore it gets a Kotlin-source source location.
2022-05-10 19:51:12 +01:00
Chris Smowton
ab449e0517
Fix: use void as constructor return types in their labels
...
Without this we're incompatible with the Java extractor's constructor labelling
2022-05-10 19:51:12 +01:00
Chris Smowton
5188998bc6
Extract outer <-> inner class relationships for generic instances
2022-05-10 19:51:12 +01:00
Chris Smowton
67e3374a23
Fix inner generic type extraction
...
- Don't attribute type parameters that belong to the outer class to the inner
- Don't extract constructor generic parameters as if they were parameters of the type being instantiated
2022-05-10 19:51:12 +01:00
Tamas Vajk
aa0ddeb29a
Fix external type locations in tests
2022-05-10 19:51:12 +01:00
Tamas Vajk
afd71a00d0
Fix extraction of function references without dispatch receiver
2022-05-10 19:51:12 +01:00
Tamas Vajk
ef2795c88b
Add ktLocalFunction relation and tests for local and anonymous classes
2022-05-10 19:51:11 +01:00
Tamas Vajk
e0bf7d8246
Extract local class declarations
2022-05-10 19:51:11 +01:00
Tamas Vajk
1e64887903
Extract field receiver in field read/write
2022-05-10 19:51:11 +01:00
Tamas Vajk
10ae157682
Extract function references
2022-05-10 19:51:11 +01:00
Tamas Vajk
6950f868fb
Fix type access extraction in field declarations
2022-05-10 19:51:11 +01:00
Tamas Vajk
e5003e4032
Adjust PrintAST query to handle kotlin constructs
2022-05-10 19:51:11 +01:00
Tamas Vajk
73cd497427
Add todo comment to move property from parameter initialization to constructor
2022-05-10 19:51:11 +01:00
Tamas Vajk
313912a131
Fix test expected files
2022-05-10 19:51:11 +01:00
Chris Smowton
2730d07b4c
Extract static method qualifier type accesses
2022-05-10 19:51:11 +01:00
Chris Smowton
ef9a213ae1
Cleanup: use extractTypeAccess wherever possible
2022-05-10 19:51:11 +01:00
Chris Smowton
70841a5896
Add test for companion object
2022-05-10 19:51:11 +01:00
Tamas Vajk
30ff5e2517
Change unknown location to whole file location in source extraction
2022-05-10 19:51:11 +01:00
Tamas Vajk
9d7794185e
Fix temporary variable locations
2022-05-10 19:51:11 +01:00
Chris Smowton
5c77131637
Add tests for generic methods
2022-05-10 19:51:11 +01:00
Tamas Vajk
67d2c52e86
Extract field declarations
2022-05-10 19:51:11 +01:00
Tamas Vajk
5bc28ab45a
Extract externally defined inner classes only once
2022-05-10 19:51:11 +01:00
Chris Smowton
acad36cab4
Implement raw type extraction
2022-05-10 19:51:11 +01:00
Tamas Vajk
6455c988f2
Extract class references
2022-05-10 19:51:11 +01:00
Ian Lynagh
05028e612c
Kotlin: Accept test changes
2022-05-10 19:51:11 +01:00
Ian Lynagh
fb90c70e2e
Kotlin: Extract visibility for properties
2022-05-10 19:51:11 +01:00
Ian Lynagh
348ae357ed
Kotlin: Extract method visibility
2022-05-10 19:51:11 +01:00
Ian Lynagh
6616f452d7
Kotlin: Move extractClassModifiers to KotlinFileExtractor
...
It doesn't need to be in KotlinUsesExtractor any more, and this gives us
better warnings.
2022-05-10 19:51:11 +01:00
Ian Lynagh
5342b13cb6
Kotlin: Add class modifiers
2022-05-10 19:51:11 +01:00
Ian Lynagh
08bb134022
Java/Kotlin: Tweak consistency queries
2022-05-10 19:51:11 +01:00
Ian Lynagh
7c03ed99dc
Java/Kotlin: Add File.is{,Java,Kotlin}SourceFile()
2022-05-10 19:51:10 +01:00
Chris Smowton
70708d69bf
Don't extract or call fake-override methods
2022-05-10 19:51:10 +01:00
Chris Smowton
0c7075c749
Give getters and setters their jvm-lowered names
2022-05-10 19:51:10 +01:00
Chris Smowton
248011e828
Improve generics test to indicate callee decltypes
2022-05-10 19:51:10 +01:00
Chris Smowton
26abb4d0e3
Correctly record methods' and constructors' source-declarations
2022-05-10 19:51:10 +01:00
Chris Smowton
2677115385
Switch comment to use Kotlin syntax
2022-05-10 19:51:10 +01:00
Chris Smowton
44c64f0784
Always extract constructor return type as unit
2022-05-10 19:51:10 +01:00
Chris Smowton
d2e626cbee
Add declaring type to test to distinguish ambiguously-named methods
2022-05-10 19:51:10 +01:00
Chris Smowton
fa9971c6f3
Uniformly use getFunctionShortName
2022-05-10 19:51:10 +01:00
Chris Smowton
c5e85620e7
Rework conditional generic extraction to use global state
2022-05-10 19:51:10 +01:00
Chris Smowton
25674247a2
Accept test changes relating to generic constructors
2022-05-10 19:51:10 +01:00
Chris Smowton
d57ac71cd0
Anonymous objects: always extract as source classes
2022-05-10 19:51:10 +01:00
Chris Smowton
faa7ccfb01
Add test of selective generic extraction
2022-05-10 19:51:10 +01:00
Chris Smowton
b601cdeb8f
Extract generic constructor calls
2022-05-10 19:51:10 +01:00
Chris Smowton
d4519eb1bc
Downgrade assert to warning
2022-05-10 19:51:10 +01:00
Chris Smowton
bb3049a686
Extract generic method prototypes
...
These feature substituted types according to their declaring generic specialisation, with wildcards that reach top-level being converted to their upper or lower bound depending on usage context.
This commit also includes an incidental fix such that constructors declare their return-type as unit, consistent with the Java extractor.
2022-05-10 19:51:10 +01:00
Ian Lynagh
b38f47f9ea
Java/Kotlin: Tweak consistency queries
2022-05-10 19:51:10 +01:00
Ian Lynagh
c04912701a
Java/Kotlin: Speed up toString.ql
...
It's less informative now, but manual debugging will likely be needed
to investigate failures.
2022-05-10 19:51:10 +01:00
Ian Lynagh
ab93d166b8
Java/Kotlin: Tweak consistency queries
2022-05-10 19:51:10 +01:00
Tamas Vajk
fa5c3f9159
Remove and replace @anonymousclassdeclstmt with @localtypedeclstmt
2022-05-10 19:51:10 +01:00
Tamas Vajk
e325925f5a
Extract field declaration directly inside class
2022-05-10 19:51:10 +01:00
Tamas Vajk
929c50f0b3
Adjust build script based on review
2022-05-10 19:51:10 +01:00
Tamas Vajk
0978e522d0
Fix expected files
2022-05-10 19:51:10 +01:00
Tamas Vajk
7b58d01eff
Specify lambda method for big arity lambdas
2022-05-10 19:51:10 +01:00
Tamas Vajk
dec165c5b2
Remove Lambda class as supertype
2022-05-10 19:51:09 +01:00
Tamas Vajk
3cd2583ec8
Handle large arity lambdas, and add missing type access for some constructor calls (needed for anonymous classes)
2022-05-10 19:51:09 +01:00
Tamas Vajk
f4c87cb79d
Extract function expressions
2022-05-10 19:51:09 +01:00
Ian Lynagh
b32ac935f6
Revert "Merge pull request #160 from github/smowton/feature/type-substitution-prototypes"
...
This reverts commit 1dd83a3f0fab407fe94a09fc517c516ed24b1d0c, reversing
changes made to 22aebf8128bfe20bb89e5ecc11e0e8cdd65bf317.
2022-05-10 19:51:09 +01:00
Chris Smowton
4e36b2489c
Add test of selective generic extraction
2022-05-10 19:51:09 +01:00
Chris Smowton
b8af2e6e40
Extract generic constructor calls
2022-05-10 19:51:09 +01:00
Chris Smowton
cfb839ac91
Downgrade assert to warning
2022-05-10 19:51:09 +01:00
Chris Smowton
2f8b8fadc3
Extract generic method prototypes
...
These feature substituted types according to their declaring generic specialisation, with wildcards that reach top-level being converted to their upper or lower bound depending on usage context.
This commit also includes an incidental fix such that constructors declare their return-type as unit, consistent with the Java extractor.
2022-05-10 19:51:09 +01:00
Ian Lynagh
26a0925f99
Kotlin: Add comments saying what generated TRAP files
2022-05-10 19:51:09 +01:00
Ian Lynagh
35ad8f372e
Kotlin: Add a test for Kotlin and Java calling each other
...
Currently kotlin->java causes DB inconsistencies.
2022-05-10 19:51:09 +01:00
Ian Lynagh
1719b921cf
Kotlin: Accept test changes
2022-05-10 19:51:09 +01:00
Ian Lynagh
b57d7f5a75
Kotlin: Extract fakeKotlinType for all kt_types
...
This allows us to make consistent Java+Kotlin databases in the short
term.
2022-05-10 19:51:09 +01:00
Ian Lynagh
40976a91ce
Kotlin: Fix a bad label expansion
...
We were making a key
@"class;ClassLabelResults(classLabel=java.io.Console, shortName=Console)\$LineReader"
2022-05-10 19:51:09 +01:00
Ian Lynagh
c05aab278a
Kotlin: Add a TODO
2022-05-10 19:51:09 +01:00
Ian Lynagh
c35f871c46
Kotlin: Add tests for file classes
2022-05-10 19:51:09 +01:00
Ian Lynagh
43f50888a7
Kotlin: Add a trivial test
2022-05-10 19:51:09 +01:00
Ian Lynagh
c63918d431
Kotlin: Add an empty test
2022-05-10 19:51:09 +01:00
Ian Lynagh
509860b7cf
Kotlin: Add a file_classes consistency query
2022-05-10 19:51:09 +01:00
Ian Lynagh
33757a1266
Kotlin: Extract whether a class is a "file" class
2022-05-10 19:51:09 +01:00
Tamas Vajk
fd27243ec6
Add todo comment regarding class declaration stmt
2022-05-10 19:51:09 +01:00
Tamas Vajk
c446b0ecaf
Move anonymous class and local function label generation to KotlinUsesExtractor
2022-05-10 19:51:09 +01:00
Tamas Vajk
6dbf278269
Add extension tests
2022-05-10 19:51:08 +01:00
Tamas Vajk
058ff0a60b
Remove empty file
2022-05-10 19:51:08 +01:00
Tamas Vajk
2f06c9c03f
Fix spacing
2022-05-10 19:51:08 +01:00
Tamas Vajk
05f22576d1
Fix extraction state resetting
2022-05-10 19:51:08 +01:00
Tamas Vajk
ebf91b79a9
Revert moving extraction to SourceFileExtractor
2022-05-10 19:51:08 +01:00
Tamas Vajk
01f46555b0
Fix disappearing variable labels
2022-05-10 19:51:08 +01:00
Tamas Vajk
27f58f2929
Improve code quality
2022-05-10 19:51:08 +01:00
Tamas Vajk
16ba27c476
Extract local functions
2022-05-10 19:51:08 +01:00
Ian Lynagh
f0949a4936
Kotlin: Add a test
...
This caused a stack overflow on a branch, due to the recursino between
the class and the extension function.
2022-05-10 19:51:08 +01:00
Ian Lynagh
9c4c559ab2
Kotlin: Add some TODO comments
2022-05-10 19:51:08 +01:00
Ian Lynagh
5bc1bdb5a3
Kotlin: Refactor PrimitiveTypeInfo
...
Avoids mentioning the name of IdSignature.PublicSignature, which used to
be IdSignature.CommonSignature, giving us compatibility issues.
2022-05-10 19:51:08 +01:00
Ian Lynagh
d977500047
Kotlin: Make it easier to diagnose build failures
2022-05-10 19:51:08 +01:00
Ian Lynagh
c525d2a633
Kotlin: Consistently use addClassLabel, and have it handle external classes
2022-05-10 19:51:08 +01:00
Tamas Vajk
161463ecae
Fix catch clause location
2022-05-10 19:51:08 +01:00
Tamas Vajk
21af31f3ab
CFG changes for non-null operator + some tests
2022-05-10 19:51:08 +01:00
Ian Lynagh
de137415b8
Kotlin: Use an IrClass for the Java class in the priomitive type handling
...
This means we can add a label for it, and indicate that we use it,
properly.
2022-05-10 19:51:08 +01:00
Chris Smowton
7fa4da8b0c
Add explanatory comments
2022-05-10 19:51:08 +01:00
Chris Smowton
7d62f1d2de
Update test expectations
2022-05-10 19:51:08 +01:00
Chris Smowton
8accd35ce8
Substitute in generic type arguments when extracting the supertypes of an instantiated type
2022-05-10 19:51:08 +01:00
Ian Lynagh
2dcd49c6a5
Kotlin: Build the appropriate single version, rather than always 1.5
2022-05-10 19:51:08 +01:00
Tamas Vajk
abc0da3e60
Extract extension method receivers as parameters
2022-05-10 19:51:08 +01:00
Tamás Vajk
04daa7f28f
Revert "Kotlin: Fix extraction of dispatch and extension receivers"
2022-05-10 19:51:08 +01:00
Ian Lynagh
cd84a6a5b6
Kotlin: Avoid external locations appearing in type_equivalences test
2022-05-10 19:51:08 +01:00
Tamas Vajk
a4275865da
Fix location of variable access in LHS of assignment
2022-05-10 19:51:07 +01:00
Ian Lynagh
40e4c93615
Kotlin: TODO() now works
2022-05-10 19:51:07 +01:00
Ian Lynagh
669fe616dd
Kotlin: Renumber lines in expressions test
2022-05-10 19:51:07 +01:00
Ian Lynagh
50400bf7af
Kotlin: Add TODO() to test; doesn't work yet
2022-05-10 19:51:07 +01:00
Ian Lynagh
2b483597f8
Kotlin: Ranges already work
...
We might want to extract a sugared form of them in the future, but for
now this works.
2022-05-10 19:51:07 +01:00
Ian Lynagh
1abaecf158
Kotlin: String templates are already supported
2022-05-10 19:51:07 +01:00
Ian Lynagh
4c8a87bfb1
Kotlin: Accept test changes
2022-05-10 19:51:07 +01:00
Ian Lynagh
0b3754c932
Kotlin: Fix handling Unit in various places
2022-05-10 19:51:07 +01:00
Ian Lynagh
ec827d2f0a
Kotlin: Add ability to give more type contexts
2022-05-10 19:51:07 +01:00
Ian Lynagh
6c1439c180
Kotlin: Add a test for type equivalences
2022-05-10 19:51:07 +01:00
Ian Lynagh
606b36e21f
Kotlin: Accept test changes
2022-05-10 19:51:07 +01:00
Ian Lynagh
7ca6da1d13
Kotlin/Java: children consistency query: extension receiver is now a gap
2022-05-10 19:51:07 +01:00
Ian Lynagh
75e22da096
Kotlin: Fix extraction of dispatch and extension receivers
...
It is possible for a call to have both, e.g. the `arg.ext()` call in:
class Class1 {
val y = 4
}
class Class2 (val arg:Class1) {
val x = 3
fun someFun() {
arg.ext();
}
fun Class1.ext() {
val z = x + y
}
}
2022-05-10 19:51:07 +01:00
Ian Lynagh
76d7ac9898
Kotlin: Accept test changes
2022-05-10 19:51:07 +01:00
Ian Lynagh
6a16588484
Kotlin: Allow comments on enum entries
2022-05-10 19:51:07 +01:00
Ian Lynagh
cc478eb6ee
Kotlin: Add comments on enum test
2022-05-10 19:51:07 +01:00
Ian Lynagh
03199091cd
Kotlin: Add SAFE_CAST support
2022-05-10 19:51:07 +01:00
Ian Lynagh
1c5f6d70bc
Kotlin: Accept changes
2022-05-10 19:51:07 +01:00
Ian Lynagh
25ccf0569e
Kotlin: ReturnStmt CFG isn't handled properly yet
2022-05-10 19:51:07 +01:00
Ian Lynagh
db7f5a04be
Kotlin: BreakStmt CFG isn't handled properly yet
2022-05-10 19:51:07 +01:00
Ian Lynagh
712d70248a
Kotlin: Add CFG for VarArgExpr
2022-05-10 19:51:07 +01:00
Ian Lynagh
8440bafc42
Kotlin: Add CFG for KtAnonymousClassDeclarationStmt
2022-05-10 19:51:07 +01:00
Ian Lynagh
5ae74949a0
Kotlin: Add CFG for ClassExpr
2022-05-10 19:51:07 +01:00
Ian Lynagh
2135a870d3
Kotlin: Fix CFG for StmtExpr
2022-05-10 19:51:06 +01:00
Ian Lynagh
2e5cf92f8a
Kotlin: Fix CFG for string templates
2022-05-10 19:51:06 +01:00
Ian Lynagh
fcbe4331b4
Kotlin/Java: Add a (currently rather lax) cfgDeadEnds consistency query
2022-05-10 19:51:06 +01:00
Tamas Vajk
874afa7fd7
Fix missing extension receiver extraction
2022-05-10 19:51:06 +01:00
Tamas Vajk
23c5caadc8
Fix String?.plus extraction
2022-05-10 19:51:06 +01:00
Tamas Vajk
ea4e919af5
Extract missing functions directly in kotlin package
2022-05-10 19:51:06 +01:00
Tamas Vajk
3a2f7bec1c
Fix test expected files
2022-05-10 19:51:06 +01:00
Tamas Vajk
6246b2142c
Add enclosing stmt to arrayOf extraction
2022-05-10 19:51:06 +01:00
Tamas Vajk
8de5e39309
Extract arrayOf-like calls
2022-05-10 19:51:06 +01:00
Tamas Vajk
8b81ee7e59
Add array creation tests
2022-05-10 19:51:06 +01:00
Chris Smowton
64e1367e59
Make standard library locations consistent between Java and Kotlin
2022-05-10 19:51:06 +01:00
Ian Lynagh
547b60d68f
Kotlin: Add paramTypes test
2022-05-10 19:51:06 +01:00
Ian Lynagh
d5b4931b7f
Kotlin: Tweak superTypes test to give better locations
2022-05-10 19:51:06 +01:00
Ian Lynagh
50c2d10777
Kotlin: Improve the supertypes test
...
Note the line
| file://<external>/superChain.kt:2:1:2:60 | SuperChain2<T5,String> | file://<external>/superChain.kt:1:1:1:33 | SuperChain1<T3,String> |
is currently wrong; the supertype of SuperChain2<T5,String> should be
SuperChain1<T5,String>.
2022-05-10 19:51:06 +01:00
Ian Lynagh
c05aa7bb68
Kotlin: Add superChain test
2022-05-10 19:51:06 +01:00
Ian Lynagh
b876ee98e5
Kotlin: Tweak the superTypes test
2022-05-10 19:51:06 +01:00
Ian Lynagh
90d7c2b3ce
Java/Kotlin: Add a statementEnclosingExpr consistency test
2022-05-10 19:51:06 +01:00
Ian Lynagh
7baefbb9e5
Kotlin: Add WhenBranch.getWhenExpr()
2022-05-10 19:51:06 +01:00
Ian Lynagh
46f103c243
Kotlin: Accept test changes
2022-05-10 19:51:06 +01:00
Ian Lynagh
5c2ce95b1a
Kotlin: Populate statementEnclosingExpr
2022-05-10 19:51:06 +01:00
Ian Lynagh
2b973fa3b1
Kotlin: Add support for IrSyntheticBody
...
I'm not sure it's worth adding an entity to the database for them,
although that would allow us to use a 'case' in the dbscheme for
the different kinds.
There's no QLL support for this info yet.
2022-05-10 19:51:06 +01:00
Tamas Vajk
4ca024f043
Fix try statement extraction
2022-05-10 19:51:06 +01:00
Tamas Vajk
716b87d200
Extract not-null expression
2022-05-10 19:51:06 +01:00
Ian Lynagh
6603767d94
Kotlin: Clarify !/ paths
2022-05-10 19:51:06 +01:00
Ian Lynagh
f40ab39447
Kotlin: Small fixes and a little more documentation for TrapWriter
2022-05-10 19:51:06 +01:00
Ian Lynagh
d1fefe0246
Kotlin: Refactor TrapWriters
...
Now ClassFileTrapWriter is just FileTrapWriter, which no longer takes a
nullable IrFileEntry.
SourceFileTrapWriter still extends FileTrapWriter, and adds the
IrFileEntry, allowing it to override the location functions with more
useful variants.
populateFileTables no longer has a default. I think that for the sake
of a handful of calls, it's simpler to be explicit so we aren't
confused.
2022-05-10 19:51:05 +01:00
Ian Lynagh
1990b68c21
Kotlin: Return more precise types from PopulateFile.java
2022-05-10 19:51:05 +01:00
Ian Lynagh
83ac77dccc
Kotlin: Start documenting TrapWriter
2022-05-10 19:51:05 +01:00
Tamas Vajk
afabe652c1
Add anonymous class declaration stmt
2022-05-10 19:51:05 +01:00
Ian Lynagh
3e9d12aff0
Kotlin: Accept test changes
2022-05-10 19:51:05 +01:00
Ian Lynagh
37d6bc29dc
Kotlin: Fix Byte tests
2022-05-10 19:51:05 +01:00
Ian Lynagh
1eda692ec8
Kotlin: Import org.jetbrains.kotlin.ir.util.* in KotlinFileExtractor
...
This makes dump() available
2022-05-10 19:51:05 +01:00
Ian Lynagh
2d8a2abe5c
Kotlin: Recognise more numeric types
2022-05-10 19:51:05 +01:00
Ian Lynagh
76151b413f
Kotlin: Add more Long tests
2022-05-10 19:51:05 +01:00
Ian Lynagh
6b5fe14e94
Kotlin: Add tesets for more integer types
2022-05-10 19:51:05 +01:00
Ian Lynagh
1b40f78b9c
Kotlin: Recognise + etc for Double
2022-05-10 19:51:05 +01:00
Ian Lynagh
5b5a6042a9
Kotlin: Add tests for more Double operators
2022-05-10 19:51:05 +01:00
Chris Smowton
35e6b06fe3
Revert "Fix failing tests"
...
This reverts commit 940db3d0828422bc26d7167c138199aa51ab4e89.
2022-05-10 19:51:05 +01:00
Chris Smowton
bb7a17b5bd
Add missing test file
2022-05-10 19:51:05 +01:00
Ian Lynagh
f447d40740
Kotlin: Temporary consistency query tweak to get the tests passing
2022-05-10 19:51:05 +01:00
Tamas Vajk
ae86fcb499
Split main extractor file
2022-05-10 19:51:05 +01:00
Tamas Vajk
2dfe50cbaa
Change constructor and type name of anonymous classes to empty string
2022-05-10 19:51:05 +01:00
Tamas Vajk
b7faa33c60
Fix constructor call type access
2022-05-10 19:51:05 +01:00
Tamas Vajk
b7e0828f78
Extract anonymous object creation
2022-05-10 19:51:05 +01:00
Tamas Vajk
ab6b500475
Fix failing tests
2022-05-10 19:51:05 +01:00
Ian Lynagh
10004c77d1
Kotlin: some TODO stuff works now
2022-05-10 19:51:05 +01:00
Ian Lynagh
a3e70fdb5c
Kotlin: Add support for ieee754equals
2022-05-10 19:51:05 +01:00
Ian Lynagh
78d2ef52c1
Kotlin: Towards better equality checking
2022-05-10 19:51:05 +01:00
Ian Lynagh
5da15ca03b
Kotlin: Resugar !=
2022-05-10 19:51:04 +01:00
Ian Lynagh
b4c3f57bab
Kotlin: Get != working again
2022-05-10 19:51:04 +01:00
Chris Smowton
956c479db3
Document TypeResult
2022-05-10 19:51:04 +01:00
Chris Smowton
ccf21b7183
Implement Java signature extraction
2022-05-10 19:51:04 +01:00
Chris Smowton
6391484692
Add modifiers to array built-in functions
2022-05-10 19:51:04 +01:00
Chris Smowton
b33f2d9952
Merge shortName recursion into useType
2022-05-10 19:51:04 +01:00
Ian Lynagh
36dae240df
Kotlin: Allow building only a single way
2022-05-10 19:51:04 +01:00
Ian Lynagh
0ce6e53386
Kotlin: Remove unused expressions and fix a copy/paste-o
2022-05-10 19:51:04 +01:00
Tamas Vajk
da0e2c276f
Add comment explaining why the annotation is needed
2022-05-10 19:51:04 +01:00
Tamas Vajk
cb406619cb
Reintroduce sealed interfaces for generated DB types
2022-05-10 19:51:04 +01:00
Tamas Vajk
c4ad2f3463
Add kotlin 1.4 support
2022-05-10 19:51:04 +01:00
Tamas Vajk
3939a2a47c
Change build script to build multiple versions of the plugin
2022-05-10 19:51:04 +01:00
Ian Lynagh
22c87b20cc
Kotlin: Add an exception for a consistency check
2022-05-10 19:51:04 +01:00
Ian Lynagh
be5e478718
Kotlin: Accept test change
2022-05-10 19:51:04 +01:00
Ian Lynagh
744f3db68d
Kotlin: Handle binops correctly
2022-05-10 19:51:04 +01:00
Ian Lynagh
d63ef23bda
Kotlin: Remove an out-of-date consistency exception
2022-05-10 19:51:04 +01:00
Ian Lynagh
755bf4d8b3
Java/Kotlin: Add 'children' consistency query
2022-05-10 19:51:04 +01:00
Ian Lynagh
8f1f137fa1
Java/Kotlin: Add UnaryExpr consistency query
2022-05-10 19:51:04 +01:00
Ian Lynagh
90365c9c58
Java/Kotlin: Add a consistency query for BinaryExpr
2022-05-10 19:51:04 +01:00
Ian Lynagh
9e2a3a9da8
Java/Kotlin: Add a consistency query for blocks
2022-05-10 19:51:04 +01:00
Tamas Vajk
ab86778e1d
Remove external property related log messages
2022-05-10 19:51:04 +01:00
Chris Smowton
5ee9135643
Couple more style fixes
2022-05-10 19:51:04 +01:00
Chris Smowton
970e3d64c0
Fix various style warnings highlighted by IntelliJ
2022-05-10 19:51:04 +01:00
Chris Smowton
8f5bbc7bd8
superTypes test: restore location info without full paths
2022-05-10 19:51:03 +01:00
Chris Smowton
87d6313278
Move extractClassInstance to the file extractor
...
Since now we know the file context has been set correctly at this point
2022-05-10 19:51:03 +01:00
Chris Smowton
c4d6321e60
Fix whitespace
2022-05-10 19:51:03 +01:00
Chris Smowton
fcab0474c9
Amend call.ql to avoid external source locations and accept changes
2022-05-10 19:51:03 +01:00
Chris Smowton
2bcc3d425e
Amend a test to avoid external paths and accept changes
2022-05-10 19:51:03 +01:00
Chris Smowton
87b04bc22b
Add test for expected filenames
2022-05-10 19:51:03 +01:00
Chris Smowton
5ec546bcb0
Extract locations for generic instantiations
2022-05-10 19:51:03 +01:00
Chris Smowton
f06285e9c7
Fix: use source information for class actually extracted in case of K<->J substitution
2022-05-10 19:51:03 +01:00
Chris Smowton
bde4534050
Only report locations without a source offset in non-source files
...
Also adjust tests that would otherwise report types with locations outside the source tree (i.e., for the most part in the standard library)
2022-05-10 19:51:03 +01:00
Chris Smowton
c2fef58b21
Extract source files for external types
2022-05-10 19:51:03 +01:00
Tamas Vajk
4c5b4b15a9
Allow associating comments with fields
2022-05-10 19:51:03 +01:00
Tamas Vajk
097d87604f
Add test case to cover comments on properties
2022-05-10 19:51:03 +01:00
Tamas Vajk
d0c470dbac
Add direct field access support
2022-05-10 19:51:03 +01:00
Ian Lynagh
b741dea100
Kotlin: Accept test changes
2022-05-10 19:51:03 +01:00
Ian Lynagh
3a0435b196
Kotlin: Towards 'this' qualifiers
...
This probably handles most cases well enough
2022-05-10 19:51:03 +01:00
Ian Lynagh
9158f0192b
Kotlin: Enhance 'this' test
2022-05-10 19:51:03 +01:00
Ian Lynagh
2320553723
Kotlin: Add tests for this
2022-05-10 19:51:03 +01:00
Ian Lynagh
87e8425603
Kotlin: Extract the abstractness of classes.
2022-05-10 19:51:03 +01:00
Ian Lynagh
45658e5d89
Kotlin: Add writeCallableEnclosingExpr calls
2022-05-10 19:51:03 +01:00
Ian Lynagh
854a03d696
Kotlin: Fix property initialisers
2022-05-10 19:51:03 +01:00
Ian Lynagh
aefe5c5c58
Kotlin: Accept test changes
2022-05-10 19:51:03 +01:00
Ian Lynagh
e6e56238c5
Kotlin: Handle properties better
2022-05-10 19:51:03 +01:00
Chris Smowton
44bf35e623
Add and update tests
2022-05-10 19:51:03 +01:00
Chris Smowton
1b7e33b6e3
Remove Kotlin element and component type from arrays
...
Now that these are no longer required, array extraction can extract kt-types consistently with other parameterised classes.
2022-05-10 19:51:03 +01:00
Chris Smowton
70294bd26b
Array types: distinguish (e.g.) Array<Int> from IntArray
2022-05-10 19:51:03 +01:00
Chris Smowton
380da465b9
Fix bad rebase
2022-05-10 19:51:02 +01:00
Chris Smowton
b4138838fe
Update TODOs
2022-05-10 19:51:02 +01:00
Chris Smowton
329ead2b52
Pull out and tidy array extraction
2022-05-10 19:51:02 +01:00
Ian Lynagh
e947e6234e
Kotlin: Use 2G when compiling
...
For me, kotlinc default to 256M, which isn't enough when we are
extracting.
2022-05-10 19:51:02 +01:00
Ian Lynagh
2625c101ad
Kotlin: Show class name in log messages
2022-05-10 19:51:02 +01:00
Ian Lynagh
0bf60fff53
Kotlin: Add a test that was failing dbcheck, and comment out the cause
2022-05-10 19:51:02 +01:00
Ian Lynagh
8fc75abc6c
Kotlin: Accept test changes
2022-05-10 19:51:02 +01:00
Ian Lynagh
e1cfaaaa9a
Kotlin: Extract listOf(...)
2022-05-10 19:51:02 +01:00
Chris Smowton
3c7fb94002
Update test expectations
2022-05-10 19:51:02 +01:00
Chris Smowton
06c4fd9060
Properly extract wildcard bounds
2022-05-10 19:51:02 +01:00
Tamas Vajk
356639dadd
Add optional exitProcess after extraction
2022-05-10 19:51:02 +01:00
Tamas Vajk
69e8db06cb
Add optional compilation start plugin option + remove exitProcess
2022-05-10 19:51:02 +01:00
Chris Smowton
6fb5854589
Array types: record dimensionality
2022-05-10 19:51:02 +01:00
Chris Smowton
239ee588a6
Update test expectations
2022-05-10 19:51:02 +01:00
Chris Smowton
805b54897e
KotlinType: accept non-class-or-interface Java types
2022-05-10 19:51:02 +01:00
Chris Smowton
1d95431a7a
Always use the nullable type for arrays
2022-05-10 19:51:02 +01:00
Chris Smowton
0ba4753b8f
Restrict Kotlin types describing arrays
...
* Always use a nullable type
* Never use a type projection (same behaviour as IrType.getArrayElementType)
Otherwise the kotlin type doesn't functionally depend on the type label
2022-05-10 19:51:02 +01:00
Chris Smowton
a6dc408c4e
Fix: bracket string template expression properly
2022-05-10 19:51:02 +01:00
Chris Smowton
8016aa7027
Adapt to refactor; useType changes
2022-05-10 19:51:02 +01:00
Chris Smowton
660988d8ac
Ensure Unit type is extracted when needed
2022-05-10 19:51:02 +01:00
Chris Smowton
efe3a77efe
shortName: use boxed types for type arguments and use K->J class substitutions
2022-05-10 19:51:02 +01:00
Chris Smowton
16335b126f
Include type parameters in class short names
2022-05-10 19:51:02 +01:00
Chris Smowton
8acf7d74c1
Restore check for Array<T> type argument
2022-05-10 19:51:02 +01:00
Chris Smowton
dd3bb053e5
Add extracted array length and clone members
2022-05-10 19:51:02 +01:00
Chris Smowton
d62af44baa
Extract array type inheritence graph
2022-05-10 19:51:02 +01:00
Chris Smowton
23553f15ee
Arrays: extract dimensionality
2022-05-10 19:51:01 +01:00
Chris Smowton
c571657fb1
Abbreviate array test
2022-05-10 19:51:01 +01:00
Chris Smowton
f1a3c9ca20
Arrays: note TODOs
2022-05-10 19:51:01 +01:00
Chris Smowton
2cc5f3e5b7
kt_*_types tables: cite correct Kotlin classid for arrays
2022-05-10 19:51:01 +01:00
Chris Smowton
b926521e7a
Only write arrays table on first usage
2022-05-10 19:51:01 +01:00
Chris Smowton
055e9b7797
Convert primitive arrays to Java arrays
2022-05-10 19:51:01 +01:00
Chris Smowton
a92e20e526
Extract nullable arrays as Java arrays
...
Nullability doesn't matter to this conversion since Java's arrays are reftypes
2022-05-10 19:51:01 +01:00
Ian Lynagh
80e2140ca7
Kotlin: Add TrapWriter.writeComment
2022-05-10 19:51:01 +01:00
Ian Lynagh
5cf14e6f39
Kotlin: Tweak a comment
2022-05-10 19:51:01 +01:00
Ian Lynagh
8853489f04
Kotlin: Add a "generted by" field to the diagnostics table
2022-05-10 19:51:01 +01:00
Ian Lynagh
512e4ce41e
Kotlin: Fix bug in DB scheme generator
2022-05-10 19:51:01 +01:00
Ian Lynagh
be75d30ee0
Kotlin: Add support for varargs
2022-05-10 19:51:01 +01:00
Ian Lynagh
497263e92d
Kotlin: Accept test changes
2022-05-10 19:51:01 +01:00
Ian Lynagh
bdaa3ce2b3
Kotlin: Add support for companion objects
2022-05-10 19:51:01 +01:00
Ian Lynagh
f726e6acf8
Kotlin: Fix handling of objects in external dependencies
2022-05-10 19:51:01 +01:00
Ian Lynagh
b460c92c61
Kotlin: Add modifiers to object INSTANCEs
2022-05-10 19:51:01 +01:00
Ian Lynagh
112fac6286
Kotlin: We only support non-companion objects for now
2022-05-10 19:51:01 +01:00
Ian Lynagh
e5cd32bdfe
Kotlin: Get the tests passing again
2022-05-10 19:51:01 +01:00
Ian Lynagh
ceb1e57ddd
Kotlin: Add support for objects
2022-05-10 19:51:01 +01:00
Tamás Vajk
35a15d7eb4
Fix typo
2022-05-10 19:51:01 +01:00
Ian Lynagh
cb1124b5ff
Kotlin: Add a test for type aliases
2022-05-10 19:51:01 +01:00
Ian Lynagh
87b433142c
Kotlin: Add support for Kotlin type aliases
2022-05-10 19:51:01 +01:00
Ian Lynagh
8330a404df
Kotlin: Add warning location to warnings
...
This also tweaks how the "too many warnings" logic works
2022-05-10 19:51:01 +01:00
Ian Lynagh
41d4c21910
Kotlin: Add a warning
2022-05-10 19:51:01 +01:00
Ian Lynagh
2d43e7b2d1
Kotlin: Speed up getAPrimaryQlClass
...
It now gives less useful info, but can be manually investigated if it
fails.
2022-05-10 19:51:00 +01:00
Ian Lynagh
59307285e8
Kotlin: Speed up the toString consistency query
...
Using Top.getAQlClass() means we have to evaluate
SummarizedCallableExternal's charpred, and hence summaryElement,
which is slow.
2022-05-10 19:51:00 +01:00
Ian Lynagh
9a621479cc
Kotlin: accept test changes
2022-05-10 19:51:00 +01:00
Ian Lynagh
9b3f36d1ae
Kotlin: Remove useTypeOld
2022-05-10 19:51:00 +01:00
Ian Lynagh
e61ff60bf8
Kotlin: Add KotlinType to ExtensionMethod
2022-05-10 19:51:00 +01:00
Ian Lynagh
6cf0b755f0
Kotlin: Add KotlinType to localvars
2022-05-10 19:51:00 +01:00
Ian Lynagh
06a41b3923
Kotlin: Add KotlinTypes to arrays
2022-05-10 19:51:00 +01:00
Ian Lynagh
ba56517900
Kotlin: Add Variable.getKotlinType()
2022-05-10 19:51:00 +01:00
Ian Lynagh
ef22194eed
Kotlin: Add KotlinType to params
2022-05-10 19:51:00 +01:00
Ian Lynagh
0d5e471b96
Kotlin: Give methods and constructors a KotlinType
2022-05-10 19:51:00 +01:00
Ian Lynagh
d9822266f5
Kotlin: Fix SafeCastConversionContext QLL
2022-05-10 19:51:00 +01:00
Ian Lynagh
c20ee76826
Kotlin: Give fields a Kotlin type
...
This meant refactoring the EnumEntry extraction a bit. The IR doesn't
give us a type for fields, so we have to make it up based on the parent.
2022-05-10 19:51:00 +01:00
Ian Lynagh
e120059a18
Kotlin: Accept test changes
2022-05-10 19:51:00 +01:00
Ian Lynagh
b3a28af319
Kotlin: Move extractTypeParameter back to KotlinFileExtractor
2022-05-10 19:51:00 +01:00
Ian Lynagh
118d630125
Kotlin: Add a test for instances
2022-05-10 19:51:00 +01:00
Ian Lynagh
7421e95816
Kotlin: Pull more out into KotlinUsesExtractor
2022-05-10 19:51:00 +01:00
Ian Lynagh
db0360d211
Kotlin: Accept test changes
2022-05-10 19:51:00 +01:00
Ian Lynagh
b381556a06
Kotlin: Fix up things that got pulled out into KotlinUsesExtractor
2022-05-10 19:51:00 +01:00
Ian Lynagh
a5a42b4416
Kotlin: Refactor so that we can't give locations to "used" things
...
Things we use may not be in the same file as us, so we aren't able to
generate valid locations for them.
2022-05-10 19:51:00 +01:00
Ian Lynagh
960c436824
Kotlin: Call extractClassCommon later
...
This fixes a "Missing type parameter label" warning from the extractor
with
interface Foo<T>
class Bar<T>: Foo<T> { }
caused by the `: Foo<T>` being extracted before extracting the `T`
in `Bar<T>`.
2022-05-10 19:51:00 +01:00
Ian Lynagh
6c957284de
Kotlin: Add support for enum value accesses
2022-05-10 19:51:00 +01:00
Ian Lynagh
d565a16fe6
Kotlin: Add enums to expr test
2022-05-10 19:51:00 +01:00
Ian Lynagh
84b53ba9cf
Kotlin: Accept test changes
2022-05-10 19:51:00 +01:00
Ian Lynagh
976cc31c7a
Kotlin: Add support for string templates
2022-05-10 19:50:59 +01:00
Ian Lynagh
168786ae71
Kotlin: Add string concatenations to exprs test
2022-05-10 19:50:59 +01:00
Ian Lynagh
81fd7c735a
Kotlin: Add suport for enum classes
2022-05-10 19:50:59 +01:00
Ian Lynagh
2b01c5d825
Kotlin: Follow changes in main
2022-05-10 19:50:59 +01:00
Ian Lynagh
9996d77701
Kotlin: Reinstate disabled test now bug is fixed
2022-05-10 19:50:59 +01:00
Chris Smowton
97f380eddc
Don't abort external class extraction after first duplicate
2022-05-10 19:50:59 +01:00
Ian Lynagh
5bb9357dbe
Kotlin: Disable part of a test that gives us DB check inconsistencies
2022-05-10 19:50:59 +01:00
Ian Lynagh
e8fd9ed948
Kotlin: Add a warning suppression
2022-05-10 19:50:59 +01:00
Ian Lynagh
cbd265ab7a
Kotlin: Add support for try statements
2022-05-10 19:50:59 +01:00
Ian Lynagh
6b5663df46
Kotlin: Handle Short and Byte literals
...
I don't think we need separate DB types for them
2022-05-10 19:50:59 +01:00
Ian Lynagh
f0ac63c466
Kotlin: Extend expressions test
2022-05-10 19:50:59 +01:00
Ian Lynagh
49d2e86b5e
Kotlin: Accept test changes
2022-05-10 19:50:59 +01:00
Ian Lynagh
ba335b0c69
Kotlin: Add StmtExpr
...
In some contexts, Kotlin has what we would call a Stmt inside what we
would call an Expr. This allows us to handle this case.
2022-05-10 19:50:59 +01:00
Ian Lynagh
2ba8ccafa9
Kotlin: Make build compatible with older javac's
2022-05-10 19:50:59 +01:00
Ian Lynagh
6fd8d638a3
Kotlin: Accept test output
2022-05-10 19:50:59 +01:00
Ian Lynagh
9a886260cd
Kotlin: Add support for IMPLICIT_COERCION_TO_UNIT
2022-05-10 19:50:59 +01:00
Ian Lynagh
924c615216
Kotlin: Enhance exprs test
2022-05-10 19:50:59 +01:00
Ian Lynagh
46e55f5990
Kotlin: Add support for IMPLICIT_NOTNULL
2022-05-10 19:50:59 +01:00
Ian Lynagh
d181b4b9cc
Kotlin: Enhance the exprs test
2022-05-10 19:50:59 +01:00
Chris Smowton
dfa9bef5bd
Fix gradle homedir search
2022-05-10 19:50:59 +01:00
Ian Lynagh
a6c504abe3
Kotlin: Add support for implicit casts
2022-05-10 19:50:59 +01:00
Ian Lynagh
62b3e07ae6
Kotlin: Accept test changes
2022-05-10 19:50:58 +01:00
Ian Lynagh
ba7a7535e9
Kotlin: Add support for more type operators
2022-05-10 19:50:58 +01:00
Ian Lynagh
d247e4fcff
Kotlin: WhenBranch isn't postorder
2022-05-10 19:50:58 +01:00
Ian Lynagh
c4880cc935
Kotlin: Fix handling of non-true conditions
2022-05-10 19:50:58 +01:00
Ian Lynagh
b9d6712371
Kotlin: Update test output
2022-05-10 19:50:58 +01:00
Ian Lynagh
7f3ae94d73
Tweak the WhenExpr CFG and QL class
2022-05-10 19:50:58 +01:00
Ian Lynagh
f95934a0c5
Kotlin: Use trace (silently for now) rather than info for writing TRAP files
...
The on-demand "Writing trap file for: " messages are drowning out
everything else while running the tests.
2022-05-10 19:50:58 +01:00
Ian Lynagh
d6692e434a
Kotlin: Add support for "is" ("instanceof")
2022-05-10 19:50:58 +01:00
Ian Lynagh
d05643fa88
Kotlin: Add library-tests/controlflow/paths test (copied from Java)
2022-05-10 19:50:58 +01:00
Ian Lynagh
e755cc92b6
Kotlin: Add controlflow/dominance test (copied from Java)
2022-05-10 19:50:58 +01:00
Ian Lynagh
aebd8edf85
Kotlin: Make library-tests/controlflow/basic quieter
2022-05-10 19:50:58 +01:00
Ian Lynagh
d0bf462a45
Kotlin: Add a copy of Java's controlflow/basic test
2022-05-10 19:50:58 +01:00
Ian Lynagh
715a92c602
Kotlin: Add CFG for when expressions
2022-05-10 19:50:58 +01:00
Chris Smowton
070c0a03f4
Add .fromSource() qualifier to tests
2022-05-10 19:50:58 +01:00
Chris Smowton
3cb68bd7be
kotlin-extractor build: include Java source files
2022-05-10 19:50:58 +01:00
Chris Smowton
124dcb0e5f
Update test expectations
2022-05-10 19:50:58 +01:00
Chris Smowton
4dda475a8d
Fix source location column numbers
2022-05-10 19:50:58 +01:00
Chris Smowton
e65f451af6
erase: retain question-mark qualifier if present
2022-05-10 19:50:58 +01:00
Chris Smowton
48d5561c95
Use getClassLabel for Kotlin <-> Java type correspondences
...
Without this, the table can be non-functional due to mapping one unqualified Kotlin type onto several qualified Java types
2022-05-10 19:50:58 +01:00
Chris Smowton
f5021e8e68
Java: produce Java 8 class files for compatibility with packaged Java 11 binary
2022-05-10 19:50:58 +01:00
Chris Smowton
e5e694f7d3
Adjust Kotlin type correspondence tables when extracting a substituted type
2022-05-10 19:50:58 +01:00
Chris Smowton
12ce2d5829
Substitute Kotlin classes for Java equivalents
2022-05-10 19:50:58 +01:00
Chris Smowton
6de5a36cdc
Write Java class files in gzip format
...
This means our names match those expected by javac
2022-05-10 19:50:58 +01:00
Chris Smowton
4a18705d73
Write .set file for source file
2022-05-10 19:50:58 +01:00
Chris Smowton
b299779750
Create Files table entries for JAR/JRT files
2022-05-10 19:50:58 +01:00
Chris Smowton
8e63d10c1f
Populate Folders, containerparent tables
2022-05-10 19:50:57 +01:00
Chris Smowton
4c3b9e658b
Fix trap file output paths
...
These should be named for the class name, not its fs location
2022-05-10 19:50:57 +01:00
Chris Smowton
debb942c0e
Implement mtime and class version extraction
2022-05-10 19:50:57 +01:00
Chris Smowton
a0671cafb1
Remove trap file compression for now
2022-05-10 19:50:57 +01:00
Chris Smowton
2cc003ff0e
External class extraction prototype
2022-05-10 19:50:57 +01:00
Mathias Vorreiter Pedersen
a7fe37a631
Merge pull request #9047 from geoffw0/xxe6
...
C++: Add support for SAX2XMLReader in the CWE-611 XXE query.
2022-05-10 19:07:35 +01:00
Tamas Vajk
e9b249855b
Add gitignore to kotlin-explorer
2022-05-10 18:46:02 +01:00
Tamas Vajk
b7b506a23d
Improve temp directory cleanup
2022-05-10 18:46:02 +01:00
Tamas Vajk
52341dc99f
Modify build script to build both standalone and embeddable plugin variant
2022-05-10 18:46:02 +01:00
Ian Lynagh
f458745eff
Kotlin: Update tests
2022-05-10 18:46:02 +01:00
Ian Lynagh
286e29cd81
Kotlin: Add exprstmt's where appropriate
2022-05-10 18:46:02 +01:00
Ian Lynagh
8704536f35
Kotlin: local variable indexes start from 1
2022-05-10 18:46:02 +01:00
Ian Lynagh
b3d459d122
Kotlin: Accept test changes
2022-05-10 18:46:02 +01:00
Ian Lynagh
8df5abaef9
Kotlin: Add localvariabledeclstmt
2022-05-10 18:46:02 +01:00
Ian Lynagh
e5e6225d57
Kotlin: Add a build.py script that uses kotlinc to build
2022-05-10 18:46:02 +01:00
Ian Lynagh
1d1b9fe805
Kotlin: Add support for more kind of literal
...
And a test
2022-05-10 18:46:02 +01:00
Tamas Vajk
731d601cdd
Add optional dbscheme path parameter to KotlinExtractorDbScheme.kt generator
2022-05-10 18:46:02 +01:00
Tamas Vajk
48b388daf7
Remove version number from output artifact name
2022-05-10 18:46:02 +01:00
Tamas Vajk
ab102245da
Add codeql-kotlin to the CODEOWNERS file
2022-05-10 18:46:01 +01:00
Ian Lynagh
14a10564f3
Kotlin: Fix File locations, and fromSource/hasSourceLocation for Kotlin code
2022-05-10 18:46:01 +01:00
Ian Lynagh
b9359bd119
Kotlin: Add a test case to be added
...
Found by Tamás
2022-05-10 18:46:01 +01:00
Ian Lynagh
cd41d5b9cf
Kotlin: Add KotlinType to exprs
2022-05-10 18:46:01 +01:00
Ian Lynagh
63e96dffea
Kotlin: Add a testcase as a comment for now, so we don't lose it
2022-05-10 18:46:01 +01:00
Ian Lynagh
45cade8ff8
Kotlin: Accept/update tests
2022-05-10 18:46:01 +01:00
Ian Lynagh
1bce9a131a
Kotlin: Towards KotlinType support
2022-05-10 18:46:01 +01:00
Ian Lynagh
ca96d55476
Typo
2022-05-10 18:46:01 +01:00
Ian Lynagh
636e15f422
Kotlin: Split extractClass into extractClassSource, extractClassInstance
2022-05-10 18:46:01 +01:00
Ian Lynagh
9eadbea5cd
Kotlin: Split useClass into useClassSource and useClassInstance
2022-05-10 18:46:01 +01:00
Ian Lynagh
490e803098
Kotlin: Be more specific about function parents
2022-05-10 18:46:01 +01:00
Tamas Vajk
6f3ae8da47
Improve todo comment
2022-05-10 18:46:01 +01:00
Tamas Vajk
ec889f933f
Remove unneeded extraction warning
2022-05-10 18:46:01 +01:00
Tamas Vajk
1a6d693618
Implement review findings + fix ID of nested types
2022-05-10 18:46:00 +01:00
Tamas Vajk
85e713fa31
Extract generic type parameters as reference types even for primitive Kotlin types + add simplified array extraction
2022-05-10 18:46:00 +01:00
Tamas Vajk
b542769fe9
Fix constructor extraction and extract type arguments of constructor calls
2022-05-10 18:46:00 +01:00
Tamas Vajk
936c29b70c
Handle star type argument
2022-05-10 18:46:00 +01:00
Tamas Vajk
8dff527a0e
WIP: type arg extraction
2022-05-10 18:46:00 +01:00
Tamas Vajk
0c6e20928c
Kotlin: extract type parameters
2022-05-10 18:46:00 +01:00
Tamas Vajk
db5afe84b4
Code quality improvement (fix warning)
2022-05-10 18:46:00 +01:00
Ian Lynagh
088e7adf8c
Kotlin: Handle zero-width locations for generated elements
2022-05-10 18:46:00 +01:00
Tamas Vajk
76fd386055
Extract content of <obinit> methods
2022-05-10 18:46:00 +01:00
Tamas Vajk
b87c8e2529
Extract generated <obinit> method, and calls to it
2022-05-10 18:46:00 +01:00
Tamas Vajk
e31c573fb5
Remove redundant cast
2022-05-10 18:46:00 +01:00
Tamas Vajk
f18ab2e913
Reduce parameter passing, and compute label for enclosing callable on the fly
2022-05-10 18:46:00 +01:00
Tamas Vajk
13048392af
Add constructor tests
2022-05-10 18:46:00 +01:00
Tamas Vajk
84e9fd8dbd
Extract external types with members, so that tests don't produce DB constraint violations
...
The constructor of `Any` was missing. Also, previously members of external types were not extracted to not end up with DB constraint violations, but these I can't reproduce currently in tests.
2022-05-10 18:46:00 +01:00
Tamas Vajk
481c53a44d
Fix merge conflict
2022-05-10 18:45:59 +01:00
Tamas Vajk
a46a9b579e
Extract 'IsEnumType'
2022-05-10 18:45:59 +01:00
Tamas Vajk
5c72b52b97
Extract IrEnumConstructorCall
2022-05-10 18:45:59 +01:00
Tamas Vajk
9587e91f71
WIP: IrAnonymousInitializer/IrInstanceInitializerCall
2022-05-10 18:45:59 +01:00
Tamas Vajk
91eafafcc3
Extract delegating constructor calls
2022-05-10 18:45:59 +01:00
Tamas Vajk
661958488c
Extract constructor calls
2022-05-10 18:45:59 +01:00
Ian Lynagh
2c5a2910d2
Kotlin: Add explorer
2022-05-10 18:45:59 +01:00
Tamas Vajk
5749dbf7d9
Fix package of Location
2022-05-10 18:45:59 +01:00
Tamas Vajk
ab77ed085f
Add QL classes and tests for comments
2022-05-10 18:45:59 +01:00
Ian Lynagh
7d479943db
Kotlin: Remove a redundant warning suppression
2022-05-10 18:45:59 +01:00
Ian Lynagh
93f6b23a91
Kotlin: Revert some now-unnecessary changes to dbscheme
2022-05-10 18:45:59 +01:00
Ian Lynagh
7eebf81ffc
Kotlin: Remove some now-unnecessary casts
2022-05-10 18:45:59 +01:00
Ian Lynagh
bcbcd612a3
Kotlin: Improve the dbscheme generator
...
We now work out the supertype relationships based on the sets of leaf
types that are included, rather than simply following the hierarchy of
declarations. This means that we know about more supertype relationships
that exist, so there is less need to cast types.
2022-05-10 18:45:59 +01:00
Tamas Vajk
5aac46f20f
Fix DB relation names to use plurals
2022-05-10 18:45:58 +01:00
Tamas Vajk
bf4fb13326
Revert extracting this and this@TYPE parameters
2022-05-10 18:45:58 +01:00
Tamas Vajk
d6ec230e2f
Recognize qualified this access of outer class instance
2022-05-10 18:45:58 +01:00
Tamas Vajk
3bfc93daab
Add ExtensionMethod class
2022-05-10 18:45:58 +01:00
Tamas Vajk
7d8b6bac06
Fix this and qualified this parameter extraction
2022-05-10 18:45:58 +01:00
Tamas Vajk
575e5134bb
Extract 'this'-like value parameters
2022-05-10 18:45:58 +01:00
Tamas Vajk
ebee830a01
Handle type parameters which are nullable without question mark
2022-05-10 18:45:58 +01:00
Tamas Vajk
32a61c16cb
Add break/continue QL and tests
2022-05-10 18:45:58 +01:00
Tamas Vajk
aa190f9d65
Store break/continue targets
2022-05-10 18:45:58 +01:00
Tamas Vajk
ae7aa30bda
Extract break/continue/throw
2022-05-10 18:45:58 +01:00
Tamas Vajk
63c22ca5df
Fix failing tests after changing external type declaration extraction
2022-05-10 18:45:58 +01:00
Tamas Vajk
9889f49560
Add QL for ::class expression, and add test
2022-05-10 18:45:58 +01:00
Tamas Vajk
e8a079b56a
Extract all external class declarations (without members)
2022-05-10 18:45:58 +01:00
Tamas Vajk
1cc1daa88b
Extract externally declared classes
2022-05-10 18:45:57 +01:00
Tamas Vajk
3e60841774
Extract ::class expressions
2022-05-10 18:45:57 +01:00
Tamas Vajk
f04eb6b1fa
Add Nothing type test
2022-05-10 18:45:57 +01:00
Tamas Vajk
28afa19bf5
Change tests to select QL class name too
2022-05-10 18:45:57 +01:00
Tamas Vajk
9d76acad5c
Add null extraction test
2022-05-10 18:45:57 +01:00
Tamas Vajk
f97c6af117
Extract nullable types as non-nullable
2022-05-10 18:45:57 +01:00
Tamas Vajk
fb44f1326f
Extract Nothing as null
2022-05-10 18:45:57 +01:00
Tamas Vajk
f222fc6d42
Extract null literal
2022-05-10 18:45:57 +01:00
Ian Lynagh
bb3ebd7325
Kotlin: Fix warnElement counting
...
We were counting calls of warnElement, whereas we want to count its
callers.
2022-05-10 18:45:57 +01:00
Tamas Vajk
c64c950d9a
Remove leftover comment class
2022-05-10 18:45:57 +01:00
Tamas Vajk
7ecb3650cb
Cleanup getLabel
2022-05-10 18:45:57 +01:00
Tamas Vajk
48d019ebbe
Fix review findings, add DB scheme for comments
2022-05-10 18:45:57 +01:00
Tamas Vajk
c23472d736
Rework and simplify comment extraction
2022-05-10 18:45:57 +01:00
Tamas Vajk
1c8be155c9
Extract comments (based on C# comments extraction with element stack)
2022-05-10 18:45:56 +01:00
Ian Lynagh
fd8dd21f75
Kotlin: Follow change in files(...) table
2022-05-10 18:45:56 +01:00
Ian Lynagh
598a2f8cb0
Kotlin: Record compilation and extraction times
2022-05-10 18:45:56 +01:00
Ian Lynagh
396b5882ef
Kotlin: Add a compilations consistency query
2022-05-10 18:45:56 +01:00
Ian Lynagh
79e3cb38a8
Kotlin: Pull TrapWriter out into its own file
2022-05-10 18:45:56 +01:00
Ian Lynagh
2721f6aabf
Kotlin: Pull Logger out into its own file
2022-05-10 18:45:56 +01:00
Ian Lynagh
e8d3125b40
Kotlin: Tweak a string
2022-05-10 18:45:56 +01:00
Chris Smowton
b5a8442e50
Extract type variable references
...
Also erase the types used to name methods; otherwise type-var labels and method labels are mutually recursive.
2022-05-10 18:45:56 +01:00
Ian Lynagh
87204f1634
Kotlin: Populate the compilation_compiling_files table
2022-05-10 18:45:56 +01:00
Ian Lynagh
dc3cc0e72e
Kotlin: Refactoring: Give diagnostic messages locations and severities
2022-05-10 18:45:56 +01:00
Ian Lynagh
90eccc634b
Kotlin: Refactor locations
...
Amongst other tidyups, we now generate correct "unknown location"s
2022-05-10 18:45:56 +01:00
Ian Lynagh
5c06ffae69
Kotlin: Use a TrapWriter for the invocation TRAP
...
We'll probably want to shuffle some more stuff from FileTrapWriter to
TrapWriter, but for now at least we are using the generated TRAP-writing
functions rather than writing raw TRAP.
2022-05-10 18:45:56 +01:00
Ian Lynagh
651847d202
Java/Kotlin: Enhance 'compilations' support
2022-05-10 18:45:56 +01:00
Tamas Vajk
9e4614e574
Add gitignore
2022-05-10 18:45:56 +01:00
Ian Lynagh
059d6798bb
Kotlin: Tweak the definition of "eqwuivalent TRAP file"
...
TRAP files that only differ in their comments are equivalent
2022-05-10 18:45:55 +01:00
Ian Lynagh
c3dd35d98b
Kotlin: Put temporary TRAP files in the correct directory
2022-05-10 18:45:55 +01:00
Ian Lynagh
774616450b
Kotlin: Don't give stack traces for fake labels
...
There might be a significant performance hit for it.
2022-05-10 18:45:55 +01:00
Ian Lynagh
9bd0391c04
Kotlin: Don't fail if a file already exists in the source archive
2022-05-10 18:45:55 +01:00
Ian Lynagh
19ff50d0a6
Kotlin: Add a comment to each TRAP file linking to its invocation TRAP file
2022-05-10 18:45:55 +01:00
Ian Lynagh
4bc326ef82
Kotlin: Fix extraction when 2 invocations produce the same TRAP file
...
The second invocation was failing with a "file already exists" error.
I've also added a checkTrapIdentical flag, which is enabled for now.
This means that if 2 invocations write the same TRAP file, we will awrn
if they are not identical. It may be that this produces false positives,
but we can look at that if it happens.
2022-05-10 18:45:55 +01:00
Ian Lynagh
3e8f9f52a6
Kotlin: Start using invocation TRAP files
2022-05-10 18:45:55 +01:00
Ian Lynagh
71c3a64ff5
Kotlin: Simplify location extraction
2022-05-10 18:45:55 +01:00
Ian Lynagh
330727678a
Kotlin: Add some location information to a warning
2022-05-10 18:45:55 +01:00
Ian Lynagh
486cff5df1
Kotlin: Add support for interfaces
2022-05-10 18:45:55 +01:00
Ian Lynagh
14e970044a
Kotlin: Add some flushes
...
This will make it easier to see where we are if we get crashes in the
future.
2022-05-10 18:45:55 +01:00
Ian Lynagh
dbc3f29426
Kotlin: Put diagnostics in a TRAP file
...
Currently we just put everything in as severe with no location.
2022-05-10 18:45:55 +01:00
Ian Lynagh
a40ebd2520
Kotlin: Add support for supertypes
2022-05-10 18:45:55 +01:00
Ian Lynagh
d10024e7e9
Kotlin: Don't make a *Kt class unless we need one
2022-05-10 18:45:54 +01:00
Chris Smowton
c6deabd6a3
Update path to Java dbscheme
...
This changed when the Java tree was restructured for packaging
2022-05-10 18:45:54 +01:00
Ian Lynagh
f29a45ea98
Kotlin: Add getAPrimaryQlClass.ql consistenty check
2022-05-10 18:45:54 +01:00
Ian Lynagh
4837e4e46a
Kotlin: More top-level stuff
2022-05-10 18:45:54 +01:00
Ian Lynagh
f0e2de1fa9
Kotlin: Add file classes
...
Kotlin invents a class for each file that has a top-level
functionp/property, so that Java can use them.
2022-05-10 18:45:54 +01:00
Ian Lynagh
ed2c6e68ea
Kotlin: Function calls
2022-05-10 18:45:54 +01:00
Ian Lynagh
94eefbff17
Kotlin: Add IrContainerExpression
2022-05-10 18:45:54 +01:00
Ian Lynagh
e7cabfb965
Kotlin: Add assign exprs
2022-05-10 18:45:54 +01:00
Ian Lynagh
a64fedf764
Kotlin: When expressions
2022-05-10 18:45:54 +01:00
Ian Lynagh
bbb9d013e0
Kotlin: Escape TRAP strings
2022-05-10 18:45:54 +01:00
Ian Lynagh
f85cf27df8
Kotlin: Better logging infrastructure
2022-05-10 18:45:54 +01:00
Ian Lynagh
4ae7d19235
Kotlin: More expressions
2022-05-10 18:45:54 +01:00
Ian Lynagh
bb89b25e91
Kotlin: More expressions
2022-05-10 18:45:54 +01:00
Ian Lynagh
1de12e72d4
Kotlin: More expressions
2022-05-10 18:45:53 +01:00
Ian Lynagh
90161b9e9d
Kotlin: Add more expressions
2022-05-10 18:45:53 +01:00
Ian Lynagh
492dc3dfb3
Kotlin: More tests (of unhandled expressions)
2022-05-10 18:45:53 +01:00
Ian Lynagh
b4bc40630f
Kotlin: More expressions
2022-05-10 18:45:53 +01:00
Ian Lynagh
14a46b08b5
Kotlin: Variable accesses
2022-05-10 18:45:53 +01:00
Ian Lynagh
4c8ff16552
Kotlin: Fixes
2022-05-10 18:45:53 +01:00
Ian Lynagh
3daec4376f
Kotlin: Variable initialisers
2022-05-10 18:45:53 +01:00
Ian Lynagh
f5e2826b9f
Kotlin: Accept test changes
2022-05-10 18:45:53 +01:00
Ian Lynagh
4ba13d3663
Kotlin: Extract parameters
2022-05-10 18:45:53 +01:00
Ian Lynagh
799cf64fd2
Kotlin: Local variables
2022-05-10 18:45:53 +01:00
Ian Lynagh
46add88bb5
Kotlin: Add more types
2022-05-10 18:45:53 +01:00
Ian Lynagh
1c39f001e5
Kotlin: Add variables test
2022-05-10 18:45:53 +01:00
Ian Lynagh
b91660a0f0
Kotlin: Extract properties
2022-05-10 18:45:53 +01:00
Ian Lynagh
97722faee9
Kotlin: Add do/while loops
2022-05-10 18:45:52 +01:00
Ian Lynagh
0c429e4f80
Kotlin: Add blocks
2022-05-10 18:45:52 +01:00
Ian Lynagh
a8a6b4c09f
Kotlin: Move some expressions to the right place
2022-05-10 18:45:52 +01:00
Ian Lynagh
b25ea03211
Kotlin: Add while statements
2022-05-10 18:45:52 +01:00
Ian Lynagh
00cff5593f
Kotlin: Fix the tests
...
The handling of Unit is very kludgy at the moment. Will need rethinking.
2022-05-10 18:45:52 +01:00
Ian Lynagh
f0903726bf
Kotlin: Add some if-stmt support
2022-05-10 18:45:52 +01:00
Ian Lynagh
d48739cc92
Kotlin: Check a call actually is an addition
2022-05-10 18:45:52 +01:00
Ian Lynagh
9a75ca7f62
Kotlin: Identify the int type better
2022-05-10 18:45:52 +01:00
Ian Lynagh
f608384085
Kotlin: Add a "bug" case
2022-05-10 18:45:52 +01:00
Ian Lynagh
b68178e8cc
Kotlin: Handle enums better when generating dbscheme
2022-05-10 18:45:52 +01:00
Ian Lynagh
5f991653c1
Kotlin: Generate type aliases for dbscheme
2022-05-10 18:45:52 +01:00
Ian Lynagh
dbef421204
Kotlin: Generate dbscheme deterministically
2022-05-10 18:45:52 +01:00
Ian Lynagh
afea1871a7
Java: Add a variables consistency query
2022-05-10 18:45:52 +01:00
Ian Lynagh
15be80631f
Java: Add a consistency test for expressions
...
They should have exactly 1 Type.
2022-05-10 18:45:52 +01:00
Ian Lynagh
bbbd5d78a7
Java: Add toString consistency query
2022-05-10 18:45:51 +01:00
Ian Lynagh
06d9d305c2
Java: More consistency queries
2022-05-10 18:45:51 +01:00
Ian Lynagh
b2acb7d7a1
Add a consistency query
2022-05-10 18:45:51 +01:00
Ian Lynagh
03d5646c19
Kotlin: Add stmt/expr support
2022-05-10 18:45:51 +01:00
Ian Lynagh
49a4e479da
Kotlin: Extract methods
2022-05-10 18:45:51 +01:00
Ian Lynagh
6dd1027315
Kotlin: Refactoring
2022-05-10 18:45:51 +01:00
Ian Lynagh
fb26859425
Kotlin: Suppress an unchecked cast warning
...
I don't think we can easily do better here.
2022-05-10 18:45:51 +01:00
Ian Lynagh
4e27da33e4
Kotlin: Tweak generator
2022-05-10 18:45:51 +01:00
Ian Lynagh
d28059a1c0
Kotlin: Generate a module from the dbscheme
2022-05-10 18:45:51 +01:00
Ian Lynagh
4721ccd965
Kotlin: Add tests
2022-05-10 18:45:51 +01:00
Ian Lynagh
f15c6dede1
Kotlin: Get extractor working in a Java context
2022-05-10 18:45:51 +01:00
Ian Lynagh
e3ecf4c52d
Kotlin: Add kotlin-extractor
2022-05-10 18:45:51 +01:00
Rasmus Wriedt Larsen
c890f9c4ac
Python: Fix change-note
2022-05-10 18:08:43 +02:00
Rasmus Wriedt Larsen
f68b281762
Python: Add change-note
2022-05-10 18:04:52 +02:00
Rasmus Wriedt Larsen
7e87e18b32
Python: Adjust name/description/select of PamAuthorization.ql
...
Thought that calling out the actual vulnerability would make things
easier for our end users :)
2022-05-10 18:02:17 +02:00
Rasmus Wriedt Larsen
c84f693151
Python: Adjust PamAuthorization examples
...
They did not have proper formatting (only 2 spaces), and I restructured
them a bit more so they look like code in the wild
2022-05-10 18:00:20 +02:00
Rasmus Wriedt Larsen
0c534444ad
Python: Format .qhelp file
...
99% of our .qhelp files have manually wrapped lines, so just wanted to
keep things consistent
2022-05-10 17:59:21 +02:00
Cornelius Riemenschneider
7c10f3e76b
C#: Lua tracing config: Use API function.
2022-05-10 14:38:53 +00:00
Chris Smowton
c0fbd03133
Add qldoc for getTermInIntersection
2022-05-10 14:52:10 +01:00
Chris Smowton
3129c3dd69
Remove commented-out debug code
2022-05-10 14:52:10 +01:00
Chris Smowton
d330033908
Make objects-map-changed warning non-fatal
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
3c4b5202e3
Fix type aliases for instantiated generic types
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
d098bdc7f8
Reintroduce noinlined predicate to fix performance
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
ac081dc47a
Make TypeParamParent map global
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
8477053c90
Test calling generic functions from other files
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
7f1f428b41
Remove invalid code in test
...
"type declarations inside generic functions are not currently supported"
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
aa62fabe26
Fix another place where type could be nil
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
06d139848d
Fix panic when type is unknown
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
2e8b9a9a7d
Fix extractor crash when missing type information
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
ba147e8661
Test calls through variables
...
The tests which involve a flow through a receiver with a non-trivial access path
currently don't give the right result. This should be
fixed in a follow-up issue.
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
4a9aeacb69
Find callee through function instantiation
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
3790c4eb4d
Control flow for generic function instantiations
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
0dee215e8c
Update CodeQL tests to go 1.18.1
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
a8a351f6ae
Improve comment
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
20562cb43d
Add missing this. to member predicate calls
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
5257c4ab45
Add control flow test
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
26d4acd3b6
generic function instantions aren't type exprs
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
ce9c9cfe9d
CallExpr.getCalleeExpr should get uninstantiated function
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
7a7ca619b3
Add data flow tests for generic structs, methods and functions
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
4e71ab5cfc
Update comment above first extraction of packages
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
25b91d8155
Update tests
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
8c15199ca9
Use generic struct field not instantiated one in Uses
...
We do not extract instantiated named types, and instead use the generic
type. But fields of the underlying struct of an instantiated named types
are obtained from the Uses map. We solve this keeping track of which
objects should be overridden by which other objects.
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
8276ca04b4
Use generic method not instantiated one in Uses
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
253ca2bb67
Address review comments 2
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
59aa7426ec
Add comments about entities without a parent scope
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
9abc7ea617
Address review comments 1
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
4828430fd4
Extract all object types before emitting them
...
Note that `extractObjectType` calls `extractType` which may add
additional objects to the list that `ForEachObject` loops over, so
we should emit object types as a second pass.
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
4fa972fdc5
Rename variable for clarity
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
1da5399652
Fix obvious test failures
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
0194eb98d7
Add an upgrade and downgrade script
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
4d9937d1c6
Add tests
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
63d1663eb2
bug fix: label pointer-typed receivers correctly
...
We were trying to convert the object's type to a named type
to iterate through its methods, forgetting that it could also be
a pointer to a named type.
This bug was exposed because we no longer extract an object's
type before extracting it (unless it is a receiver), and when we
extracted a named type we extract its methods and when
extracting a method we extract its receiver and we always give
it the correct label in that situation.
2022-05-10 14:52:10 +01:00
Owen Mansel-Chan
92c331402d
Extract type parameters in types, not just decls
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
213fa1fec2
Break out of loop when a match has been found
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
982f11f8c7
Make ScopedObjectID take a function
...
This is so that ExtractType() won't be called except in the case
of a receiver variable, which is important for extracting type
parameters.
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
f908a6f1dc
Rename parm to param for clarity
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
1e08201632
Extract type param declarations
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
3510f2cdcd
Support non-basic interfaces in extractor
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
a05a525755
Extract generic type instantiations to new table
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
e84db95f9c
Extract generic function instantiations to new table
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
b8ab46d969
Add QL class for type parameter types
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
3952b1c07a
Extract type parameter types (and update dbscheme)
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
f7dcb11816
Extract uninstantiated generic types only
2022-05-10 14:52:09 +01:00
Owen Mansel-Chan
7f0a37913f
Use Go 1.18
2022-05-10 14:52:09 +01:00
Mathias Vorreiter Pedersen
1d10f14629
Merge pull request #9100 from redsun82/swift-tbd-rework
...
Swift: changes required for TBD node rework
2022-05-10 13:31:43 +01:00
Rasmus Wriedt Larsen
2b6e0cfb44
Merge pull request #8340 from yoff/python/simple-csrf
...
python: minimal CSRF implementation
2022-05-10 13:36:38 +02:00
Rasmus Wriedt Larsen
cb17e2a649
Merge pull request #8595 from porcupineyhairs/pypam
...
Python : Add query to detect PAM authorization bypass
2022-05-10 13:35:12 +02:00
Erik Krogh Kristensen
09360bce20
Merge pull request #9085 from erik-krogh/cash
...
JS: add model for the cash library
2022-05-10 13:20:57 +02:00
Paolo Tranquilli
bf71e4c500
Swift: getPrimaryQlClass -> getAPrimaryQlClass
2022-05-10 12:42:18 +02:00
Tom Hvitved
712fe002b9
Data flow: Sync files
2022-05-10 12:41:10 +02:00
Tom Hvitved
bfabfc3601
Data flow: Add Configuration::includeHiddenNodes()
2022-05-10 12:40:46 +02:00
Paolo Tranquilli
0b9dc9703f
Swift: changes required for TBD node rework
...
These changes are required to allow a new type-safe approach to TBD
nodes, that will come in a separate commit.
This introduces:
* the possibility to add properties to the root `Element`
* a functor taking tags to the corresponding binding trap entry
* `hasProp()` methods for optional properties in QL
* `getPrimaryQlClass()` method
2022-05-10 11:59:25 +02:00
Rasmus Lerchedahl Petersen
aa3d7babf4
python: fix bad merge
...
caused by an optimistic attempt at solving a
merge conflict in the online GUI.
2022-05-10 11:37:41 +02:00
Rasmus Wriedt Larsen
2421076d2f
Merge pull request #8696 from RasmusWL/new-nosql-examples
...
Python: Improve experimental modeling for `pymongo`
2022-05-10 11:03:05 +02:00
yoff
6c3e2db7fd
Merge branch 'main' into python/simple-csrf
2022-05-10 10:55:28 +02:00
Cornelius Riemenschneider
7aa3d0fd26
Merge pull request #9091 from github/criemen/dotnet-lua-tracing-config
...
C#: Port the existing compiler-tracing.spec files to Lua.
2022-05-10 10:54:20 +02:00
Anders Schack-Mulligen
f85e06c2e4
Dataflow: Sync.
2022-05-10 10:12:39 +02:00
Cornelius Riemenschneider
40503aa368
Address review.
2022-05-10 08:06:25 +00:00
Harry Maclean
a6cab022f6
Ruby: Add missing import
2022-05-10 17:32:01 +12:00
Harry Maclean
7b63493fa9
Ruby: Fix identification IO.open args
2022-05-10 17:32:00 +12:00
Harry Maclean
79c6dc1af0
Refactor IO/File modelling
...
The main goal here is to get rid of the duplicate definitions of module
`IO`, which currently exist in both `frameworks/core/IO.qll` and
`frameworks/Files.qll`.
We do this by moving the classes inside `Files::IO` to `core/IO.qll`,
but moving most of the actual definitions of those classes to an
internal module `core.internal.FileOrIO`. This means both `Files.qll`
and `IO.qll` can depend on them without leaking them to end users.
2022-05-10 17:32:00 +12:00
Harry Maclean
2d12ad6238
Ruby: Model IO.popen
...
This method is very similar to `Kernel.system`: it executes its
arguments as a system command in various ways.
2022-05-10 17:32:00 +12:00
yoff
b6605bc330
Merge pull request #8634 from RasmusWL/promote-xxe
...
Python: Promote XXE and XML-bomb queries
2022-05-09 21:54:55 +02:00
Rasmus Lerchedahl Petersen
1c7e533144
python: format
2022-05-09 21:22:27 +02:00
Erik Krogh Kristensen
e80ee46fe4
add model for the cash library
2022-05-09 21:01:07 +02:00
Mathias Vorreiter Pedersen
66ca01a717
Merge pull request #9094 from redsun82/swift-codegen-predicate-properties
...
Swift codegen: add predicate properties
2022-05-09 17:17:10 +01:00
luchua-bc
75e7148912
Standardize the query and update qldoc
2022-05-09 16:10:11 +00:00
Paolo Tranquilli
c08e6fdc1e
Swift codegen: add predicate properties
...
Properties marked with `predicate` in the schema are now accepted.
* in the dbscheme, they will translate to a table with a single `id`
column (and the table name will not be pluralized)
* in C++ classes, they will translate to `bool` fields
* in QL classes, they will translate to predicates
Closes https://github.com/github/codeql-c-team/issues/1016
2022-05-09 17:50:49 +02:00
Paolo Tranquilli
effa9ee207
Merge pull request #9034 from redsun82/swift-cpp-gen
...
Swift: add structured C++ generated classes
2022-05-09 17:49:23 +02:00
Geoffrey White
265500faa8
Merge pull request #8800 from geoffw0/unsafeput
...
C++: Add a test for experimental query NoCheckBeforeUnsafePutUser.ql.
2022-05-09 16:20:19 +01:00
Rasmus Lerchedahl Petersen
2a5908ff49
python: require all settings be vulnerable
...
at least all thos not in tests
2022-05-09 17:08:49 +02:00
Cornelius Riemenschneider
bf0e32ae82
C#: Port the existing compiler-tracing.spec files to Lua.
2022-05-09 14:45:34 +00:00
Rasmus Wriedt Larsen
4a6789182d
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-05-09 16:37:12 +02:00
Anders Schack-Mulligen
135d7f6e32
Dataflow: Prune more cons-candidates.
2022-05-09 16:21:12 +02:00
Anders Schack-Mulligen
1b0e9d5cd7
Dataflow: Fix join order in nodeMayUseSummary.
2022-05-09 16:21:12 +02:00
Henry Mercer
3c4715928e
Merge pull request #9083 from github/henrymercer/fetch-codeql-with-gh-cli
...
Actions: Fetch CodeQL CLI using `gh` rather than third-party Action
2022-05-09 14:40:29 +01:00
Anders Schack-Mulligen
f24364d951
Merge pull request #9045 from hvitved/dataflow/subpaths-perf-take2
...
Data flow: Speedup `subpaths` predicate (take 2)
2022-05-09 15:39:11 +02:00
Henry Mercer
71d1069a0a
Fix typo
2022-05-09 14:31:05 +01:00
Henry Mercer
198c96982c
Add a comment to explain the unusual Action path
2022-05-09 14:30:41 +01:00
CodeQL CI
e099b94cc4
Merge pull request #9081 from asgerf/js/global-step-refactor
...
Approved by erik-krogh
2022-05-09 06:30:37 -07:00
Rasmus Wriedt Larsen
c218162104
Merge branch 'main' into pypam
2022-05-09 14:20:05 +02:00
Rasmus Wriedt Larsen
ab1252d196
Python: Add @precision high for py/pam-auth-bypass
2022-05-09 14:19:40 +02:00
Geoffrey White
85cc9b8901
C++: Use getClassAndName.
2022-05-09 13:06:44 +01:00
Geoffrey White
28dca3fa9f
Merge pull request #8245 from ihsinme/ihsinme-patch-67
...
CPP: Add query for CWE-476: NULL Pointer Dereference when using exception handling blocks
2022-05-09 12:26:20 +01:00
Geoffrey White
9709c2fa94
C++: Use compliant PascalCase / make the checks happy.
2022-05-09 11:58:57 +01:00
Henry Mercer
804ca3e1a7
Actions: Fetch CodeQL CLI using gh rather than third-party Action
2022-05-09 11:42:01 +01:00
Erik Krogh Kristensen
53b26eba17
Merge pull request #8724 from erik-krogh/postMessage
...
JS: promote the `js/missing-origin-verification` query
2022-05-09 12:28:58 +02:00
Erik Krogh Kristensen
fe1e47bc17
Merge pull request #8710 from bananabr/dragAndDrop
...
JS: drag and drop API Xss sources
2022-05-09 12:22:28 +02:00
Erik Krogh Kristensen
611a412f2a
Merge pull request #8990 from bananabr/selection
...
JS: Selection API DOM text source
2022-05-09 12:22:18 +02:00
Paolo Tranquilli
93f8b6b29d
Swift: add missing trap_affix
2022-05-09 12:20:22 +02:00
Paolo Tranquilli
20317a280b
Swift: make width fields unsigned
2022-05-09 12:19:52 +02:00
thibaut hansmann
f3f2e59472
C/C++ : Fix remove the useless variable
2022-05-09 12:01:42 +02:00
Asger F
88b5bbe024
JS: Update test expectation
2022-05-09 11:55:07 +02:00
Rasmus Wriedt Larsen
de05b108fa
Python: Fix singleton set
2022-05-09 11:01:13 +02:00
Rasmus Wriedt Larsen
36349222a9
Python: Fix casing of XMLDomParsing
2022-05-09 11:00:25 +02:00
Rasmus Wriedt Larsen
f22bd039f3
Python: Slight refactor of LxmlParsing
2022-05-09 10:56:39 +02:00
Rasmus Wriedt Larsen
f5854f33da
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-05-09 10:53:25 +02:00
Michael Nebel
9a45949e8c
Merge pull request #9044 from michaelnebel/csharp/flowsummariestest
...
C#: Flow summaries test should print, whether a summary is generated or not.
2022-05-09 10:06:19 +02:00
Michael Nebel
1401e7ddb3
Merge pull request #8855 from michaelnebel/csharp/singlereadstore
...
C#: Only allow two read and two store steps in model capturing.
2022-05-09 10:05:53 +02:00
Paolo Tranquilli
9c5b2d7e9d
Swift: tweaks for use in the PoC branch
2022-05-09 09:46:47 +02:00
Paolo Tranquilli
918ba1b1fc
Swift: make generator.run accept options
2022-05-09 09:34:49 +02:00
AlexDenisov
c21849bb2e
Merge pull request #9015 from redsun82/swift-enable-dynamic-library
...
Swift: enable dynamic mode
2022-05-09 09:15:37 +02:00
AlexDenisov
fe72dfe7d4
Merge pull request #9028 from redsun82/swift-trapgen
...
Swift: add `trapgen` unit tests
2022-05-09 09:15:22 +02:00
Paolo Tranquilli
6cbfb5a10c
Swift cppgen: emit final trap before bases
2022-05-09 09:02:20 +02:00
Michael Nebel
83aa65ff53
C#/Java: Remove redudandant QL comment in CaptureModel.
2022-05-09 07:36:41 +02:00
Michael Nebel
76fd424795
C#: Turn isAutogenerated predicate into a predicate without result.
2022-05-09 07:30:06 +02:00
Michael Nebel
9b855c30cc
Merge pull request #9043 from michaelnebel/csharp/xml-injection-path
...
C#: Convert xml injection query to a path problem.
2022-05-09 07:18:01 +02:00
Marcono1234
c760d39d59
Merge remote-tracking branch 'remotes/origin/main' into marcono1234/statement-expression
2022-05-09 00:28:19 +02:00
Marcono1234
36f56b5a18
Java: Rename StmtExpr to ValueDiscardingExpr
...
As mentioned by aschackmull during review, StatementExpression as defined
by the JLS only lists possible types of expressions, it does _not_ specify
that their value is discarded. Therefore, for example any method call could
be considered a StatementExpression.
The name ValueDiscardingExpr was chosen as replacement because the JLS uses
the phrase "if the expression has a value, the value is discarded" multiple
times.
2022-05-09 00:27:15 +02:00
Mathias Vorreiter Pedersen
176e40f139
Merge pull request #9052 from github/post-release-prep/codeql-cli-2.9.1
...
Post-release preparation for codeql-cli-2.9.1
2022-05-06 13:15:17 +01:00
Mathias Vorreiter Pedersen
ef7363c48e
Merge pull request #732 from github/post-release-prep/codeql-cli-2.9.1
...
Post-release preparation for codeql-cli-2.9.1
2022-05-06 13:15:10 +01:00
github-actions[bot]
fea657ce01
Post-release preparation for codeql-cli-2.9.1
2022-05-05 19:05:56 +00:00
github-actions[bot]
1a25457178
Post-release preparation for codeql-cli-2.9.1
2022-05-05 19:05:50 +00:00
ihsinme
b98ddc72f5
Update DangerousUseOfExceptionBlocks.ql
2022-05-05 21:05:22 +03:00
Paolo Tranquilli
a7129c1f4c
Swift: add --ql-format/--no-ql-format to codegen
2022-05-05 18:33:05 +02:00
ihsinme
6dec1182bf
Update DangerousUseOfExceptionBlocks.expected
2022-05-05 19:17:31 +03:00
ihsinme
185a60f034
Update test.cpp
2022-05-05 19:16:54 +03:00
Geoffrey White
453dadea1a
C++: Fix QLDoc.
2022-05-05 16:43:31 +01:00
ihsinme
2d4d7aa094
Update DangerousUseOfExceptionBlocks.ql
2022-05-05 18:40:29 +03:00
Geoffrey White
6b5a1921dd
C++: Support the SAX2XMLReader interface.
2022-05-05 16:35:21 +01:00
Paolo Tranquilli
b2b5fd281f
Swift: add more parametrization
...
This enables codegen to run on the swift PoC branch.
2022-05-05 17:34:00 +02:00
Geoffrey White
c4bc7050a9
C++: Additional test cases.
2022-05-05 16:26:09 +01:00
Tony Torralba
ca2959cf37
Merge pull request #8537 from atorralba/atorralba/unsafe_android_access_improvs
...
Java: Improvements to UnsafeAndroidAccess
2022-05-05 16:46:54 +02:00
Paolo Tranquilli
ac3cceab19
Swift: turn some generated paths to relative
2022-05-05 16:15:16 +02:00
Paolo Tranquilli
7bcc5db4a6
Swift: parametrize namespace and other things in codegen
...
This is so that we can use this in the PoC branch.
2022-05-05 16:01:54 +02:00
thibaut hansmann
3006935141
C/C++ : FIx the research for UInt16, 32 and 64 + Fix 2 first line of the query
2022-05-05 15:22:50 +02:00
thibaut hansmann
c15c216c47
C/C++ : change Variable and ArrayType name + Add detection for Uint 32 and 64
2022-05-05 14:27:50 +02:00
Tom Hvitved
04cc73823d
Java: Introduce 'with/without content' summary components
2022-05-05 14:25:48 +02:00
Tom Hvitved
2972af2602
C#: Introduce 'with/without content' summary components
2022-05-05 14:25:48 +02:00
Tom Hvitved
2e780154e2
Ruby: Introduce 'with/without content' summary components
2022-05-05 14:25:48 +02:00
yoff
6169ac6122
Merge pull request #7776 from RasmusWL/django-filefield-uploadto
...
Python: Support Django FileField.upload_to
2022-05-05 14:25:08 +02:00
Erik Krogh Kristensen
58db9226dc
add missing word in qhelp
2022-05-05 14:24:45 +02:00
Tom Hvitved
d9d5372f28
Data flow: Sync files
2022-05-05 13:36:26 +02:00
Tom Hvitved
de6e2c95e7
Data flow: Speedup subpaths predicate (take 2)
2022-05-05 13:36:08 +02:00
Michael Nebel
3c347cab98
C#: Update test output to reflect that the query is now a path-problem query.
2022-05-05 13:13:25 +02:00
Michael Nebel
2dc35c123a
Java/Ruby: Sync files.
2022-05-05 13:08:55 +02:00
Michael Nebel
a8556f4d50
C#: Make sure that test output prints whether the summary is generated or not.
2022-05-05 13:07:22 +02:00
Erik Krogh Kristensen
2d7c7ff372
apply suggestions from doc review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-05-05 13:03:35 +02:00
Asger F
c4d597d60f
JS: Enumerate type-tracking steps through global access paths
2022-05-05 12:59:10 +02:00
ihsinme
75244effc5
Update DangerousUseOfExceptionBlocks.ql
2022-05-05 13:27:17 +03:00
Erik Krogh Kristensen
0c0e280637
update the qhelp to mention that the GITHUB_TOKEN only sometimes has write-access
2022-05-05 12:12:29 +02:00
Paolo Tranquilli
c87fb4df53
Swift: remove now unused ql.Property.params
2022-05-05 12:01:13 +02:00
Mathias Vorreiter Pedersen
6f9752ead1
Merge pull request #9019 from geoffw0/xxe4
...
C++: More XXE Tests
2022-05-05 10:59:40 +01:00
Michael Nebel
e416a0629a
C#: Add isAutoGenerated predicate to SummarizedCallable.
2022-05-05 11:54:04 +02:00
Paolo Tranquilli
9798d8ba26
Swift: add ?* modifier to schema specification
...
This indicates a list of optional entries. This is different than
simply repeatind entries because of the indexing.
2022-05-05 11:50:12 +02:00
yoff
0c7184952b
Merge pull request #9023 from RasmusWL/positional-docs
...
Python: Clarify `getArg` is about positional arguments
2022-05-05 11:28:17 +02:00
Erik Krogh Kristensen
c0152a46bc
rename getAReferencedExpression to getASimpleReferenceExpression and add examples of what it can parse
2022-05-05 11:02:47 +02:00
Arthur Baars
25d9ffd18c
Merge pull request #9033 from github/aibaars/atm-label
...
JS: exclude ATM folder from labeler
2022-05-05 10:53:39 +02:00
Michael Nebel
13f142f143
C#: Convert xml injection query to a path problem.
2022-05-05 10:43:23 +02:00
Erik Krogh Kristensen
dc1dc2a33a
parse the uses field in the getters instead of the charpred
2022-05-05 10:40:08 +02:00
Erik Krogh Kristensen
9ea0f71581
convert TODO to a note in Actions::Uses
2022-05-05 10:28:00 +02:00
Erik Krogh Kristensen
1f00ba812a
move YAMLMappingLikeNode to the standard library
2022-05-05 10:22:52 +02:00
Jonas Jensen
d747c6eaa9
Merge pull request #8930 from jbj/lower-case-variables-spec
...
QL language reference: variables must be lowerId
2022-05-05 10:02:16 +02:00
Paolo Tranquilli
c2d3aac349
Swift: fix no functools.cache in python 3.8
2022-05-05 09:48:07 +02:00
Michael Nebel
21eb5a1db5
Merge pull request #8894 from michaelnebel/csharp/upgrade-dotnet
...
C#: Upgrade dotnet to 6.0.202.
2022-05-05 09:42:23 +02:00
Erik Krogh Kristensen
bf6663ab12
run the autoformatter
2022-05-05 09:16:27 +02:00
Tom Hvitved
66a9759329
Merge pull request #8870 from hvitved/dataflow/expect-content
...
Data flow: Introduce `expectsContent`
2022-05-05 09:01:40 +02:00
luchua-bc
937ab417b1
Query to detect hardcoded JWT secret keys
2022-05-04 23:09:48 +00:00
Daniel Santos
33e85f8db8
Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-05-04 11:43:56 -05:00
Paolo Tranquilli
d5d1eb717d
Swift: add structured C++ generated classes
...
This adds `cppgen`, creating structured C++ classes mirroring QL classes
out of `schema.yml`.
An example of generated code at the time of this commit can be found
[in this gist][1].
[1]: https://gist.github.com/redsun82/57304ddb487a8aa40eaa0caa695048fa
Closes https://github.com/github/codeql-c-team/issues/863
2022-05-04 18:20:25 +02:00
Paolo Tranquilli
10c5c8e71f
Swift: add trapgen unit tests
...
Closes: https://github.com/github/codeql-c-team/issues/981
2022-05-04 18:20:06 +02:00
Joe Farebrother
64227c9109
Fix codescanning alerts
2022-05-04 15:58:30 +01:00
Joe Farebrother
c7d30087d1
Fix issue with named backrefs; add needed import
2022-05-04 15:41:42 +01:00
Joe Farebrother
2d82dfba38
Reorder backreference predicates
2022-05-04 15:41:41 +01:00
Joe Farebrother
9078e13f1c
Apply reveiw suggestions
...
- make java imports private
- qdoc fixes
- reorder predicates
- simplifications
2022-05-04 15:41:41 +01:00
Joe Farebrother
b854a2185e
Fix use of sinkModel
2022-05-04 15:41:41 +01:00
Joe Farebrother
b08f22c24d
Remove unnecassary import
2022-05-04 15:41:41 +01:00
Joe Farebrother
66ab2bca75
Update PrintAst test output
2022-05-04 15:41:41 +01:00
Joe Farebrother
eec57d4f25
Simplify dataflow logic by using only one configuration, and expessing more sinks with models-as-data
2022-05-04 15:41:41 +01:00
Joe Farebrother
2a80540157
Sync shared files
2022-05-04 15:41:40 +01:00
Joe Farebrother
5e3ba130dc
Add a test for deeply nested sequences
2022-05-04 15:41:40 +01:00
Joe Farebrother
4ed2e8d1fd
Update tests to account for only regexes with quantifiers being considered
2022-05-04 15:41:40 +01:00
Joe Farebrother
e5ca924240
Allow quantifiers invoving {}; add comments
2022-05-04 15:41:40 +01:00
Chris Smowton
bc17d4b91f
Break the recursion between seqChild, RegExpTerm and TRegExpSequence
2022-05-04 15:41:40 +01:00
Chris Smowton
0d13864bc8
Restrict polynomial ReDoS' strings-parsed-as-regexes search to those that could possibly be interesting
...
In practice for polynomial ReDoS this means those regexes containing at least one potentially-infinite quantifier (* or +).
2022-05-04 15:41:39 +01:00
Joe Farebrother
0f606d987d
Remove redundant super call.
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
2022-05-04 15:41:39 +01:00
Joe Farebrother
522a8aff6f
Fix filename case
2022-05-04 15:41:39 +01:00
Joe Farebrother
3d65a9cafc
Update shared files
2022-05-04 15:41:39 +01:00
Joe Farebrother
375ded4ede
Move check to exlude test cases so that it also covers exponential redos
2022-05-04 15:41:39 +01:00
Joe Farebrother
1605d36ddf
Refine polynomial redos sources to exclude length limited methods
2022-05-04 15:41:39 +01:00
Joe Farebrother
04edc10f1e
Exclude regexes from test code
2022-05-04 15:41:38 +01:00
Joe Farebrother
6794268a3c
Split PolynomialRedos definition into a library to avoid duplication in the tests
2022-05-04 15:41:38 +01:00
Joe Farebrother
c1290d9e2b
Sync shared redos library files.
2022-05-04 15:41:38 +01:00
Joe Farebrother
5555985ad6
Distingush between whether or not a regex is matched against a full string
...
Also some fixes and additional tests
2022-05-04 15:41:38 +01:00
Joe Farebrother
0a5268aeb4
Sync shared library changes across languages.
2022-05-04 15:41:38 +01:00
Joe Farebrother
bb562643c6
Support possessive quantifiers, which cannot backtrack.
...
They are approximated by limiting them to up to one repetition (effectively making *+ like ? and ++ like a no-op).
2022-05-04 15:41:37 +01:00
Joe Farebrother
49374b877a
Fix parsing of alternations in character classes
2022-05-04 15:41:37 +01:00
Joe Farebrother
5ba6bafbef
Use occursInRegex more ccnsistently throughout
2022-05-04 15:41:37 +01:00
Chris Smowton
f5809a7440
ReDoS performance fixes
2022-05-04 15:41:37 +01:00
Joe Farebrother
2d963176bf
Fix change note
2022-05-04 15:41:37 +01:00
Joe Farebrother
9bd3916800
Add change note
2022-05-04 15:41:37 +01:00
Joe Farebrother
3ce0c2c23b
Add more regex use functions in String
2022-05-04 15:41:36 +01:00
Joe Farebrother
5364001aa2
Update docs to be about Java
2022-05-04 15:41:36 +01:00
Joe Farebrother
c312b4b6b0
Add missing qldoc
2022-05-04 15:41:36 +01:00
Joe Farebrother
57ba8a4d1b
Improve handling of hex escapes; and support some named character classes
2022-05-04 15:41:36 +01:00
Joe Farebrother
5143585080
Fix to PolynomialRedos not finding results and to test cases not finding that
2022-05-04 15:41:36 +01:00
Joe Farebrother
91887ab229
Sync shared files
2022-05-04 15:41:36 +01:00
Joe Farebrother
e23162d91b
Add test cases for PolynomialRedos dataflow logic; make fixes
2022-05-04 15:41:35 +01:00
Joe Farebrother
5a4316d945
Add test cases for exponential redos query
2022-05-04 15:41:35 +01:00
Joe Farebrother
457cf41825
Support more escaped characters
2022-05-04 15:41:35 +01:00
Joe Farebrother
4b845d5dac
Move test cases to their own directory to avoid conflict
2022-05-04 15:41:35 +01:00
Joe Farebrother
9f4da65030
Improve calculation of locations of regex terms
2022-05-04 15:41:35 +01:00
Joe Farebrother
dd200e29d4
Improve char set depth calculation
2022-05-04 15:41:35 +01:00
Joe Farebrother
e797d2195c
Topologically sort RegexString
2022-05-04 15:41:34 +01:00
Joe Farebrother
bc109521aa
Simplify octal handling
2022-05-04 15:41:34 +01:00
Joe Farebrother
9e88c67c19
Add more test cases; make some fixes
2022-05-04 15:41:34 +01:00
Joe Farebrother
aa1337db86
Apply style suggestions from code review
2022-05-04 15:41:34 +01:00
Joe Farebrother
e954db293a
Convert snake case predicates to camel case
2022-05-04 15:41:34 +01:00
Joe Farebrother
5b61de67de
Implement style/doc suggestions from code review
2022-05-04 15:41:33 +01:00
Joe Farebrother
28649da187
Add parser tests; fix some parser issues.
...
[temporarily renamed existing regex/Test.java during rebasing to avoid conflict]
2022-05-04 15:41:33 +01:00
Joe Farebrother
8e1918216e
Add PrintAst support for regex terms
2022-05-04 15:41:33 +01:00
Joe Farebrother
ca422a2186
Use explicit this
2022-05-04 15:41:33 +01:00
Joe Farebrother
f9f7a01f57
Add Java ReDoS libraries to identical-files.json
2022-05-04 15:41:33 +01:00
Joe Farebrother
11e465f2ac
Implement remaining syntax differences
2022-05-04 15:41:33 +01:00
Joe Farebrother
7530902ad7
Add approximate support for nested character classes.
...
This shouldn't fail to parse on any correctly formed character class; but may give incorrect contents when nested classes are involved.
2022-05-04 15:41:33 +01:00
Joe Farebrother
d04c99b0be
Support quote sequences
2022-05-04 15:41:32 +01:00
Joe Farebrother
59945cd8b3
Add dataflow logic to PolynomialRedDoS
2022-05-04 15:41:30 +01:00
Joe Farebrother
37240f01d2
Copy Redos queries from python
...
Todo: Implement dataflow for polynomialredos; update docs to reference java rather than python
2022-05-04 15:40:58 +01:00
Joe Farebrother
a8f7a4459e
Port redos libraries from Python
2022-05-04 15:40:56 +01:00
Tom Hvitved
8e33653d25
Merge pull request #9017 from hvitved/dataflow/subpaths-perf
...
Data flow: Speedup `subpaths` predicate
2022-05-04 16:37:52 +02:00
Erik Krogh Kristensen
0d8bef7e92
Merge pull request #6736 from erik-krogh/polyReplace
...
JS: track flow through string replace calls that just replace single chars for js/polynomial-redos
2022-05-04 16:30:20 +02:00
Erik Krogh Kristensen
8425eaf919
Merge pull request #8549 from erik-krogh/unreachableJoin
...
JS: fix bad join in js/unreachable-method-overloads
2022-05-04 16:28:06 +02:00
Erik Krogh Kristensen
b4d4b51bc7
Merge pull request #8147 from erik-krogh/cacheReg
...
JS: cache RegExpCreationNode::getAReference
2022-05-04 16:25:25 +02:00
Arthur Baars
c7b2da5e39
JS: exclude ATM folder from labeler
2022-05-04 16:16:19 +02:00
Erik Krogh Kristensen
8e2b00d209
make the big disjunctions more readable by using a set literal
2022-05-04 16:15:17 +02:00
Erik Krogh Kristensen
31a4de902e
add missing security severity
2022-05-04 16:15:17 +02:00
Erik Krogh Kristensen
7530923af3
add missing qldoc
2022-05-04 16:14:59 +02:00
Erik Krogh Kristensen
d8cc82bdb1
add change-note
2022-05-04 16:14:59 +02:00
Erik Krogh Kristensen
df4bfef8c7
expand the qhelp for js/actions/injection
2022-05-04 16:14:59 +02:00
Erik Krogh Kristensen
48fb01f9f7
set js/actions/injection as a high precision warning query
2022-05-04 16:14:54 +02:00
Erik Krogh Kristensen
2a65d1d3ec
move js/actions/injection out of experimental
2022-05-04 16:14:19 +02:00
Erik Krogh Kristensen
fc6eedd07a
generalize the file pattern for github/actions related YAML
2022-05-04 16:14:19 +02:00
Erik Krogh Kristensen
bc470b89f1
leave a deprecated alias for Actions.qll
2022-05-04 16:14:19 +02:00
Erik Krogh Kristensen
9db67d4988
move the Actions API out of experimental
2022-05-04 16:14:19 +02:00
Rasmus Wriedt Larsen
7bd7bedb1b
Ruby: Simplify isLocalSourceNode implementation
...
The need for `SynthReturnNode` goes away if we don't restrict the nodes
that can't be reached from another entry definition or expression to be
`ExprNode`s
2022-05-04 16:12:20 +02:00
Nick Rolfe
5f59e96fa9
Merge pull request #8975 from github/nickrolfe/flow_summary_joins
2022-05-04 14:24:45 +01:00
Tom Hvitved
9cb63c0a5e
Data flow: Sync files
2022-05-04 14:49:26 +02:00
Tom Hvitved
7f7742216c
Address review comment
...
This reverts commit 2b4fde74bb .
2022-05-04 14:49:03 +02:00
Nick Rolfe
276f8d40f9
Ruby: add comments to address review feedback
2022-05-04 12:07:46 +01:00
Mathias Vorreiter Pedersen
f499f8e946
Merge pull request #9029 from redsun82/swift-codeowners
...
Swift: set @github/codeql-c as owner
2022-05-04 11:34:51 +01:00
Tony Torralba
2d3b15f936
Add more taint models
2022-05-04 12:32:59 +02:00
Michael Nebel
5f1a176a02
Java: Sync CaptureModels implementation to only allow at most two reads and two stores.
2022-05-04 12:29:57 +02:00
Michael Nebel
a488d6b80c
C#: Add an initial flow state to the model generator.
2022-05-04 12:27:34 +02:00
Tony Torralba
8601137602
Fix bad join order by moving WebViewRef::getAnAccess from callsites into predicates
2022-05-04 11:58:47 +02:00
Owen Mansel-Chan
570d3f47c4
Use os.Stat instead of os.File.Stat
2022-05-04 10:11:53 +01:00
Tony Torralba
3b1210eacb
Update java/ql/lib/semmle/code/java/security/UnsafeAndroidAccess.qll
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-05-04 10:53:31 +02:00
Tony Torralba
192017635a
Update java/ql/src/change-notes/2022-03-24-unsafe-android-access-improvements.md
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-05-04 10:53:31 +02:00
Tony Torralba
49259a6575
Remove everything related to WebView CSV models
...
This reverts commit c6c72eb.
2022-05-04 10:53:31 +02:00
Tony Torralba
dce11f3984
Removed unnecessary imports
2022-05-04 10:53:30 +02:00
Tony Torralba
f5e72e6e33
Remove getUnderlyingExpr
2022-05-04 10:53:30 +02:00
Tony Torralba
7ba5a032ce
Add tests and stubs for the new sources and flow steps
2022-05-04 10:53:30 +02:00
Tony Torralba
b678467e9d
Move things around
2022-05-04 10:53:30 +02:00
Tony Torralba
d68311e26d
Consider implicit this accesses in WebViewRef
2022-05-04 10:53:30 +02:00
Tony Torralba
51dfebf4c9
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-05-04 10:53:29 +02:00
Tony Torralba
b9859fe165
Add change note
2022-05-04 10:53:29 +02:00
Tony Torralba
91bdb4299f
Improvements to UnsafeAndroidAccess
2022-05-04 10:53:29 +02:00
Tony Torralba
b876431950
Merge pull request #8706 from luchua-bc/java/unsafe-get-resource
...
Java: CWE-552 Add sources and sinks to to detect unsafe getResource calls in Java EE applications
2022-05-04 10:12:28 +02:00
Tom Hvitved
74e99302d6
Address review comments
2022-05-04 09:57:59 +02:00
Tom Hvitved
ac3bfa1788
Data flow: Mention expectsContent in dataflow.md
2022-05-04 09:57:59 +02:00
Tom Hvitved
da72ba46d4
Data flow: Add stub expectsContent for all languages
2022-05-04 09:57:59 +02:00
Tom Hvitved
6e2e8440eb
Data flow: Sync files
2022-05-04 09:57:59 +02:00
Tom Hvitved
a50f18ab50
Data flow: Introduce expectsContent
2022-05-04 09:57:58 +02:00
bananabr
2e2d4c6e1f
updated tests to consider document.getSelection()
2022-05-03 21:03:35 -05:00
Daniel Santos
880e3e1885
Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-05-03 11:38:32 -05:00
Daniel Santos
4cd6dcc4d0
Update javascript/ql/lib/change-notes/2022-04-30-xss-selection-source.md
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-05-03 11:37:45 -05:00
Daniel Santos
d52980573a
Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-05-03 11:37:26 -05:00
Paolo Tranquilli
b7cdc4ae1f
Swift: set @github/codeql-c as owner
2022-05-03 17:41:23 +02:00
Geoffrey White
5aa862acfd
C++: Fixup after merge.
2022-05-03 16:12:42 +01:00
Geoffrey White
fd5b4dfff2
Merge branch 'main' into xxe4
2022-05-03 16:08:54 +01:00
Mathias Vorreiter Pedersen
b8fd07c0ac
Merge pull request #9018 from geoffw0/xxe5
...
C++: Support libxml2 in the XXE query
2022-05-03 16:00:52 +01:00
Michael Nebel
b8ec2254e8
C#: Update unit tests (looks like new NFloat operator has been introduced).
2022-05-03 16:36:32 +02:00
Michael Nebel
94b046c554
C#: Upgrade dotnet to 6.0.202.
2022-05-03 16:36:32 +02:00
Joe Farebrother
f65f833b11
Merge pull request #9020 from joefarebrother/predictable-seed
...
Java: Add CWE-377 tag to java/predictable-seed
2022-05-03 15:13:58 +01:00
Tony Torralba
02822c6284
Merge pull request #9013 from atorralba/atorralba/private-externalflow-imports
...
Java: Make more ExternalFlow imports private
2022-05-03 16:02:09 +02:00
Owen Mansel-Chan
22ccbbaae8
Run go mod tidy -e if go.mod exists
2022-05-03 14:57:13 +01:00
Tony Torralba
cf55f180c4
Add change note
2022-05-03 15:46:17 +02:00
Tony Torralba
7b3a803d19
Add flow step from startActivity to getIntent
2022-05-03 15:46:17 +02:00
Tony Torralba
9c92454fa7
Merge pull request #8872 from atorralba/atorralba/android-widget-flowstep
...
Java: Add Editable.toString flow step
2022-05-03 15:27:52 +02:00
Joe Farebrother
61f13817cf
Add change note
2022-05-03 14:27:47 +01:00
Geoffrey White
d5be11bf14
C++: Address review comments.
2022-05-03 14:08:19 +01:00
Rasmus Wriedt Larsen
a7b43f7356
Ruby: Accept changes to TypeTracker tests
...
Since this is not using inline-expectation-tests, I'm not entirely sure
whether these changes are OK or not, so hope to get someone else to
signoff on that.
2022-05-03 14:59:06 +02:00
Rasmus Wriedt Larsen
6cacf7b9a6
Ruby: isLocalSourceNode needs SynthReturnNode
2022-05-03 14:43:57 +02:00
Tony Torralba
fbceb8de57
Update java/ql/lib/semmle/code/java/frameworks/OkHttp.qll
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-05-03 14:40:40 +02:00
Rasmus Wriedt Larsen
d012eaa892
Python: Clarify getArg is about positional arguments
2022-05-03 14:26:23 +02:00
Rasmus Wriedt Larsen
89c4b6c235
Ruby: Fix isLocalSourceNode implementation
...
The old code was equivalent with the code below, which seems wrong
```
not n instanceof ExprNode
or
n instanceof ExprNode and
localFlowStepTypeTracker+(..., n)
```
From running on real DB I found that this meant that the following node
types were also included as local source nodes:
- `TReturningNode`
- `TSynthReturnNode`
- `TSummaryNode`
- `TSsaDefinitionNode`
My understanding is that the first 3 should not be included.
I would guess that SsaDefinitionNode should indeed be included as a
LocalSourceNode, but I'm not 100% sure, so I'll see what the test
results say before making further changes.
2022-05-03 14:16:19 +02:00
Joe Farebrother
f7d0884db1
Java: Add cwe-377 tag to predictable-seed
2022-05-03 12:28:14 +01:00
Geoffrey White
42a78a27e0
C++: Fixup spacing in tests.
2022-05-03 11:48:03 +01:00
Paolo Tranquilli
c2be267feb
Swift: enable dynamic mode
...
Providing `--dynamic_mode=fully` (for example setting it in
`local.bazelrc`) will now work.
All runfiles are now copied in the extractor pack: in dynamic mode,
those will be the executable and the dynamic libraries, while in static
mode only the executable will be part of the runfiles.
Setting the correct `LD_LIBRARY_PATH` in `qltest.sh` then allows to
run tests with this pakcage. If we need something more, we can switch to
a wrapper script in place of `extractor` in the future.
Notice that `LD_LIBRARY_PATH` is also set in static mode, but that has
no consequence.
2022-05-03 12:33:24 +02:00
yoff
56ed68b3eb
Merge pull request #9001 from RasmusWL/files-refactoring
...
Python: Flask: Improve `request.files` modeing
2022-05-03 12:19:55 +02:00
Geoffrey White
9faa825304
C++: Add support for libxml2 in the query.
2022-05-03 11:19:13 +01:00
Tom Hvitved
e9c8f979f9
Data flow: Sync files
2022-05-03 11:46:51 +02:00
Tom Hvitved
2b4fde74bb
Data flow: Speedup subpaths predicate
...
Before
```
[2022-05-02 15:47:16] (1280s) Tuple counts for DataFlowImpl::Subpaths::subpaths#656de156#ffff/4@c5f3dclb after 3m22s:
8389013 ~4% {5} r1 = JOIN DataFlowImpl::Subpaths::subpaths#656de156#ffff#shared WITH DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg', Lhs.1, Lhs.2, Lhs.3, Lhs.4 'out'
6689751 ~0% {4} r2 = JOIN r1 WITH DataFlowImpl::Subpaths::subpaths03#656de156#ffffff_034512#join_rhs ON FIRST 4 OUTPUT Rhs.4, Lhs.4 'out', Lhs.0 'arg', Rhs.5 'ret'
1513839768 ~1% {5} r3 = JOIN r2 WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'out', Lhs.2 'arg', Lhs.3 'ret', Rhs.1 'par', Lhs.3 'ret'
1513839768 ~1% {5} r4 = r3 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
1513839768 ~5% {4} r5 = SCAN r4 OUTPUT In.1 'arg', In.3 'par', In.0 'out', In.4 'ret'
1513839768 ~2% {4} r6 = JOIN r2 WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.3 'ret', Lhs.1 'out', Lhs.2 'arg', Rhs.1 'par'
0 ~0% {5} r7 = JOIN r6 WITH boundedFastTC(DataFlowImpl::Subpaths::localStepToHidden#656de156#ff_10#higher_order_body,DataFlowImpl::Subpaths::subpaths#656de156#ffff#higher_order_body) ON FIRST 1 OUTPUT Lhs.1 'out', Lhs.2 'arg', Lhs.0, Lhs.3 'par', Rhs.1 'ret'
0 ~0% {5} r8 = r7 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
0 ~0% {4} r9 = SCAN r8 OUTPUT In.1 'arg', In.3 'par', In.0 'out', In.4 'ret'
1513839768 ~5% {4} r10 = r5 UNION r9
6689751 ~0% {4} r11 = JOIN r10 WITH DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff ON FIRST 2 OUTPUT Lhs.0 'arg', Lhs.1 'par', Lhs.3 'ret', Lhs.2 'out'
return r11
```
After
```
[2022-05-03 11:44:10] (969s) Tuple counts for DataFlowImpl::Subpaths::subpaths#656de156#ffff/4@b26b969r after 11.8s:
8372525 ~0% {3} r1 = JOIN DataFlowImpl::PathNode::getASuccessor#dispred#f0820431#ff_10#join_rhs WITH DataFlowImpl::PathNodeImpl::getNodeEx#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'arg', Rhs.1, Rhs.0
6673799 ~6% {9} r2 = JOIN r1 WITH DataFlowImpl::Subpaths::subpaths03#656de156#fffffffff ON FIRST 2 OUTPUT Rhs.3, Rhs.4, Rhs.5, Rhs.7, Rhs.6, Rhs.8, Lhs.2 'par', Lhs.0 'arg', Rhs.2 'ret'
6637884 ~0% {5} r3 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Lhs.6 'par', Lhs.7 'arg', Lhs.8 'ret', Rhs.6 'out', Lhs.8 'ret'
6637884 ~0% {4} r4 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Rhs.6 'out', Lhs.6 'par', Lhs.7 'arg', Lhs.8 'ret'
51867 ~0% {5} r5 = JOIN r4 WITH DataFlowImpl::PathNodeMid::projectToSink#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'par', Lhs.2 'arg', Lhs.3 'ret', Rhs.1 'out', Lhs.3 'ret'
6689751 ~0% {5} r6 = r3 UNION r5
6689751 ~0% {5} r7 = r6 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
6689751 ~0% {4} r8 = SCAN r7 OUTPUT In.1 'arg', In.0 'par', In.4 'ret', In.3 'out'
6637884 ~0% {4} r9 = JOIN r2 WITH project#DataFlowImpl::pathNode#656de156#ffffffff_1234560#join_rhs ON FIRST 6 OUTPUT Lhs.8 'ret', Lhs.6 'par', Lhs.7 'arg', Rhs.6 'out'
51867 ~0% {4} r10 = JOIN r4 WITH DataFlowImpl::PathNodeMid::projectToSink#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.3 'ret', Lhs.1 'par', Lhs.2 'arg', Rhs.1 'out'
6689751 ~0% {4} r11 = r9 UNION r10
0 ~0% {5} r12 = JOIN r11 WITH boundedFastTC(DataFlowImpl::Subpaths::localStepToHidden#656de156#ff_10#higher_order_body,DataFlowImpl::Subpaths::subpaths#656de156#ffff#higher_order_body) ON FIRST 1 OUTPUT Lhs.1 'par', Lhs.2 'arg', Lhs.0, Lhs.3 'out', Rhs.1 'ret'
0 ~0% {5} r13 = r12 AND NOT DataFlowImpl::PathNodeImpl::isHidden#dispred#f0820431#f(Lhs.4 'ret')
0 ~0% {4} r14 = SCAN r13 OUTPUT In.1 'arg', In.0 'par', In.4 'ret', In.3 'out'
6689751 ~0% {4} r15 = r8 UNION r14
return r15
```
2022-05-03 11:45:28 +02:00
Anders Schack-Mulligen
249f771fad
Merge pull request #8952 from cklin/fix-ql-comments-syntax
...
Fix syntax errors in QL comments
2022-05-03 11:15:56 +02:00
Jeroen Ketema
904ff1a569
Merge pull request #8943 from jbj/remove-gvn-imports
...
C++: Remove import order workarounds
2022-05-03 11:01:02 +02:00
Nick Rolfe
00bf352b50
Ruby: fix some flow summary join orders
...
The flow summaries that are implemented with an abstract base class
restricting the method name, and child classes using that method name,
had unfortunate join orders:
r1 = JOIN Call::MethodCall::getMethodName#dispred#f0820431#ff WITH Call::MethodCall::getMethodName#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.0, (Lhs.1 ++ "_arg"), Rhs.1
2022-05-03 09:58:40 +01:00
mc
58a2677cf7
Merge pull request #8860 from github/jf205-patch-1
...
Fix broken link in analyzing-databases-with-the-codeql-cli.rst
2022-05-03 09:56:49 +01:00
Mathias Vorreiter Pedersen
73886b1040
Merge pull request #8948 from geoffw0/xxe3
...
C++: Add support for SAXParser to the CWE-611 XXE query.
2022-05-03 09:42:10 +01:00
Tony Torralba
c66e583aea
Make more ExternalFlow imports private
2022-05-03 10:31:29 +02:00
Arthur Baars
19e4d34581
Update ruby/ql/lib/change-notes/2022-04-30-update-grammar.md
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-05-03 10:08:29 +02:00
Erik Krogh Kristensen
806dacb0e3
Merge pull request #8989 from erik-krogh/mentionAll
...
JS/RB: have `ApiGraphModelsSpecific.qll` mention all the required predicates
2022-05-03 09:42:41 +02:00
Tony Torralba
5c574906fe
Merge pull request #9010 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-05-03 09:23:53 +02:00
github-actions[bot]
433beaf637
Add changed framework coverage reports
2022-05-03 00:15:34 +00:00
Daniel Santos
fddb465260
Update javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-05-02 14:00:45 -05:00
Tony Torralba
de8b5f927b
Adjust test expectations
2022-05-02 16:55:11 +02:00
Tony Torralba
29b430e49b
Make commits private
2022-05-02 16:55:01 +02:00
Anders Schack-Mulligen
86516b157b
Merge pull request #8884 from JLLeitschuh/feat/JLL/additional-file-taint-flow
...
Java: Add additional `File` taint value flow models
2022-05-02 16:30:45 +02:00
Tony Torralba
9a35aba465
Add change notes
2022-05-02 15:45:44 +02:00
Tony Torralba
1cf4b60769
Simplify non-https-url query
2022-05-02 15:43:07 +02:00
Tony Torralba
8602a6f6c9
Add models for OkHttp and Retrofit
2022-05-02 15:42:15 +02:00
Rasmus Wriedt Larsen
7e1be3172e
Python: Add change-note
2022-05-02 14:24:13 +02:00
Rasmus Wriedt Larsen
de4390cdf6
Python: Improve Flask request.files handling even more
2022-05-02 14:19:45 +02:00
Rasmus Wriedt Larsen
fb0133d276
Python: Fix Flask request.files modeling
2022-05-02 14:14:58 +02:00
Rasmus Wriedt Larsen
0c62916af5
Python: Highlight problem with Flask request.files modeling
2022-05-02 14:14:53 +02:00
yoff
1d44694280
Merge pull request #8732 from RasmusWL/dataflow-imports
...
Python: Don't re-export `python` under `DataFlow::`
2022-05-02 12:08:28 +02:00
Taus
231def026f
Merge pull request #8890 from tausbn/python-add-global-attribute-writes
...
Python: Add support for global attribute writes
2022-05-02 12:03:41 +02:00
yoff
c67b06b1fd
Update python/ql/test/experimental/dataflow/typetracking/attribute_tests.py
...
Co-authored-by: Taus <tausbn@github.com >
2022-05-02 11:36:58 +02:00
Rasmus Wriedt Larsen
714465bf39
Python: Refactor SaxParserSetFeatureCall
...
Originally made by @erik-krogh in
https://github.com/github/codeql/pull/8693/files#diff-9627c1fb9a1cc77fb93e6b7e31af1a4fa908f2a60362cfb34377d24debb97398
Could not be applied directly to this PR, since this PR deletes the file.
2022-05-02 11:29:54 +02:00
Rasmus Wriedt Larsen
5f01fc24e4
Merge branch 'main' into promote-xxe
2022-05-02 11:25:55 +02:00
Rasmus Wriedt Larsen
3c1a37e7e1
Merge branch 'main' into new-nosql-examples
2022-05-02 11:21:36 +02:00
Tom Hvitved
29f30a19e7
Merge pull request #8955 from hvitved/csharp/useless-cast-fp
...
C#: Add FP test for `cs/useless-cast-to-self`
2022-05-02 10:32:28 +02:00
Anders Schack-Mulligen
b2e9555075
Merge pull request #8345 from jorgectf/mybatis-new-sinks
...
Java: Add `MyBatis`' `Providers` sinks
2022-05-02 09:44:28 +02:00
bananabr
ed58ee86fe
documented getSelectionCall
2022-05-01 20:41:43 -05:00
thibaut hansmann
83e26f41c0
C/C++ : Wrong Uint access
2022-05-01 14:53:52 +02:00
bananabr
57ae07017f
adds the Selection API as a new DOM text source
2022-04-30 18:27:31 -05:00
Erik Krogh Kristensen
f87312d4ba
have ApiGraphModelsSpecific.qll mention all the required predicates/types
2022-04-30 20:29:44 +02:00
luchua-bc
920a7cd2e6
Put back the taint step removed during merge
2022-04-29 20:29:04 +00:00
Geoffrey White
034c4faf19
Merge branch 'main' into xxe3
2022-04-29 21:06:16 +01:00
Jonathan Leitschuh
c8e0d7f847
Summary model for File should include overriden methods
2022-04-29 14:51:26 -04:00
Henry Mercer
811a2c0053
Merge pull request #8957 from github/henrymercer/upgrade-codeql-action
...
Use codeql-action/upload-sarif@main in CSV coverage metrics workflow
2022-04-29 17:06:21 +01:00
Arthur Baars
cf4325c86f
Add change note
2022-04-29 16:19:11 +02:00
Geoffrey White
614a7650a6
Merge pull request #8775 from porcupineyhairs/cpam
...
CPP: PAM Authorization Bypass
2022-04-29 14:55:33 +01:00
Erik Krogh Kristensen
4585e8a874
QL: point the dataset measure workflow to a merge_stats.py file that exists
2022-04-29 15:31:07 +02:00
Jorge
37b051a851
Apply suggestions from code review
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-04-29 14:44:17 +02:00
AlexDenisov
5c6e5173ad
Merge pull request #8959 from AlexDenisov/alexdenisov/pip-install-from-bazel
...
Swift: teach bazel to install python dependencies
2022-04-29 14:31:37 +02:00
Paolo Tranquilli
8fc78fae74
Merge pull request #8960 from redsun82/swift-cc-wrappers
...
Swift: cc wrapper rules
2022-04-29 14:30:54 +02:00
Geoffrey White
812a24fc18
C++: Add test cases for libxml2.
2022-04-29 13:23:29 +01:00
Paolo Tranquilli
2fe38c2bbb
Swift: cc wrapper rules
2022-04-29 14:18:36 +02:00
Alex Denisov
7332460268
Swift: teach bazel to install python dependencies
2022-04-29 14:05:36 +02:00
yoff
7efb4ab4e4
Merge pull request #8581 from tausbn/python-fix-bad-join-in-import_star_read
...
Python: Fix bad join in `import_star_read`
2022-04-29 13:14:14 +02:00
Henry Mercer
d1cc835cad
Merge pull request #8949 from github/henrymercer/fix-typo
...
JS: Nit: Fix typo in QLDoc
2022-04-29 12:04:09 +01:00
Henry Mercer
08b6b1d209
Use codeql-action/upload-sarif@main in CSV coverage metrics workflow
2022-04-29 11:26:32 +01:00
Tony Torralba
12320aa5d2
Fix Intent Redirection sanitizer
2022-04-29 12:19:49 +02:00
Tom Hvitved
a0e003e33c
C#: Add FP test for cs/useless-cast-to-self
2022-04-29 11:59:51 +02:00
Henry Mercer
d3e92f72c4
JS: Nit: Fix typo in QLDoc
2022-04-29 10:54:07 +01:00
Geoffrey White
dd258781ed
C++: More test cases.
2022-04-29 10:38:31 +01:00
Geoffrey White
1d71f042db
C++: Turns out DOMLSParser is not an AbstractDOMParser and works a little differently than I'd thought.
2022-04-29 10:38:31 +01:00
Geoffrey White
c6deddb290
C++: For consistency.
2022-04-29 10:35:34 +01:00
Geoffrey White
4be3161891
C++: Move some stuff from tests3.cpp to common tests.h
2022-04-29 10:35:34 +01:00
Geoffrey White
397efd1648
C++: Split off the createLSParser tests into their own file.
2022-04-29 10:35:33 +01:00
Geoffrey White
b02519bf0b
C++: Make the createLSParser test a bit closer to real life.
2022-04-29 10:33:47 +01:00
Geoffrey White
a1542322e2
C++: Add test cases for SAX2XMLReader.
2022-04-29 10:33:46 +01:00
Erik Krogh Kristensen
080271f14f
Merge pull request #8221 from erik-krogh/libProto
...
JS: recognize more module exports from the factory pattern
2022-04-29 11:23:53 +02:00
Erik Krogh Kristensen
dfe2140902
slight simplification
2022-04-29 11:22:12 +02:00
Stephan Brandauer
fa377ac763
Merge pull request #8946 from kaeluka/deepFillIn-FN
...
JS: fix a FN for prototype polluting function query
2022-04-29 10:14:41 +01:00
Erik Krogh Kristensen
b74d1fdb1a
Merge pull request #8783 from erik-krogh/jsAbstractBi
...
JS: don't initialize sanitizer-guards in the standard library
2022-04-29 11:12:16 +02:00
Geoffrey White
7fb1069d69
C++: Use GVN on the values passed into set* functions.
2022-04-29 10:09:52 +01:00
Owen Mansel-Chan
ee94eb5962
Merge pull request #727 from cklin/fix-ql-comments-syntax
...
Fix Beego references
2022-04-29 09:19:24 +01:00
Geoffrey White
215453e4db
Update cpp/ql/src/Security/CWE/CWE-611/XXE.ql
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-04-29 09:07:25 +01:00
Tony Torralba
9eb6022bbe
Merge pull request #8954 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-04-29 10:06:57 +02:00
Geoffrey White
33d499c12d
C++: Address review comments.
2022-04-29 09:02:11 +01:00
luchua-bc
0aa1251ffe
Add more test cases
2022-04-29 02:31:43 +00:00
github-actions[bot]
1032dcd7e6
Add changed framework coverage reports
2022-04-29 00:15:05 +00:00
jorgectf
548721a8cf
Fix MyBatisInjectionSink
2022-04-28 23:36:51 +02:00
Jorge
193ea1a86e
Merge branch 'main' into mybatis-new-sinks
2022-04-28 22:26:38 +02:00
Stephan Brandauer
3f13a5e082
fix a FN for prototype polluting function query
2022-04-28 22:00:09 +02:00
Jorge
50e95b5aad
Apply suggestions from code review
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-04-28 21:56:20 +02:00
Jorge
834f2e845d
Delete MyBatisAbstractSql and inline MyBatisAbstractSqlMethodsStep
2022-04-28 21:55:15 +02:00
Chuan-kai Lin
d2fccbea95
Fix Beego references
2022-04-28 12:52:21 -07:00
Chuan-kai Lin
d6f0bbb816
Fix syntax errors in QL comments
2022-04-28 11:53:36 -07:00
AlexDenisov
f6769735e5
Merge pull request #8939 from AlexDenisov/alexdenisov/swift-tracer-integration
...
Swift: tracer integration
2022-04-28 19:20:55 +02:00
Geoffrey White
79d1ffc1d9
C++: Change note.
2022-04-28 17:49:41 +01:00
Tom Hvitved
3fd93b460f
Merge pull request #8935 from hvitved/ruby/typetracker-kw-test
2022-04-28 18:22:51 +02:00
Geoffrey White
2ccd5a5531
C++: Add support for SAXParser in the query.
2022-04-28 16:13:21 +01:00
Geoffrey White
4e2344c488
C++: Add test cases for SAXParser.
2022-04-28 16:11:08 +01:00
Paolo Tranquilli
75265f7c42
Merge pull request #8947 from redsun82/swift-pragma-once
...
Swift: use `#pragma once`
2022-04-28 16:59:50 +02:00
AlexDenisov
a59d7f6a85
Update swift/extractor/main.cpp
2022-04-28 16:52:34 +02:00
Paolo Tranquilli
c4fae0806f
Swift: use #pragma once
2022-04-28 16:39:27 +02:00
AlexDenisov
84bcc2e64a
Merge branch 'main' into alexdenisov/swift-tracer-integration
2022-04-28 16:28:48 +02:00
Paolo Tranquilli
2374e6b401
Merge pull request #8934 from redsun82/swift-trapgen
...
Swift: added trapgen
2022-04-28 16:00:46 +02:00
Mathias Vorreiter Pedersen
69af3b123d
Merge pull request #8941 from github/release-prep/2.9.1
...
Release preparation for version 2.9.1
2022-04-28 14:45:32 +01:00
Mathias Vorreiter Pedersen
ff677cd756
Merge pull request #726 from github/release-prep/2.9.1
...
Release preparation for version 2.9.1
2022-04-28 14:45:19 +01:00
Jonas Jensen
f1fa7cba5a
C++: Remove import order workarounds
...
These workarounds are no longer needed from CodeQL CLI 2.9.0.
2022-04-28 14:40:57 +02:00
Anders Schack-Mulligen
9d2f386032
Merge pull request #8878 from aschackmull/java/validationmethod-joinorder
...
Java: Fix join-order.
2022-04-28 14:35:20 +02:00
Tom Hvitved
8d2bf2228b
Merge pull request #7914 from hvitved/ruby/generalize-element-content
...
Ruby: Generalize `ArrayElementContent` to `ElementContent`
2022-04-28 14:23:08 +02:00
Jeroen Ketema
2e6addab03
Fix one more change note
2022-04-28 14:22:41 +02:00
Jeroen Ketema
4a648f3c89
Fix change note items
2022-04-28 14:14:19 +02:00
github-actions[bot]
8e4cf190e9
Release preparation for version 2.9.1
2022-04-28 11:59:05 +00:00
github-actions[bot]
bcd2c009e3
Release preparation for version 2.9.1
2022-04-28 11:58:54 +00:00
Michael Nebel
ec316750d3
Merge pull request #8905 from michaelnebel/csharp/generatedcomment
...
C#: Add auto generated comment to generated models as data files.
2022-04-28 13:57:38 +02:00
Tom Hvitved
f7669815ce
Address review comments
2022-04-28 13:50:26 +02:00
Arthur Baars
ccc18640db
Ruby: add upgrade and downgrade scripts
2022-04-28 13:47:14 +02:00
Arthur Baars
d055f9a186
Update tests
2022-04-28 13:47:10 +02:00
Alex Denisov
85918173a6
Swift: ensure the folder for trap files exists
2022-04-28 13:19:25 +02:00
Alex Denisov
9c73ae5a97
Swift: teach extractor to not produce artifacts
2022-04-28 13:18:20 +02:00
Michael Nebel
9d767b8ad8
Merge pull request #8869 from michaelnebel/csharp/frameworkcoverage
...
C#: Port the java FrameworkCoverage query.
2022-04-28 13:17:50 +02:00
Alex Denisov
5b75b4db79
Swift: add tracer config
2022-04-28 13:17:35 +02:00
Alex Denisov
4a03976a15
Swift: set compiler flags explicitly
2022-04-28 13:17:05 +02:00
Taus
95d235416c
Python: Fix bad antijoin in getAKeyword
...
Before:
```
Tuple counts for Exprs::Call::getAKeyword_dispred#ff#antijoin_rhs/3@7bc202ij after 9s:
1 ~0% {1} r1 = CONSTANT(unique int)[2]
4244385 ~2% {1} r2 = JOIN r1 WITH py_dict_items_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0'
4244352 ~3% {3} r3 = JOIN r2 WITH AstGenerated::Call_::getNamedArg_dispred#ffb_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg1', Lhs.0 'arg0', Rhs.2 'arg2'
66618690 ~3% {5} r4 = JOIN r3 WITH AstGenerated::Call_::getNamedArg_dispred#ffb ON FIRST 1 OUTPUT Lhs.1 'arg0', Lhs.0 'arg1', Lhs.2 'arg2', Rhs.1, Rhs.2
31187133 ~0% {5} r5 = SELECT r4 ON In.3 < In.2 'arg2'
31187133 ~1% {5} r6 = SCAN r5 OUTPUT In.4, 0, In.0 'arg0', In.1 'arg1', In.2 'arg2'
0 ~0% {3} r7 = JOIN r6 WITH py_dict_items ON FIRST 2 OUTPUT Lhs.2 'arg0', Lhs.3 'arg1', Lhs.4 'arg2'
return r7
Tuple counts for Exprs::Call::getAKeyword_dispred#ff/2@1dc9468b after 421ms:
1 ~0% {1} r1 = CONSTANT(unique int)[2]
4244385 ~2% {1} r2 = JOIN r1 WITH py_dict_items_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'result'
4244352 ~0% {3} r3 = JOIN r2 WITH AstGenerated::Call_::getNamedArg_dispred#ffb_201#join_rhs ON FIRST 1 OUTPUT Lhs.0 'result', Rhs.1 'this', Rhs.2
4244352 ~0% {3} r4 = r3 AND NOT Exprs::Call::getAKeyword_dispred#ff#antijoin_rhs(Lhs.0 'result', Lhs.1 'this', Lhs.2)
4244352 ~6% {2} r5 = SCAN r4 OUTPUT In.1 'this', In.0 'result'
return r5
```
Oof. All that work to produce zero tuples. Luckily we can improve
matters somewhat.
Basically, there's no reason to test _all_ dictionary unpackings, since
we're only interested in a lower bound. Thus, we can use `min` instead
which is much more efficient. For convenience I factored this into its
own (private) helper predicate.
Now the tuple counts look as follows:
```
Tuple counts for Exprs::Call::getMinimumUnpackingIndex_dispred#ff#min_range/2@39b0e9sm after 1ms:
246 ~0% {2} r1 = JOIN Keywords::DictUnpackingOrKeyword#class#f#shared WITH AstGenerated::Call_::getNamedArg_dispred#ffb_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Rhs.2 'arg1'
return r1
Registering Exprs::Call::getMinimumUnpackingIndex_dispred#ff#min_range/2@39b0e9sm + with content 9ea2f123k8necpu015v6tpsc2t1
>>> Created relation Exprs::Call::getMinimumUnpackingIndex_dispred#ff#min_range/2@39b0e9sm with 246 rows.
Starting to evaluate predicate Exprs::Call::getMinimumUnpackingIndex_dispred#ff#min_term/3@9f4ca5g8
Tuple counts for Exprs::Call::getMinimumUnpackingIndex_dispred#ff#min_term/3@9f4ca5g8 after 0ms:
246 ~2% {3} r1 = JOIN Keywords::DictUnpackingOrKeyword#class#f#shared WITH AstGenerated::Call_::getNamedArg_dispred#ffb_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Rhs.2 'arg2', Rhs.2 'arg2'
return r1
Tuple counts for Exprs::Call::getAKeyword_dispred#ff/2@000a0alb after 906ms:
1 ~0% {1} r1 = CONSTANT(unique int)[2]
4244385 ~2% {1} r2 = JOIN r1 WITH py_dict_items_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'result'
4244352 ~0% {3} r3 = JOIN r2 WITH AstGenerated::Call_::getNamedArg_dispred#ffb_201#join_rhs ON FIRST 1 OUTPUT Lhs.0 'result', Rhs.1 'this', Rhs.2
4244280 ~0% {3} r4 = r3 AND NOT Exprs::Call::getMinimumUnpackingIndex_dispred#ff_0#antijoin_rhs(Lhs.1 'this')
4244280 ~6% {2} r5 = SCAN r4 OUTPUT In.1 'this', In.0 'result'
4244352 ~3% {3} r6 = JOIN r2 WITH AstGenerated::Call_::getNamedArg_dispred#ffb_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'this', Lhs.0 'result', Rhs.2
72 ~4% {4} r7 = JOIN r6 WITH Exprs::Call::getMinimumUnpackingIndex_dispred#ff ON FIRST 1 OUTPUT Lhs.1 'result', Lhs.0 'this', Lhs.2, Rhs.1
72 ~4% {4} r8 = SELECT r7 ON In.2 <= In.3
72 ~0% {2} r9 = SCAN r8 OUTPUT In.1 'this', In.0 'result'
4244352 ~6% {2} r10 = r5 UNION r9
return r10
```
This is not the perfect join order (note the similarity between `r3`
and `r6`) but overall it's a win.
2022-04-28 11:11:37 +00:00
Taus
80ef09f034
Python: Fix bad join in declaredAttributeVar
...
Before:
```
Tuple counts for PointsTo::declaredAttributeVar#fbf/3@99d5aenq after 1.1s:
451054 ~7% {2} r1 = SCAN variable OUTPUT In.0, In.2 'name'
1296149 ~0% {2} r2 = JOIN r1 WITH Essa::EssaVariable::getSourceVariable_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'var', Lhs.1 'name'
12179900 ~4% {3} r3 = JOIN r2 WITH Essa::EssaVariable::getAUse_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'name', Lhs.0 'var'
8028 ~2% {3} r4 = JOIN r3 WITH Scope::Scope::getANormalExit_dispred#bf_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'name', Lhs.2 'var'
8028 ~2% {3} r5 = JOIN r4 WITH Classes::PythonClassObjectInternal::getScope_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'cls', Lhs.1 'name', Lhs.2 'var'
return r5
```
After:
```
Tuple counts for PointsTo::declaredAttributeVar#fbf/3@cccf36hb after 4ms:
1450 ~0% {2} r1 = SCAN Classes::PythonClassObjectInternal::getScope_dispred#ff OUTPUT In.1, In.0 'cls'
1450 ~7% {2} r2 = JOIN r1 WITH Scope::Scope::getANormalExit_dispred#bf ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'cls'
8028 ~0% {2} r3 = JOIN r2 WITH Essa::EssaVariable::getAUse_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'var', Lhs.1 'cls'
8028 ~0% {3} r4 = JOIN r3 WITH Essa::EssaVariable::getSourceVariable_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'cls', Lhs.0 'var'
8028 ~2% {3} r5 = JOIN r4 WITH variable ON FIRST 1 OUTPUT Lhs.1 'cls', Rhs.2 'name', Lhs.2 'var'
return r5
```
2022-04-28 11:11:37 +00:00
Taus
d28f9f41e8
Python: Fix bad join in import_star_read
...
Makes this
```
(21s) Tuple counts for DataFlowPublic::import_star_read#ff/2@fcd5e6nr after 8.5s:
9743 ~6% {3} r1 = SCAN num#DataFlowPublic::TModuleVariableNode#fff OUTPUT In.1, In.0, In.2 'result'
9743 ~1% {3} r2 = JOIN r1 WITH Variables::Variable::getId_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 'result'
390808917 ~3% {3} r3 = JOIN r2 WITH Flow::NameNode::getId_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 'result'
307 ~0% {2} r4 = JOIN r3 WITH ImportStar::ImportStar::importStarResolvesTo#ff ON FIRST 2 OUTPUT Lhs.0, Lhs.2 'result'
307 ~0% {2} r5 = JOIN r4 WITH num#DataFlowPublic::TCfgNode#ff ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.1 'result'
return r5
```
become this
```
(17s) Tuple counts for DataFlowPublic::resolved_import_star_module#fff/3@f5e84aic after 0ms:
307 ~0% {3} r1 = JOIN ImportStar::ImportStar::importStarResolvesTo#ff WITH num#DataFlowPublic::TCfgNode#ff ON FIRST 1 OUTPUT Lhs.0, Lhs.1 'm', Rhs.1 'n'
307 ~0% {3} r2 = JOIN r1 WITH Flow::NameNode::getId_dispred#ff ON FIRST 1 OUTPUT Lhs.1 'm', Rhs.1 'name', Lhs.2 'n'
return r2
(17s) Registering DataFlowPublic::resolved_import_star_module#fff/3@f5e84aic + with content f29281ig38r98icro4ege09mrva
(17s) >>> Created relation DataFlowPublic::resolved_import_star_module#fff/3@f5e84aic with 307 rows.
(17s) Starting to evaluate predicate DataFlowPublic::import_star_read#ff/2@57b0c06e
(17s) Tuple counts for DataFlowPublic::import_star_read#ff/2@57b0c06e after 2ms:
9743 ~0% {3} r1 = SCAN num#DataFlowPublic::TModuleVariableNode#fff OUTPUT In.1, In.0, In.2 'result'
9743 ~0% {3} r2 = JOIN r1 WITH Variables::Variable::getId_dispred#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.2 'result'
307 ~0% {2} r3 = JOIN r2 WITH DataFlowPublic::resolved_import_star_module#fff ON FIRST 2 OUTPUT Rhs.2 'n', Lhs.2 'result'
return r3
```
2022-04-28 11:11:37 +00:00
Arthur Baars
20a3e3a8ae
Update library
2022-04-28 13:00:02 +02:00
Arthur Baars
65989ae564
Update dbscheme stats
2022-04-28 13:00:02 +02:00
Arthur Baars
a848929069
Regenerate QLL library
2022-04-28 13:00:02 +02:00
Arthur Baars
0d9354322e
Update tree-sitter-ruby
2022-04-28 13:00:02 +02:00
Arthur Baars
7359ffaa2e
Ruby: add tree-sitter test case
2022-04-28 12:59:56 +02:00
Erik Krogh Kristensen
3c07ab59a1
Merge pull request #8936 from jketema/camel-case
...
QL: Improve camel case query
2022-04-28 12:32:46 +02:00
yoff
4553a0913f
Merge pull request #8897 from tausbn/python-fix-bad-methodcallsite-join
...
Python: Fix bad join in `MethodCallsiteRefinement`
2022-04-28 12:17:33 +02:00
Jeroen Ketema
b6cf536f01
QL: Fix formatting
2022-04-28 12:05:47 +02:00
Paolo Tranquilli
773ef62406
Swift: added trapgen
...
This checks in the trapgen script generating trap entries in C++.
The codegen suite has been slightly reorganized, moving the templates
directory up one level and chopping everything into smaller bazel
packages. Running tests is now done via
```
bazel run //swift/codegen/test
```
With respect to the PoC, the nested `codeql::trap` namespace has been
dropped in favour of a `Trap` prefix (or suffix in case of entries)
within the `codeql` namespace. Also, generated C++ code is not checked
in in git any more, and generated during build. Finally, labels get
printed in hex in the trap file.
`TrapLabel` is for the moment only default-constructible, so only one
single label is possible. `TrapArena`, that is responsible for creating
disjoint labels will come in a later commit.
2022-04-28 12:01:59 +02:00
Tony Torralba
604a5fc71f
Merge pull request #8639 from atorralba/atorralba/spring-beans-improvements
...
Java: Improve Spring models
2022-04-28 11:59:51 +02:00
Michael Nebel
150d9ba52c
Update .github/workflows/csv-coverage-metrics.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-04-28 11:57:53 +02:00
Henry Mercer
52a417b02d
Merge pull request #8921 from github/dependabot/github_actions/actions/setup-python-3
...
Bump actions/setup-python from 2 to 3
2022-04-28 10:57:02 +01:00
Jeroen Ketema
62831e93fe
QL: Add filter for NewType to camel case query
2022-04-28 11:54:42 +02:00
Henry Mercer
03c311181a
Merge pull request #8922 from github/dependabot/github_actions/actions/download-artifact-3
...
Bump actions/download-artifact from 2 to 3
2022-04-28 10:45:49 +01:00
Jeroen Ketema
3db9d56259
QL: Improve message for camel cazse query
2022-04-28 11:41:17 +02:00
Jeroen Ketema
52fc2dac47
QL: Add camel case tests
2022-04-28 11:38:14 +02:00
Mathias Vorreiter Pedersen
2517371a37
Merge pull request #8933 from MathiasVP/revert-globals
...
C++: Revert #8515
2022-04-28 10:38:08 +01:00
Tom Hvitved
29f1c533a9
Ruby: Add type tracker tests for flow through keyword/positional parameters
2022-04-28 11:34:12 +02:00
Michael Nebel
c606121ae7
C#: Move autogenerated comment to file level instead of having it on each class.
2022-04-28 11:27:49 +02:00
Michael Nebel
57fc4d987f
C#: Fix indentation.
2022-04-28 11:19:54 +02:00
Michael Nebel
583b9b61de
C#: Add job for running the framework coverage query for C#.
2022-04-28 11:19:49 +02:00
Michael Nebel
98b2bc06ce
C#: Port the java FrameworkCoverage query.
2022-04-28 11:18:12 +02:00
Tom Hvitved
db856798b9
Merge pull request #8920 from github/dependabot/github_actions/actions/setup-dotnet-2
...
Bump actions/setup-dotnet from 1 to 2
2022-04-28 10:47:28 +02:00
Stephan Brandauer
f4104e2b72
Merge pull request #8886 from kaeluka/add-rest-parameter-flowstep
...
JS: Add flow step to `...rest` parameters
2022-04-28 08:39:50 +01:00
Tony Torralba
1f1581cc97
Merge pull request #8913 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-04-28 09:34:52 +02:00
Jonas Jensen
0c65e67d18
QL language reference: variables must be lowerId
...
To prepare for a future QL language change where variable names must
start with a lower-case letter, this commit updates the QL language
reference (including the language specification) to change the variable
name grammar from `simpleId` to `lowerId`.
2022-04-28 09:13:36 +02:00
dependabot[bot]
8c4e92d065
Bump actions/download-artifact from 2 to 3
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-28 03:32:59 +00:00
dependabot[bot]
c8fd94a830
Bump actions/setup-python from 2 to 3
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-28 03:32:57 +00:00
dependabot[bot]
6526ee797d
Bump actions/setup-dotnet from 1 to 2
...
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet ) from 1 to 2.
- [Release notes](https://github.com/actions/setup-dotnet/releases )
- [Commits](https://github.com/actions/setup-dotnet/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: actions/setup-dotnet
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-28 03:32:55 +00:00
github-actions[bot]
018558b823
Add changed framework coverage reports
2022-04-28 00:18:25 +00:00
Harry Maclean
ba1d43dd42
Merge pull request #8658 from hmac/hmac/insecure-download
...
Ruby: Add InsecureDownload query
2022-04-28 11:07:35 +12:00
Harry Maclean
f4453f4da2
Merge pull request #8573 from hmac/hmac/missing-regexp-anchor
...
Ruby: Add MissingRegExpAnchor query
2022-04-28 11:06:33 +12:00
luchua-bc
590b9d8519
Standardize the query and update qldoc
2022-04-27 22:17:17 +00:00
Chris Smowton
bb049bffbd
Merge pull request #8765 from artem-smotrakov/cover-jms
...
Java: Add flow sources and steps for RabbitMQ and JMS
2022-04-27 21:27:05 +01:00
Taus
b4a31e572f
Python: Add global attribute writes
2022-04-27 16:45:00 +00:00
Taus
f71cf2e1fc
Python: Add test
2022-04-27 15:48:11 +00:00
Paolo Tranquilli
f95b5853c1
Merge pull request #8788 from AlexDenisov/alexdenisov/swift-first-extractor-test
...
Swift: file extraction
2022-04-27 17:47:17 +02:00
Mathias Vorreiter Pedersen
dc96d55943
Merge pull request #8888 from geoffw0/xxe2
...
C++: Add support for createLSParser to the CWE-611 XXE query.
2022-04-27 16:24:27 +01:00
Anna Railton
00b74d8b1c
Merge pull request #8895 from github/annarailton-patch-1
...
ATM: Update `TaintedPathInjection` -> `TaintedPath`
2022-04-27 16:15:46 +01:00
Mathias Vorreiter Pedersen
abbb7f861f
Merge pull request #8904 from MathiasVP/sync-swift-schema
...
Swift: Sync schema after extractor changes
2022-04-27 16:14:46 +01:00
Alex Denisov
272aa594cc
Swift: compiler options moved to .bazelrc
2022-04-27 17:11:16 +02:00
Mathias Vorreiter Pedersen
75c1e56bbd
Revert "Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars"
...
This reverts commit 800e4ea7df , reversing
changes made to 7ce040f331 .
2022-04-27 16:04:28 +01:00
Henry Mercer
897bc2374a
Merge pull request #8906 from github/henrymercer/workflow-codeowners
...
Add CODEOWNERS for Actions workflows
2022-04-27 15:47:11 +01:00
Tony Torralba
e99cee4913
Merge branch 'main' into java/unsafe-get-resource
2022-04-27 16:45:42 +02:00
Geoffrey White
d04078f989
C++: Fix.
2022-04-27 15:45:23 +01:00
Henry Mercer
c39eaf64ca
Merge pull request #8901 from github/dependabot/github_actions/actions/checkout-3
...
Bump actions/checkout from 2 to 3
2022-04-27 15:40:07 +01:00
Henry Mercer
6777090f36
Add CODEOWNERS for Actions workflows
2022-04-27 15:26:15 +01:00
Stephan Brandauer
ee280cda32
Improve docs after PR comment
...
Co-authored-by: Asger F <asgerf@github.com >
2022-04-27 16:24:20 +02:00
dependabot[bot]
c63a0e7010
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-27 14:13:33 +00:00
Henry Mercer
3e80c78612
Merge pull request #8903 from github/dependabot/github_actions/actions/stale-5
...
Bump actions/stale from 3 to 5
2022-04-27 15:13:03 +01:00
Henry Mercer
b6a787d4a0
Merge pull request #8902 from github/dependabot/github_actions/actions/cache-3
...
Bump actions/cache from 2 to 3
2022-04-27 15:12:58 +01:00
Henry Mercer
f876ef91a3
Merge pull request #8900 from github/dependabot/github_actions/actions/labeler-4
...
Bump actions/labeler from 2 to 4
2022-04-27 15:12:52 +01:00
Henry Mercer
52475cd917
Merge pull request #8899 from github/dependabot/github_actions/actions/upload-artifact-3
...
Bump actions/upload-artifact from 2 to 3
2022-04-27 15:12:39 +01:00
Paolo Tranquilli
cde5ba7987
Merge pull request #8889 from redsun82/swift-codegen-unit-tests
...
Swift: add unit tests to code generation
2022-04-27 16:07:54 +02:00
Stephan Brandauer
4964f2df9a
add flow step to rest parameters
2022-04-27 16:03:19 +02:00
Chris Smowton
db90bf9900
Move change note
2022-04-27 15:00:26 +01:00
Michael Nebel
52b59d0eed
C#: Add auto generated comment to generated models as data files.
2022-04-27 15:40:23 +02:00
Mathias Vorreiter Pedersen
141e8fcd5b
Swift: Sync schema.
2022-04-27 14:39:13 +01:00
Tony Torralba
51bb33ae65
Merge pull request #8876 from atorralba/atorralba/externalflow-import-private
...
Java: Make all imports of ExternalFlow private
2022-04-27 15:24:55 +02:00
dependabot[bot]
c71c6f6dbe
Bump actions/stale from 3 to 5
...
Bumps [actions/stale](https://github.com/actions/stale ) from 3 to 5.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v3...v5 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-27 13:17:41 +00:00
dependabot[bot]
2c1ee564aa
Bump actions/cache from 2 to 3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-27 13:17:37 +00:00
dependabot[bot]
70ba8e3a5c
Bump actions/labeler from 2 to 4
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 2 to 4.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](https://github.com/actions/labeler/compare/v2...v4 )
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-27 13:17:30 +00:00
dependabot[bot]
e1e68e96dc
Bump actions/upload-artifact from 2 to 3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-04-27 13:17:28 +00:00
Henry Mercer
295c0fcbb5
Merge pull request #8896 from github/henrymercer/dependabot-actions-updates
...
Enable Dependabot updates for Actions
2022-04-27 14:16:46 +01:00
Geoffrey White
4aa41dfa52
Update cpp/ql/src/Security/CWE/CWE-611/XXE.ql
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-04-27 13:06:02 +01:00
yoff
39753d5a0b
Merge pull request #8693 from erik-krogh/pyApi
...
PY: more API-graphs refactorings
2022-04-27 13:19:50 +02:00
Taus
d3a05b8b7e
Python: Fix bad join in MethodCallsiteRefinement
...
Observed on `FreeCAD/FreeCAD`:
```
Tuple counts for Essa::MethodCallsiteRefinement#24e22a14#f/1@274967ic after 34.5s:
638284 ~0% {2} r1 = SCAN Essa::TEssaNodeRefinement#24e22a14#ffff OUTPUT In.0, In.3 'this'
636521 ~0% {2} r2 = r1 AND NOT Essa::SingleSuccessorGuard#class#24e22a14#f(Lhs.1 'this')
1579493668 ~0% {2} r3 = JOIN r2 WITH SsaDefinitions::SsaSource::method_call_refinement#9197156e#fff ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.2
266673 ~3% {1} r4 = JOIN r3 WITH Essa::EssaNodeRefinement::getDefiningNode#dispred#f0820431#ff ON FIRST 2 OUTPUT Lhs.0 'this'
return r4
```
After a bit of unbinding, we have:
```
Tuple counts for Essa::MethodCallsiteRefinement#24e22a14#f/1@d73d8e27 after 66ms:
215168 ~1% {2} r1 = SCAN Definitions::SsaSourceVariable#class#486534ab#f OUTPUT In.0, In.0
283965 ~2% {2} r2 = JOIN r1 WITH SsaDefinitions::SsaSource::method_call_refinement#9197156e#fff ON FIRST 1 OUTPUT Rhs.2, Lhs.1
401274 ~0% {2} r3 = JOIN r2 WITH Essa::EssaNodeRefinement::getDefiningNode#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1 'this'
266671 ~2% {1} r4 = JOIN r3 WITH Essa::TEssaNodeRefinement#24e22a14#ffff_03#join_rhs ON FIRST 2 OUTPUT Lhs.1 'this'
266671 ~2% {1} r5 = r4 AND NOT Essa::SingleSuccessorGuard#class#24e22a14#f(Lhs.0 'this')
return r5
```
(I'm somewhat confused about the slight difference in tuples, but it's
probably just because the compiler moved some stuff around.)
2022-04-27 11:13:37 +00:00
Geoffrey White
6ada1bd05b
C++: Match createLSParser more precisely.
2022-04-27 11:51:17 +01:00
Erik Krogh Kristensen
e1c7d369be
Merge pull request #8796 from erik-krogh/redundantImport
...
Remove redundant imports
2022-04-27 12:39:51 +02:00
Henry Mercer
60ebf4d9b7
Enable Dependabot updates for Actions
...
This will automatically create update PRs for workflow files referencing Actions that have since had a major update.
2022-04-27 11:37:22 +01:00
yoff
9d774463f5
Merge pull request #8859 from tausbn/python-fix-bad-essa-joins
...
Python: Fix a bunch of bad joins
2022-04-27 12:27:50 +02:00
Anna Railton
1f1ef22f90
Update TaintedPathInjection -> TaintedPath
...
Lines up with usual naming in https://github.com/github/ml-ql-adaptive-threat-modeling-backend
2022-04-27 11:27:43 +01:00
Geoffrey White
a21af8e262
C++: Address QLDoc alerts.
2022-04-27 11:05:11 +01:00
Tom Hvitved
790d97714f
Ruby: Replace Element with Element[any]
...
To make it look more like `Argument` tokens.
2022-04-27 11:53:25 +02:00
Tom Hvitved
d1c9d68e14
Ruby: Generalize ArrayElementContent to ElementContent
2022-04-27 11:53:21 +02:00
Tom Hvitved
597424809f
Merge pull request #8893 from hvitved/ruby/simplify-fetch-summary
...
Ruby: Simplify flow summary for `fetch`
2022-04-27 11:47:11 +02:00
Paolo Tranquilli
0100c7171d
Swift: testing non-trivial dataclass properties
2022-04-27 10:17:49 +02:00
Paolo Tranquilli
7f0476049f
Swift: removed spurious mock import
2022-04-27 09:11:14 +02:00
Paolo Tranquilli
68231bfc27
Swift: bump python version to 3.8 in workflow
2022-04-27 08:55:27 +02:00
Tom Hvitved
3b7fe06858
Ruby: Simplify flow summary for fetch
2022-04-27 08:26:24 +02:00
Paolo Tranquilli
f171ce6341
Swift: add unit tests to code generation
...
Tests can be run with
```
bazel test //swift/codegen:tests
```
Coverage can be checked installing `pytest-cov` and running
```
pytest --cov=swift/codegen swift/codegen/test
```
2022-04-27 08:24:11 +02:00
Harry Maclean
992cc517a8
Ruby: Minor changes to InsecureDownload
2022-04-27 18:04:21 +12:00
Harry Maclean
f35379bf8c
Ruby: Add change note for rb/insecure-download
2022-04-27 12:47:09 +12:00
Harry Maclean
a85811ad69
Remove unused field
2022-04-27 12:47:09 +12:00
Harry Maclean
6998608257
Ruby: Document missing test result
2022-04-27 12:47:09 +12:00
Harry Maclean
bb3fb0325b
Ruby: Add InsecureDownload query
...
This query finds cases where a potentially unsafe file is downloaded
over an unsecured connection.
2022-04-27 12:47:09 +12:00
Harry Maclean
ce7675ef43
Ruby: Identify domain in Net::HTTP requests
2022-04-27 12:47:09 +12:00
Harry Maclean
bbc3043836
Add change note for rb/regex/missing-regexp-anchor
2022-04-27 10:12:33 +12:00
Harry Maclean
af2965c2a0
Explain anchors in MissingRegExpAnchor qlhelp
2022-04-27 10:12:33 +12:00
Harry Maclean
6f9dc5eb7e
Ruby: Update import for file move
2022-04-27 10:12:33 +12:00
Harry Maclean
2feb4a48be
Ruby: Add hasMisleadingAnchorPrecedence to MissingRegExpAnchor
2022-04-27 10:12:33 +12:00
Harry Maclean
3f8b27c0cd
Ruby: Add RegExpNonWordBoundary to RegExpTreeView
2022-04-27 10:12:33 +12:00
Harry Maclean
e3c3c00c68
Ruby: Add MissingRegExpAnchor query
2022-04-27 10:12:33 +12:00
Harry Maclean
debc57b417
Ruby: Add RegExpAnchor to RegExpTreeView
2022-04-27 10:12:33 +12:00
Harry Maclean
d95f533d19
Ruby: Add getLastChild to RegExpParent
2022-04-27 10:12:33 +12:00
Nick Rolfe
2d05ea3519
Merge pull request #8885 from SukkaW/replace-git-io-link
2022-04-26 20:29:32 +01:00
Mathias Vorreiter Pedersen
800e4ea7df
Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars
...
C++: generate IR for global variables with initializers
2022-04-26 18:17:13 +01:00
Geoffrey White
7ce040f331
Merge pull request #8736 from geoffw0/xxe
...
C++: New query for CWE-611 / XML External Entity Expansion (XXE)
2022-04-26 17:21:06 +01:00
Nick Rolfe
649d7dd022
Merge pull request #8607 from github/nickrolfe/incomplete_sanitization
...
Ruby: port of `js/incomplete-sanitization`
2022-04-26 17:10:24 +01:00
Geoffrey White
742949154b
C++: Apply code style suggestion.
2022-04-26 16:53:24 +01:00
Taus
7d736952db
Python: Update expected output
2022-04-26 15:49:40 +00:00
Anna Railton
eacfceb6ce
Merge pull request #8605 from github/annarailton/new-query-label-mappings
...
Experimental (ATM): update query label mappings
2022-04-26 16:39:06 +01:00
SukkaW
0c4885caa7
Replace git.io link with the actual URL
2022-04-26 23:28:34 +08:00
Jonathan Leitschuh
2565cdb964
Add additional File taint value flow models
...
Adds
- File::getAbsoluteFile
- File::getCanonicalFile
- File::getAbsolutePath
- File::getCanonicalPath
2022-04-26 10:42:53 -04:00
Nick Rolfe
2a4d65f917
Merge pull request #8881 from github/nickrolfe/graph_ordering_typo
2022-04-26 14:30:49 +01:00
Nick Rolfe
a7185e8a75
Ruby: fix typo in edge key for graph query
2022-04-26 13:56:38 +01:00
Erik Krogh Kristensen
7dba2b5868
PY: revert deletion of redundant-import in ClientSuppliedIpUsedInSecurityCheckLib.qll
2022-04-26 14:51:21 +02:00
Chris Smowton
d01c847839
Make import private
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-04-26 13:34:24 +01:00
Chris Smowton
c0c50147b3
Replace singleton set
2022-04-26 13:34:24 +01:00
Artem Smotrakov
03d86306b2
Use doc-comment in JMS.qll
2022-04-26 13:34:24 +01:00
Artem Smotrakov
12ca1f0b11
Fixed library-tests/frameworks/guava/handwritten/flow.ql
2022-04-26 13:34:24 +01:00
Artem Smotrakov
52b7fbf484
Removed non-ASCII characters
2022-04-26 13:34:24 +01:00
Artem Smotrakov
e86fd72529
Moved RabbitMQ tests to java/ql/test/library-tests/frameworks/rabbitmq
2022-04-26 13:34:23 +01:00
Artem Smotrakov
3369ffc3c2
Removed RabbitMQ import in FlowSteps.qll
2022-04-26 13:34:23 +01:00
Artem Smotrakov
d7ad13b8de
Fixed typos in JMS.qll
2022-04-26 13:34:23 +01:00
Artem Smotrakov
20f185e772
Use tainted tag in JMS tests
2022-04-26 13:34:23 +01:00
Artem Smotrakov
7158fd1ce8
minorAnalysis in 2022-04-17-jms.md
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-04-26 13:34:23 +01:00
Artem Smotrakov
152de1533e
Added a change note for JMS
2022-04-26 13:34:23 +01:00
Artem Smotrakov
b6bd4f92d1
Added sources and steps for JMS API
2022-04-26 13:34:21 +01:00
Artem Smotrakov
5c6aa15fe5
Fixed model for DataInput
...
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com >
2022-04-26 13:34:05 +01:00
Artem Smotrakov
269143a19f
Java: Added sources and flow steps for RabbitMQ
2022-04-26 13:34:04 +01:00
Artem Smotrakov
fb39e0f577
Java: Added flow steps for DataInput and ObjectInput
2022-04-26 13:32:48 +01:00
Erik Krogh Kristensen
d389012b75
Merge branch 'main' into redundantImport
2022-04-26 14:24:51 +02:00
Nick Rolfe
3737248deb
Merge pull request #8879 from github/nickrolfe/graph_ordering
...
Ruby: fix graph query tests by defining total ordering
2022-04-26 13:22:53 +01:00
yoff
76f2eca1ee
Merge pull request #8560 from erik-krogh/movePolyTest
...
PY: move the polynomialbacktracking-test to the test folder
2022-04-26 14:21:30 +02:00
Tony Torralba
75b7234a77
Add missing QLDoc
2022-04-26 14:07:07 +02:00
Nick Rolfe
a2f66e8631
Ruby: specify total ordering for test graph queries
2022-04-26 12:58:44 +01:00
Tony Torralba
b69d81ce24
Make all imports of ExternalFlow private
2022-04-26 13:48:44 +02:00
Anders Schack-Mulligen
ff1c6ca4d6
Java: Fix join-order.
2022-04-26 13:43:41 +02:00
Alex Denisov
5db18bb845
Swift: add a comment clarifying swift::FrontendObserver
2022-04-26 13:35:10 +02:00
Tony Torralba
2ee83e2ba2
Add Editable.toString flow step
2022-04-26 13:34:16 +02:00
Alex Denisov
e2332fc5ec
Swift: Replace SwiftExtractor class with a function
2022-04-26 13:32:14 +02:00
Anders Schack-Mulligen
e5eef51e9d
Merge pull request #8875 from aschackmull/java/useless-imports
...
Java: Remove some useless imports.
2022-04-26 13:32:09 +02:00
Anders Schack-Mulligen
8cd506e513
Merge pull request #8874 from smowton/smowton/fix/insecure-cookies-look-through-named-constants
...
Java insecure cookies query: look through named constants
2022-04-26 12:52:12 +02:00
Erik Krogh Kristensen
881e5e16b5
Java: revert deletion of redundant imports
2022-04-26 12:47:39 +02:00
Anders Schack-Mulligen
7002f49abc
Java: Remove some useless imports.
2022-04-26 12:37:03 +02:00
Chris Smowton
2a8f179d6f
Merge pull request #8865 from smowton/smowton/admin/claim-java-18-support
...
Claim Java 18 support
2022-04-26 11:25:26 +01:00
Chris Smowton
8d7098245b
Add change note
2022-04-26 10:38:20 +01:00
Alex Denisov
ebd2ff4fc0
Swift: rename classes to reflect they belong to Swift
2022-04-26 11:33:35 +02:00
Chris Smowton
7d4767a4f5
Java insecure cookies query: look through named constants
2022-04-26 10:32:13 +01:00
Alex Denisov
81e4f9165e
Swift: remove -frontend option as we don't need it yet
2022-04-26 11:27:41 +02:00
Mathias Vorreiter Pedersen
3719875861
Merge pull request #8871 from erik-krogh/qlDeleteSyncScript
...
QL: delete old copy of the identical files scripts
2022-04-26 10:08:34 +01:00
Erik Krogh Kristensen
ba3aa4f186
QL: delete old copy of the identical files scripts
2022-04-26 10:37:14 +02:00
Erik Krogh Kristensen
6738270b65
Merge pull request #8229 from erik-krogh/parenSan
...
JS: step through parentheses in barrier functions
2022-04-26 10:30:21 +02:00
Alex Denisov
5fc4fab38e
Swift: add missing 'overrides'
2022-04-26 10:07:41 +02:00
Anders Schack-Mulligen
59aedc2872
Merge pull request #8853 from aschackmull/dataflow/fix-join
...
Dataflow: Fix join-on-config producing a CP.
2022-04-26 09:52:50 +02:00
Jeroen Ketema
e7580b68d8
Merge pull request #8852 from jketema/frontend-update
...
Fix test regressions due to C++ frontend update
2022-04-26 09:52:34 +02:00
Mathias Vorreiter Pedersen
8d2bd66d85
Merge pull request #8861 from MathiasVP/update-schema
...
Swift: Update `schema.yml` and regenerate files
2022-04-26 08:45:54 +01:00
Anders Schack-Mulligen
d5fcb4342e
Merge pull request #8868 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-04-26 08:55:38 +02:00
github-actions[bot]
51b2eb78a9
Add changed framework coverage reports
2022-04-26 00:15:54 +00:00
Mathias Vorreiter Pedersen
b8165d47b7
Merge pull request #724 from github/post-release-prep/codeql-cli-2.9.0
...
Post-release preparation for codeql-cli-2.9.0
2022-04-25 22:53:17 +01:00
Mathias Vorreiter Pedersen
aca4c8727f
Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0
...
Post-release preparation for codeql-cli-2.9.0
2022-04-25 22:52:55 +01:00
Chris Smowton
9cebbaa370
Claim Java 18 support
2022-04-25 21:21:03 +01:00
Jeroen Ketema
73e4f0c044
C++: Set clang_version to the default from previous frontend version
...
This ensures that `__atomic_fetch_min` parses and that the number of
builtins does not changed compared to the previous version of the
frontend.
2022-04-25 21:15:28 +02:00
Jeroen Ketema
ccd545336c
C++: Fix tests where float128 error message has changed
2022-04-25 21:14:20 +02:00
Jeroen Ketema
8e7066600a
C++: Fix test failures where location of reference dereference in lambda changed
2022-04-25 21:14:17 +02:00
Jeroen Ketema
6c1e21cd91
C++: Fix test where variable access position is more accurate in frontend
2022-04-25 21:14:06 +02:00
Jeroen Ketema
5b0603a5b9
C++: Artificial block insertion for loops and switches has changed in frontend
...
There are now more artificial blocks containing more than one instruction
(artificial blocks containing a single instruction have the extractor only
emit that instruction and not the block). The second instruction in each case
is the label for breaking out of a loop or switch.
2022-04-25 21:13:52 +02:00
Jeroen Ketema
d43ae9b7ed
C++: More artificially inserted blocks carry location information in frontend
2022-04-25 21:13:29 +02:00
Jeroen Ketema
a546e6e01c
C++: Update test to run with C++14
...
The test uses an `auto` return type without a trailing return type, which is
a C++14 feature.
2022-04-25 21:13:24 +02:00
Jeroen Ketema
b9e7045a2f
C++: Update vector type test to reflect it uses old-clang features
...
These features are no longer available and the frontend does stricter checking
on this.
2022-04-25 21:13:04 +02:00
Robert Marsh
d0fc348ad9
C++: autoformat
2022-04-25 14:17:49 -04:00
Mathias Vorreiter Pedersen
2c33a7cdd8
Merge pull request #8862 from github/add-swift-to-labeler
...
Include Swift in `labeler.yml`
2022-04-25 17:10:38 +01:00
Jean Helie
47fdb79cf8
Merge pull request #8751 from github/jhelie/add-gitkeep-to-model-resources
...
ML: add .gitkeep to resources dir in which ML models are to be found
2022-04-25 18:08:24 +02:00
Mathias Vorreiter Pedersen
00b1e4b3dd
Include Swift in labeler.yml
2022-04-25 16:57:47 +01:00
Mathias Vorreiter Pedersen
8869038b4f
Swift: Update schema.yml and regenerate files.
2022-04-25 16:15:37 +01:00
Alex Denisov
906ce34e2f
Swift: generate QL files properly
2022-04-25 17:09:29 +02:00
Mathias Vorreiter Pedersen
8e1d079db7
Merge pull request #8858 from github/erik-krogh/enable-ql-for-ql-swift
...
QL: add swift to QL-for-QL
2022-04-25 16:00:56 +01:00
Alex Denisov
355504a86a
Swift: use File from QL library
2022-04-25 16:58:30 +02:00
James Fletcher
5a7043f528
Update analyzing-databases-with-the-codeql-cli.rst
2022-04-25 15:57:18 +01:00
Alex Denisov
6f0ddaa431
Merge branch 'main' into alexdenisov/swift-first-extractor-test
2022-04-25 16:53:22 +02:00
Taus
d4fc096ea8
Python: Use local flow in Pythagorean.ql
...
The hand-rolled notion of flow was causing some severe performance
issues (on a few databases):
```
Tuple counts for Pythagorean::square#168e234a#f#loop_invariant_prefix/2@c86989kr after 6m35s:
175000 ~5% {2} r1 = JOIN SSA::SsaVariable::getDefinition#dispred#f0820431#ff_10#join_rhs WITH Flow::ControlFlowNode::getNode#dispred#f0820431#bf ON FIRST 1 OUTPUT Lhs.1, Rhs.1 'arg0'
174500 ~6% {2} r2 = JOIN r1 WITH SSA::SsaVariable::getVariable#dispred#f0820431#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'arg0'
1467782500 ~5% {3} r3 = JOIN r2 WITH AstGenerated::Name_::getVariable#dispred#f0820431#ff_10#join_rhs ON FIRST 1 OUTPUT 3, Rhs.1 'arg1', Lhs.1 'arg0'
1467553000 ~0% {2} r4 = JOIN r3 WITH py_expr_contexts_12#join_rhs ON FIRST 2 OUTPUT Lhs.2 'arg0', Lhs.1 'arg1'
return r4
```
Rewriting it to use the data flow library made all of this go away. 🎉
2022-04-25 14:35:37 +00:00
Taus
b2cc91369a
Python: Fix bad join in firstUse
...
This was what it looked like (at the point when I killed the evaluation):
```
Tuple counts for SsaCompute::SsaComputeImpl::AdjacentUsesImpl::firstUse#c5fa2be7#ff/2@i1#be98bwif after 1m50s:
274000 ~7% {4} r1 = SCAN SsaCompute::SsaComputeImpl::AdjacentUsesImpl::definesAt#c5fa2be7#ffff OUTPUT In.1, In.0 'def', In.2, In.3
2731768000 ~1% {7} r2 = JOIN r1 WITH SsaCompute::SsaComputeImpl::AdjacentUsesImpl::variableSourceUse#c5fa2be7#ffff ON FIRST 1 OUTPUT Rhs.0, Lhs.2, Lhs.3, Rhs.2, Rhs.3, Rhs.1 'use', Lhs.1 'def'
178000 ~4% {2} r3 = JOIN r2 WITH SsaCompute::SsaComputeImpl::AdjacentUsesImpl::adjacentVarRefs#c5fa2be7#fffff ON FIRST 5 OUTPUT Lhs.6 'def', Lhs.5 'use'
return r3
```
And this is what it looks like now:
```
Tuple counts for SsaCompute::SsaComputeImpl::AdjacentUsesImpl::firstUse#c5fa2be7#ff/2@i1#f9d6ewsi after 207ms:
931353 ~2% {4} r1 = SCAN SsaCompute::SsaComputeImpl::AdjacentUsesImpl::variableSourceUse#c5fa2be7#ffff OUTPUT In.0, In.2, In.3, In.1 'use'
1050477 ~0% {4} r2 = JOIN r1 WITH SsaCompute::SsaComputeImpl::AdjacentUsesImpl::adjacentVarRefs#c5fa2be7#fffff_03412#join_rhs ON FIRST 3 OUTPUT Lhs.0, Rhs.3, Rhs.4, Lhs.3 'use'
506626 ~0% {2} r3 = JOIN r2 WITH SsaCompute::SsaComputeImpl::AdjacentUsesImpl::definesAt#c5fa2be7#ffff_1230#join_rhs ON FIRST 3 OUTPUT Rhs.3 'def', Lhs.3 'use'
return r3
```
2022-04-25 14:33:31 +00:00
Erik Krogh Kristensen
f5e1aa7c98
QL: add swift to QL-for-QL
2022-04-25 16:29:44 +02:00
Taus
49233268a9
Python: Fix bad join in getValue
...
We were building essentially a CP of all control flow nodes:
```
Tuple counts for Essa::AssignmentDefinition::getValue#dispred#f0820431#ff/2@dd1f67vl after 2m45s:
733365 ~6% {3} r1 = JOIN Essa::TEssaNodeDefinition#24e22a14#ffff_30#join_rhs WITH Essa::EssaNodeDefinition::getDefiningNode#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.0
376588 ~0% {2} r2 = JOIN r1 WITH SsaDefinitions::SsaSource::assignment_definition#9197156e#fff ON FIRST 2 OUTPUT Lhs.2 'this', Rhs.2 'result'
376588 ~0% {3} r3 = JOIN r2 WITH Essa::TEssaNodeDefinition#24e22a14#ffff_30#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.0 'this', Lhs.1 'result'
6965593033 ~2% {3} r4 = JOIN r3 WITH project#SsaDefinitions::SsaSource::assignment_definition#9197156e ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1, Lhs.2 'result'
376588 ~0% {2} r5 = JOIN r4 WITH Essa::EssaNodeDefinition::getDefiningNode#dispred#f0820431#ff ON FIRST 2 OUTPUT Lhs.0 'this', Lhs.2 'result'
return r5
```
We first tried preventing the join on `result`, but this caused the
characteristic predicate to blow up instead. Finally, we figured just
putting the `value` part in a field would be sufficient, and this did
the trick.
2022-04-25 14:28:00 +00:00
Tony Torralba
85d5b122f7
Merge pull request #8817 from atorralba/atorralba/cleartext-storage-sharedprefs-improvs
...
Java: Add value-preserving flow steps for Android's SharedPreferences
2022-04-25 16:16:46 +02:00
Erik Krogh Kristensen
0a26e891a2
include startsWith/endsWith checks in js/missing-origin-check
2022-04-25 15:28:50 +02:00
Erik Krogh Kristensen
17005dde2d
QL: fix query-id, and add description
2022-04-25 15:21:35 +02:00
Mathias Vorreiter Pedersen
3199a690aa
Merge pull request #8854 from redsun82/swift-ql-gen
...
Swift: QL generation script
2022-04-25 14:05:25 +01:00
Paolo Tranquilli
643471f400
add temporary exception for Swift for QLdoc
2022-04-25 14:24:22 +02:00
Erik Krogh Kristensen
fe3d71ebc2
fix qhelp: the window, not the origin, is sending the message
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-04-25 14:07:01 +02:00
Paolo Tranquilli
cdb10a2151
Swift: fix codegen check
2022-04-25 14:03:48 +02:00
Paolo Tranquilli
9bf4c72085
Swift: split codegen action and fix dependencies
2022-04-25 14:00:41 +02:00
Anders Schack-Mulligen
60eb341b49
Merge pull request #8851 from aschackmull/shared/accesspathsyntax-cleanup
...
Minor clean-up in AccessPathSyntax.qll
2022-04-25 13:47:22 +02:00
Mathias Vorreiter Pedersen
faaa2cedcd
Merge pull request #8849 from JohnMcSandwich/main
...
C++: add new Windows pool allocation functions in `Allocation.qll`
2022-04-25 12:46:31 +01:00
Paolo Tranquilli
de0fa9e456
Swift: QL generation script
...
Also added code generation to the swift checks.
2022-04-25 13:23:36 +02:00
Anders Schack-Mulligen
c06efa1f42
Dataflow: Sync.
2022-04-25 13:11:04 +02:00
Anders Schack-Mulligen
f4d93f089a
Dataflow: Fix join-on-config producing a CP.
2022-04-25 13:10:31 +02:00
Tony Torralba
f1e5e57d76
Update java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll
2022-04-25 12:39:01 +02:00
Anders Schack-Mulligen
40a16325a9
Minor clean-up in AccessPathSyntax.
2022-04-25 12:27:48 +02:00
Alex Denisov
5b20d580be
Swift: use parenthesis instead of curly braces
2022-04-25 12:26:34 +02:00
Anders Schack-Mulligen
cbdd4927ce
Merge pull request #8582 from Marcono1234/marcono1234/JumpStmt-superclass
...
Java: Make `JumpStmt` a proper superclass
2022-04-25 12:22:20 +02:00
Anders Schack-Mulligen
fd2904d49c
Merge pull request #8760 from Marcono1234/patch-1
...
Clarify `min`, `max` and `rank` documentation
2022-04-25 12:20:00 +02:00
Tom Hvitved
bffa8fa7cb
Merge pull request #8641 from hvitved/dataflow/interpret-read-store
...
Data flow: Introduce `ContentSet`
2022-04-25 12:17:34 +02:00
Mathias Vorreiter Pedersen
516ef8d27a
Update cpp/ql/lib/change-notes/2022-04-25-windows-pool-allocation-functions.md
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-04-25 10:54:12 +01:00
Mathias Vorreiter Pedersen
12c8d9c60e
C++: Add change note.
2022-04-25 10:51:49 +01:00
Alex Denisov
8bcdfb2e4f
Swift: initialize LLVM
...
No need to shutdown LLVM, it's done by the PROGRAM_START macro
2022-04-25 11:49:21 +02:00
Alex Denisov
462133e0f0
Swift: add more comments
2022-04-25 11:48:51 +02:00
Erik Krogh Kristensen
b5193d99d7
have getSourceType() depend on which kind of event it is
2022-04-25 11:32:52 +02:00
Anders Schack-Mulligen
b21f077e8e
Update java/ql/lib/semmle/code/java/Statement.qll
2022-04-25 11:02:23 +02:00
Jeroen Ketema
ba2a884a45
Merge pull request #8818 from jketema/links
...
Replace `help.semmle.com` links by `codeql.github.com` links
2022-04-25 10:25:42 +02:00
JohnMcSandwich
b3dff77d1a
C++: add new Windows pool allocation functions in Allocation.qll
...
Add:
- ExAllocatePool2
- ExAllocatePool3
- ExAllocatePoolZero
2022-04-25 10:21:42 +02:00
Mathias Vorreiter Pedersen
e8b6bfbe0e
Merge pull request #8813 from jketema/buffer
...
C++: Cover variable sized member arrays without a size in `Buffer.qll`
2022-04-25 09:20:31 +01:00
Tom Hvitved
2466288656
Data flow: Simplify revFlowStore
2022-04-25 10:11:54 +02:00
Tom Hvitved
cf0a1e748a
Add change notes
2022-04-25 09:17:40 +02:00
Jeroen Ketema
79164056d1
Replace help.semmle.com links by codeql.github.com links
2022-04-22 20:42:11 +02:00
Jeroen Ketema
a4711206c8
Merge pull request #8769 from felickz/patch-1
...
Docs - Supported Queries - Fixing broken link
2022-04-22 18:29:27 +02:00
Tony Torralba
d982aeaf6f
Add change note
2022-04-22 17:50:47 +02:00
Mathias Vorreiter Pedersen
1e61fdde8b
Merge pull request #8815 from jketema/unreachable-test-case
...
C++: Add non-returning function test case using `__builtin_expect`
2022-04-22 16:47:44 +01:00
Tony Torralba
f1c08bc492
Add value-preserving steps for SharedPreferences
2022-04-22 17:44:59 +02:00
Jeroen Ketema
97d4a12fb2
C++: Add non-returning function test case using __builtin_expect
2022-04-22 17:10:54 +02:00
Jeroen Ketema
dee0f09197
C++: Cover variable sized member arrays without a size in Buffer.qll
...
Currently the extractor incorrectly emits 0 for the array `data` below:
```
struct myStruct { // c
...
char data[]; // v
};
```
This will change in the future, and no size will be emitted anymore.
This commit makes sure `Buffer.qll` handles arrays without sizes.
2022-04-22 16:57:24 +02:00
Robert Marsh
ebdf553621
Merge pull request #8806 from dbartol/dbartol/typedefs/work
...
C++: Work around missing size for typedef
2022-04-22 10:09:24 -04:00
Rasmus Wriedt Larsen
3e8274ede8
Merge pull request #8812 from RasmusWL/stdlib-FileSystemAccess-improvement
...
Python: Minor Stdlib file system access improvement
2022-04-22 16:06:41 +02:00
Tom Hvitved
3edc72feb6
Update CaptureModels.qll
2022-04-22 15:49:17 +02:00
Erik Krogh Kristensen
45080e7777
PY: add missing qldoc
2022-04-22 15:30:31 +02:00
Erik Krogh Kristensen
acac8919b3
PY: update expected output for deprecation warning in test file
2022-04-22 15:28:31 +02:00
Tom Hvitved
bc6ee10583
Data flow: Sync files
2022-04-22 15:10:00 +02:00
Tom Hvitved
488a4ede94
Data flow: Inline getAStoreContent up-front
2022-04-22 15:09:59 +02:00
annarailton
9c25da20a4
Update queryNames
2022-04-22 13:42:29 +01:00
CodeQL CI
06e5962da7
Merge pull request #8791 from asgerf/js/static-accessors
...
Approved by erik-krogh
2022-04-22 13:39:32 +01:00
Tom Hvitved
b033f107df
Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store
2022-04-22 14:35:02 +02:00
Rasmus Wriedt Larsen
03c0366fd4
Merge branch 'main' into stdlib-FileSystemAccess-improvement
2022-04-22 14:31:31 +02:00
Erik Krogh Kristensen
789b0a46d1
Merge pull request #8578 from erik-krogh/labelNaming
...
JS: update `toString()` on API-graph labels.
2022-04-22 14:27:25 +02:00
Erik Krogh Kristensen
3b0066e93d
address review comments
2022-04-22 14:01:24 +02:00
Geoffrey White
d859a91a14
C++: Add support for createLSParser.
2022-04-22 12:24:01 +01:00
Erik Krogh Kristensen
8fcbaea273
Merge branch 'main' into labelNaming
2022-04-22 13:19:44 +02:00
Erik Krogh Kristensen
ff73dbc35c
delete redundant imports
2022-04-22 12:55:28 +02:00
Geoffrey White
79aba67036
Merge branch 'main' into xxe
2022-04-22 11:50:41 +01:00
Erik Krogh Kristensen
ae20393e38
QL: add redundant-import query
2022-04-22 12:47:13 +02:00
Erik Krogh Kristensen
a96489b23d
delete duplicate imports
2022-04-22 12:41:30 +02:00
Erik Krogh Kristensen
c015ef6ef4
Merge pull request #8810 from erik-krogh/rubyPathgraph
...
Ruby: dont import the PathGraph module from Query.qll files
2022-04-22 12:02:59 +02:00
Mathias Vorreiter Pedersen
489355cdab
Merge pull request #8793 from MathiasVP/exclude-internal-diagnostics
...
Exclude internal diagnostics from all selectors
2022-04-22 10:55:38 +01:00
Tom Hvitved
093a3879be
Merge pull request #8794 from hvitved/ruby/capture-barrier-guards
...
Ruby: Handle captured variables in `BarrierGuard::getAGuardedNode()`
2022-04-22 11:47:36 +02:00
Erik Krogh Kristensen
a737350f27
RB: dont import the PathGraph module from Query.qll files
2022-04-22 11:46:06 +02:00
Anders Schack-Mulligen
bf921177f4
Merge pull request #8811 from erik-krogh/syncLate
...
Java: get tainttracking3/TaintTrackingImpl.qll in sync
2022-04-22 11:21:01 +02:00
Asger F
0187e9a3b1
Merge pull request #8808 from vovikhangcdv/doublevkay/fixing-PrototypePollutngAssignment-examples
...
Javascript: Fix PrototypePollutingAssignment example which is incorrect use of express leads to no result when scanning.
2022-04-22 11:18:23 +02:00
Tom Hvitved
be5363ea53
Merge pull request #8801 from hvitved/ruby/exclude-splat-in-taint-tracking
...
Ruby: Exclude `SplatExpr` from taint tracking
2022-04-22 11:12:05 +02:00
Rasmus Wriedt Larsen
650d57083b
Python: Recognize path arguments to pathlib methods
2022-04-22 11:01:59 +02:00
Rasmus Wriedt Larsen
bcaba45202
Python: Expand pathlib tests
2022-04-22 11:01:59 +02:00
Rasmus Wriedt Larsen
059dea713d
Python: Fix os.path.samefile modeling
2022-04-22 11:01:59 +02:00
Erik Krogh Kristensen
dca74a1f45
get tainttracking3/TaintTrackingImpl.qll in sync
2022-04-22 10:37:31 +02:00
Chris Smowton
d309e15072
Merge pull request #8748 from smowton/smowton/admin/dependent-dataflow-configs
...
Java: Avoid higher-numbered dataflow configs that depend on lower-numbered ones
2022-04-22 08:56:00 +01:00
Alex Denisov
aa13891667
Swift: regenerate dbscheme
2022-04-22 09:42:22 +02:00
Mathias Vorreiter Pedersen
35471ff23c
Merge pull request #8809 from AlexDenisov/alexdenisov/rename-swift-db-columns
...
Swift: rename certain dbscheme columns
2022-04-22 08:17:37 +01:00
Mathias Vorreiter Pedersen
52dc016a7a
Merge pull request #8798 from jketema/using
...
C++: Fix tests after extractor changes that improve `using` position accuracy
2022-04-22 08:15:34 +01:00
Alex Denisov
2ce46a9b60
Swift: remove test table from dbscheme
2022-04-22 08:48:44 +02:00
Alex Denisov
c6c51e1ab9
Swift: build with Clang on Linux
2022-04-22 08:48:44 +02:00
Alex Denisov
62d36a29f7
Swift: Extract files
2022-04-22 08:48:38 +02:00
Alex Denisov
e85cdf2ec3
Swift: rename certain dbscheme columns
2022-04-22 08:31:09 +02:00
AlexDenisov
a5189eae9f
Merge pull request #8735 from redsun82/swift-dbscheme-gen
...
Swift: dbscheme generator
2022-04-22 08:26:59 +02:00
Khang. Võ Vĩ
f4581ae866
fix PrototypePollutingAssignment examples
2022-04-22 11:55:45 +07:00
Dave Bartolomeo
83fdff54c4
Work around missing size for typedef
...
See #8805 for the underlying issue. The symptom was bad IR generation on a large number of functions because we never generated an `IRVariable` for a parameter with the affected type.
2022-04-21 16:16:09 -04:00
github-actions[bot]
1aecfc67c2
Post-release preparation for codeql-cli-2.9.0
2022-04-21 19:22:19 +00:00
github-actions[bot]
59cc2898c9
Post-release preparation for codeql-cli-2.9.0
2022-04-21 19:22:17 +00:00
Tom Hvitved
c20ce62767
Ruby: Exclude SplatExpr from taint tracking
...
`SplatExpr`s are modelled using flow summaries, so there is no need to include them
explicitly in `defaultAdditionalTaintStep`.
2022-04-21 20:27:04 +02:00
Mathias Vorreiter Pedersen
813de65118
Merge pull request #8799 from jketema/comment-fix
...
C++: Fix the layout of comments in `getBufferSize`
2022-04-21 17:17:42 +01:00
Mathias Vorreiter Pedersen
7df7e99761
Merge pull request #8797 from github/release-prep/2.9.0
...
Release preparation for version 2.9.0
2022-04-21 17:14:52 +01:00
Mathias Vorreiter Pedersen
d2d92fad36
Merge pull request #723 from github/release-prep/2.9.0
...
Release preparation for version 2.9.0
2022-04-21 17:14:45 +01:00
Owen Mansel-Chan
6f91cc1cb1
Merge pull request #719 from owen-mc/bugfix/find-callee-through-function-variables
...
Look for callees through function variables
2022-04-21 17:00:59 +01:00
Geoffrey White
40da7a1055
C++: Add a test of NoCheckBeforeUnsafePutUser.ql.
2022-04-21 16:55:50 +01:00
Jeroen Ketema
a09fd8c35e
C++: Fix the layout of comments in getBufferSize
2022-04-21 17:42:10 +02:00
Jeroen Ketema
8139e1a2a8
C++: Fix tests after extractor changes that improve using position accuracy
2022-04-21 17:36:11 +02:00
Dave Bartolomeo
410bc6f2e0
Fix formatting in change log
2022-04-21 11:04:30 -04:00
Dave Bartolomeo
71b4570765
Fix formatting in change log
2022-04-21 11:03:52 -04:00
Dave Bartolomeo
55e1ec2b47
Fix formatting in change log
2022-04-21 11:03:18 -04:00
Dave Bartolomeo
e9be6fcf86
Fix formatting in change log
2022-04-21 11:02:58 -04:00
Dave Bartolomeo
b2fe530f1c
Fix formatting in change log
2022-04-21 11:02:31 -04:00
Dave Bartolomeo
136d3ff1f4
Fix formatting in change log
2022-04-21 11:02:07 -04:00
Dave Bartolomeo
d0687303f4
Fix formatting in change log
2022-04-21 11:01:39 -04:00
Dave Bartolomeo
033694d7f7
Fix formatting in change log
2022-04-21 11:00:38 -04:00
Dave Bartolomeo
b224f81e24
Fix formatting in change log
2022-04-21 10:59:38 -04:00
Dave Bartolomeo
fb710cd944
Fix formatting in change log
2022-04-21 10:59:03 -04:00
Dave Bartolomeo
f042d9bfea
Fix formatting in change log
2022-04-21 10:58:26 -04:00
Dave Bartolomeo
36ca792986
Fix formatting in change log
2022-04-21 10:57:35 -04:00
Dave Bartolomeo
ab50df829e
Fix formatting in change log
2022-04-21 10:57:05 -04:00
github-actions[bot]
eeaf233c29
Release preparation for version 2.9.0
2022-04-21 14:49:00 +00:00
github-actions[bot]
355f4c6186
Release preparation for version 2.9.0
2022-04-21 14:48:55 +00:00
Tom Hvitved
bd09c61504
Merge pull request #8786 from hvitved/ruby/dataflow/argument-tokens
...
Ruby: Implement `Argument[any]` and `Argument[n..]`
2022-04-21 16:31:24 +02:00
Michael Nebel
0ec5aa6095
Merge pull request #8675 from michaelnebel/csharp/capturemodelimprovement
...
C#: CaptureModel improvements
2022-04-21 15:16:35 +02:00
Tom Hvitved
addb92f13b
Ruby: Handle captured variables in BarrierGuard::getAGuardedNode()
2022-04-21 13:25:47 +02:00
Tom Hvitved
325b451288
Ruby: Add barrier guards test involving captured variables
2022-04-21 13:25:40 +02:00
Michael Nebel
6180970ae7
C#: Address review comments.
2022-04-21 13:05:32 +02:00
Owen Mansel-Chan
5f3b913d7f
Add change note
2022-04-21 11:34:51 +01:00
Owen Mansel-Chan
62489e1afd
Fix viableCallable for function variables
2022-04-21 11:32:08 +01:00
Owen Mansel-Chan
69c9099a24
Look for callees through function variables
2022-04-21 11:32:07 +01:00
Owen Mansel-Chan
373017ab9d
Add tests for callees through function variables
2022-04-21 11:32:07 +01:00
Owen Mansel-Chan
528a735a0d
Improve CallNode.getCalleeName
...
Note that any results from expr.getTarget().getName() are also results
from expr.getCalleeName(), so it was redundant to have a disjunction of
both of them.
2022-04-21 11:30:28 +01:00
Owen Mansel-Chan
b6702b644d
Improve documentation of CallExpr.getCalleeName
2022-04-21 11:30:27 +01:00
Mathias Vorreiter Pedersen
74906fcbaf
Add exclusion rules for internal diagnostics queries to all the suite selectors (previously it was only excluded in the Code Scanning selector).
2022-04-21 10:11:26 +01:00
Tom Hvitved
b6309c9db0
Merge pull request #8792 from hvitved/csharp/exclude-model-generation-from-cs-suites
...
C#: Exclude model generation queries from all suites
2022-04-21 11:06:56 +02:00
Tom Hvitved
f65b6ae3d1
C#: Exclude model generation queries from all suites
2022-04-21 09:51:52 +02:00
Mathias Vorreiter Pedersen
966c6f108b
Merge pull request #8720 from MathiasVP/smaller-join-in-get-root-cause
...
C++: Remove TC from `Element.getRootCause`
2022-04-21 08:23:05 +01:00
Erik Krogh Kristensen
c1798c4ebd
remove redundant extends clause
2022-04-21 09:13:18 +02:00
Erik Krogh Kristensen
6007dfa101
fix qldoc in StoredXssCustomizations
...
Co-authored-by: Asger F <asgerf@github.com >
2022-04-21 09:11:08 +02:00
Erik Krogh Kristensen
b9a7c563d1
fix typo in change note
...
Co-authored-by: Asger F <asgerf@github.com >
2022-04-21 09:09:56 +02:00
Asger Feldthaus
c6e66edb97
JS: Change note
2022-04-21 08:32:01 +02:00
Harry Maclean
3ea6ba5398
Merge pull request #8618 from hmac/hmac/qlhelp-comment-workflow
...
Update existing qhelp comment, if it exists
2022-04-21 14:01:17 +12:00
Erik Krogh Kristensen
9927a82520
Merge pull request #8789 from erik-krogh/apiIpaBranches
...
JS/PY: mention newtype constructors in API graph label classes
2022-04-20 23:39:46 +02:00
Erik Krogh Kristensen
7e73ecceab
add change-note
2022-04-20 23:31:42 +02:00
Porcupiney Hairs
06edb3f3a1
fix formatting issues
2022-04-21 00:23:49 +05:30
Erik Krogh Kristensen
ff5b873557
Merge pull request #8773 from erik-krogh/exhaustion
...
JS: promote `js/resource-exhaustion` out of experimental
2022-04-20 19:33:42 +02:00
Erik Krogh Kristensen
9c5f3e9406
remove leftover debug comments
2022-04-20 18:42:46 +02:00
Erik Krogh Kristensen
aec8413487
PY: mention newtype constructors in API graph label classes
2022-04-20 18:38:44 +02:00
Erik Krogh Kristensen
ef51b46795
JS: mention newtype constructors in API graph label classes
2022-04-20 18:37:19 +02:00
Erik Krogh Kristensen
8bd975a6ec
Merge pull request #8785 from hvitved/ruby/api-graph-labels
...
Ruby: Mention `newtype` constructors in API graph label classes
2022-04-20 18:32:09 +02:00
Erik Krogh Kristensen
06394c8dc6
move storedXss sources to the Customizations file
2022-04-20 18:17:49 +02:00
Erik Krogh Kristensen
58fcdbc406
QL: remove some benign results from ql/abstract-class-import
2022-04-20 18:17:08 +02:00
Erik Krogh Kristensen
81ce8ac715
ATM: fix compiler warnings about unused variables
2022-04-20 18:10:59 +02:00
Erik Krogh Kristensen
4bc36d82f6
update expected output for ATM
2022-04-20 18:10:56 +02:00
Erik Krogh Kristensen
c1c66a0200
refactor CountAlertAndEndpoints to not refer to deprecated files
2022-04-20 18:10:56 +02:00
Erik Krogh Kristensen
c5f7df17ee
add .actual files to .gitignore for ATM tests
2022-04-20 18:10:56 +02:00
Erik Krogh Kristensen
1c5d59f885
fix an instance of ql/acronyms-should-be-pascal-case
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
ea6b68fc59
add missing qldoc
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
12e60c7a06
move TypeTestGuard to the Query.qll file
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
b1bad271d5
only activate the PrefixString label in Query.qll files
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
8a5b1668f9
move initialization of sanitizer-guards to Query.qll files
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
73dbe44824
remove dead import
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
8d3bd9d7cd
move the ExceptionXss sources into the Customizations file
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
25708c5091
move the XssThroughDom sources into the Customizations file
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
ad14bbae90
create a customizations file for StoredXss
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
162a4992a5
move the ReflectedXss sources/sinks into the Customizations file
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
173e1d0262
move the DomBasedXss sources/sinks into the Customizations file
2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
9631b68de9
move LocalUrlSanitizingGuard out of the customizations file
2022-04-20 18:10:52 +02:00
Arthur Baars
040dd09c5a
Merge pull request #8718 from github/sj/codeowners-pms
...
Update CODEOWNERS for documentation and license changes
2022-04-20 18:08:43 +02:00
Arthur Baars
98df392b4f
Merge pull request #8719 from github/sj/update-readme-license-explanation
...
Update README to clarify license explanation
2022-04-20 18:07:00 +02:00
AlexDenisov
a187939424
Merge pull request #8784 from AlexDenisov/alexdenisov/swift-package-test-sdk
...
Swift: package test SDK
2022-04-20 16:07:40 +02:00
Bas van Schaik
732a2c32a8
Update README.md
2022-04-20 15:03:49 +01:00
Anders Schack-Mulligen
677c436e99
Merge pull request #8703 from aschackmull/dataflow/revert-state-in-out-barriers
...
Dataflow: Revert support for flow-state based in-/out-barriers
2022-04-20 14:54:02 +02:00
Tom Hvitved
ea229d361c
Sync files
2022-04-20 13:55:18 +02:00
Tom Hvitved
b4542c58c2
Ruby: Implement Argument[any] and Argument[n..]
2022-04-20 13:55:18 +02:00
Rasmus Wriedt Larsen
bb6969a175
Merge branch 'main' into promote-xxe
2022-04-20 13:42:02 +02:00
Tom Hvitved
501b03149f
Ruby: Mention newtype constructors in API graph label classes
2022-04-20 13:37:55 +02:00
Nick Rolfe
9b2a98326c
Ruby: update use of PostUpdateNode now that it's public
2022-04-20 12:08:41 +01:00
Nick Rolfe
9b6e610e24
Merge remote-tracking branch 'origin/main' into nickrolfe/incomplete_sanitization
2022-04-20 12:05:22 +01:00
Nick Rolfe
3d109a4051
Merge pull request #8777 from github/nickrolfe/post_update_node
...
Ruby: make PostUpdateNode public
2022-04-20 12:04:37 +01:00
Alex Denisov
682c910d49
Swift: package test SDK
2022-04-20 12:35:19 +02:00
Mathias Vorreiter Pedersen
3388196c27
Merge branch 'main' into smaller-join-in-get-root-cause
2022-04-20 11:16:00 +01:00
Rasmus Wriedt Larsen
888a38c060
Python: Add change-note
2022-04-20 11:46:09 +02:00
Rasmus Wriedt Larsen
d70f247001
Python: More private import python
2022-04-20 11:42:13 +02:00
Rasmus Wriedt Larsen
084c8eb22e
Python: Don't re-export python under DataFlow::
2022-04-20 11:42:10 +02:00
Rasmus Wriedt Larsen
5dbbd17bb2
Python: Add test to ensure we keep DataFlow imports clean
...
Currently we're not in a good state :(
2022-04-20 11:41:01 +02:00
Asger F
e60475618d
Merge pull request #8728 from asgerf/ql/library-coverage
...
QL: Add facilities for data flow
2022-04-20 11:40:18 +02:00
Nick Rolfe
f1b8af1db9
Ruby: rename PostUpdateNode::Range to PostUpdateNodeImpl
2022-04-20 10:35:40 +01:00
Asger Feldthaus
44216b29a9
JS: Autoformat
2022-04-20 11:14:42 +02:00
Asger Feldthaus
4c66f50352
JS: More tests
2022-04-20 11:14:42 +02:00
Asger Feldthaus
fec2837c1e
JS: Ensure accessors do not appear to be calls
2022-04-20 11:14:42 +02:00
Asger Feldthaus
ddb682b181
JS: Show all accessor calls in CG test
2022-04-20 11:14:41 +02:00
Asger Feldthaus
37a76f4441
JS: PropWrite is not a SourceNode
2022-04-20 11:14:41 +02:00
Asger Feldthaus
c9db6201ef
JS: Add call-graph test for accessor calls
2022-04-20 11:14:41 +02:00
Asger Feldthaus
7d5c80433d
JS: Handle accessor-calls to static accessors
2022-04-20 11:14:41 +02:00
Asger Feldthaus
37b3a6e5c0
JS: Add ClassNode.getStaticMember
2022-04-20 11:14:41 +02:00
Anders Schack-Mulligen
cb898ae03f
Merge pull request #8701 from aschackmull/doc/any-none
...
Doc: Add any() and none() to the language reference.
2022-04-20 10:49:42 +02:00
yoff
0c7130602a
Merge pull request #8731 from RasmusWL/delete-old-readme
...
Python: Delete old dataflow readme
2022-04-20 10:36:12 +02:00
yoff
a66153d73e
Merge pull request #8733 from RasmusWL/split-dataflow-private
...
Python: Split `DataFlowPrivate`
2022-04-20 10:21:05 +02:00
Erik Krogh Kristensen
10130eef6d
Merge pull request #8678 from erik-krogh/fileSource
...
JS: Add files as a source for `js/xss-through-dom`
2022-04-20 09:18:38 +02:00
Harry Maclean
942388e8bc
Pipe to jq --arg instead of gh api --jq
2022-04-20 11:41:38 +12:00
Harry Maclean
eba303dea7
Fix typo
2022-04-20 11:21:06 +12:00
luchua-bc
b76873fc8d
Add more test cases
2022-04-19 22:22:15 +00:00
Robert Marsh
f94fcf11cd
C++: accept dataflow test changes
2022-04-19 13:32:19 -04:00
Felicity Chapman
b10e7300ae
Update docs/codeql/ql-language-reference/formulas.rst
2022-04-19 17:29:31 +01:00
Nick Rolfe
c02670aca2
Ruby: make PostUpdateNode public
2022-04-19 17:12:51 +01:00
Felicity Chapman
d663102ffb
Update docs/codeql/ql-language-reference/formulas.rst
2022-04-19 16:57:05 +01:00
luchua-bc
f0c4b1955b
Change getResource() to be a taint step
2022-04-19 15:55:09 +00:00
Felicity Chapman
6fbe227cbc
Try to fix Sphinx warning in formulas.rst
2022-04-19 16:36:42 +01:00
Stephan Brandauer
2fb3147b7b
Merge pull request #8430 from kaeluka/js/CVE-2022-24718
...
JS: Add taint step for handlebars model
2022-04-19 15:57:58 +01:00
Michael Nebel
91324d40b5
Merge pull request #8659 from michaelnebel/csharp/capturemodelsmetadata
...
C#: Add kind tag to Capture model queries.
2022-04-19 16:39:03 +02:00
Anders Schack-Mulligen
48fbbf2531
Dataflow: Add change notes.
2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
b521d64156
Dataflow: Sync.
2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
4ae59b530b
Dataflow: Revert flow-state versions of in-/out-barriers.
2022-04-19 15:29:34 +02:00
Nick Rolfe
08f6fbbe10
Ruby: make comment about backslash escaping clearer
2022-04-19 14:05:17 +01:00
Porcupiney Hairs
85c751cb7f
CPP: PAM Authorization Bypass
...
This PR is similar to my other PRs for
[Python](https://github.com/github/codeql/pull/8595 ) and
[Golang](https://github.com/github/codeql-go/pull/709 ).
This PR aims to detect instances were an initiated PAM Transaction invokes the `pam_authenticate` method but does not invoke a call to the pam_acct_mgmt` method. This is bad as a call to `pam_authenticate` only verifies the users credentials. It does not check if the user account is still is a valid state.
If only a call to `pam_authenticate` is used to verify the user, a user with an expired account password would still be able to login. This can be prevented by calling the `pam_acct_mgmt` function after a `pam_authenticate` function.
2022-04-19 18:24:19 +05:30
Geoffrey White
3326fd5400
C++: Update test .expected.
2022-04-19 13:43:17 +01:00
Geoffrey White
5698638d1f
Apply suggestions from code review (documentation)
...
Co-authored-by: hubwriter <hubwriter@github.com >
2022-04-19 13:38:00 +01:00
Erik Krogh Kristensen
8669bbd948
update expected output of rate-limit query after test reorg
2022-04-19 14:27:24 +02:00
Nick Rolfe
76c6a521fd
Ruby: add clarifying comment
2022-04-19 13:10:57 +01:00
Anders Schack-Mulligen
82463c9290
Merge pull request #8774 from MathiasVP/nomagic-revPartialPathStep
...
Add `nomagic` to `revPartialPathStep`
2022-04-19 14:02:04 +02:00
Michael Nebel
c79c9dd573
C#: Don't generate models for any higher order callables.
2022-04-19 12:50:51 +02:00
Michael Nebel
8726766465
C#: Remove the API special case for GetHashCode, Equals and IEquatable.Equals as these are now excluded based on their type.
2022-04-19 12:50:51 +02:00
Michael Nebel
f6fd401df1
C#: Add some testcases, where we don't get a summary due to the use of simple types.
2022-04-19 12:50:51 +02:00
Michael Nebel
f9e5c6b77d
C#: Don't use simple types in summaries test cases as these will be excluded in generation purely based on the type.
2022-04-19 12:50:51 +02:00
Michael Nebel
f533636ad7
C#: Remove taint when it flows via a primitive/simple type (as is the case for java).
2022-04-19 12:50:51 +02:00
Nick Rolfe
76587c4144
Ruby: fix capitalisation of String in qhelp
2022-04-19 11:42:31 +01:00
Nick Rolfe
468c718da0
Ruby: simplify predicate
2022-04-19 11:32:26 +01:00
Nick Rolfe
ac805f0cdc
Ruby: simplify predicate by using DataFlow::CallNode
2022-04-19 11:27:33 +01:00
Nick Rolfe
ca4dc0583d
Ruby: fix comment typos
2022-04-19 11:15:34 +01:00
Geoffrey White
6e184f2438
C++: Rename variables 'a' and 'b'.
2022-04-19 10:57:42 +01:00
Nick Rolfe
14de91ce94
Ruby: make StringSubstitutionCal extend DataFlow::CallNode
2022-04-19 10:52:14 +01:00
Mathias Vorreiter Pedersen
a7c0113bc7
Merge pull request #8741 from geoffw0/autogen
...
C++: Fix issue with extremely long comments in AutogeneratedFile.qll
2022-04-19 10:45:16 +01:00
Geoffrey White
da38c9041c
C++: Improvements from PR comments.
2022-04-19 10:25:00 +01:00
Geoffrey White
50c7e47dd9
C++: Improve QLDoc.
2022-04-19 10:15:12 +01:00
Erik Krogh Kristensen
6799232009
fix typo in qldoc
2022-04-19 11:09:27 +02:00
Geoffrey White
da454128ed
Update cpp/ql/src/Security/CWE/CWE-611/XXE.ql
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-04-19 10:08:07 +01:00
Geoffrey White
0aa1945f30
C++: Comments.
2022-04-19 10:04:15 +01:00
Mathias Vorreiter Pedersen
91b413d59f
Dataflow: Sync identical files.
2022-04-19 09:57:21 +01:00
Erik Krogh Kristensen
4b6d8e6865
add missing qldoc
2022-04-19 10:56:58 +02:00
Mathias Vorreiter Pedersen
d5722ffa61
C++: Add 'nomagic' to 'revPartialPathStep'.
2022-04-19 09:56:41 +01:00
Erik Krogh Kristensen
8e5a7bcd76
add change-note
2022-04-19 10:53:48 +02:00
Erik Krogh Kristensen
e0b5197d3c
a slight refactor
2022-04-18 22:21:41 +02:00
Erik Krogh Kristensen
7f592a6c64
merge Clipboard.qll and DragAndDrop.qll, and support InputEvent
2022-04-18 22:17:31 +02:00
Robert Marsh
cae08c505f
Merge branch 'main' into rdmarsh2/ir-global-vars
2022-04-18 15:25:03 -04:00
Robert Marsh
b5c8413f5c
Merge branch 'main' into rdmarsh2/ir-global-vars
2022-04-18 15:19:25 -04:00
Chuan-kai Lin
b433f08cef
Merge pull request #8770 from cklin/csharp-downgrades-remove-version
...
C#: remove version from downgrades pack
2022-04-18 09:41:21 -07:00
Chuan-kai Lin
8e850ee564
C#: remove version from downgrades pack
2022-04-18 08:46:05 -07:00
Chad Bentz
990b7a29e8
Docs - Supported Queries - Fixing broken link
...
update link target
2022-04-18 10:30:24 -04:00
Marcono1234
6a48ba955c
Clarify that min, max and rank may have multiple results
2022-04-16 19:12:25 +02:00
Marcono1234
8fdfe5426f
Clarify min, max and rank documentation regarding expression type
2022-04-16 18:53:07 +02:00
jorgectf
9e1b98e5a4
Detach MyBatisAbstractSqlMethodsStep from MyBatisAbstractSql
2022-04-15 13:08:04 +02:00
Jean Helie
f1f00ccac5
ML: add .gitkeep to resources dir in which ML models are to be found
2022-04-15 12:19:06 +02:00
Chris Smowton
90505949c7
Generally define lower-numbered data-flow configs in terms of higher-numbered ones
...
Since usually we have DataFlow3::Configurations that stand alone, DataFlow2::Configurations that depend on them, and finally DataFlow::Configurations that produce a top-level query result (for example), qll files where the reverse pattern holds will usually not be concurrently importable due to dataflow configuration recursion prevention.
2022-04-15 09:25:40 +01:00
Chris Smowton
27d87e9300
Add TaintTracking3
2022-04-15 09:25:26 +01:00
Erik Krogh Kristensen
2e5d435bea
add CWE-400, and add a reference to DoS attacks
2022-04-14 18:37:50 +02:00
Geoffrey White
8a32c17c56
C++: Fix the issue.
2022-04-14 17:03:28 +01:00
Paolo Tranquilli
24697feebc
Swift: integrated template name in dataclass
2022-04-14 15:53:15 +02:00
Paolo Tranquilli
197ea5b8f3
Swift: use more @property in codegen
2022-04-14 12:28:52 +02:00
Paolo Tranquilli
71f9b25500
Swift: uses classes instead of Enum for Properties
2022-04-14 11:35:11 +02:00
Paolo Tranquilli
64496b4c97
Swift: cleanup and some docstrings for codegen
...
Also added code generation and clang formatting to the pre-commit
configuration.
2022-04-14 11:27:41 +02:00
Paolo Tranquilli
91fd83a554
Swift: dbscheme generator
...
This patch introduces the basic infrastructure of the code generation
suite and the `dbscheme` generator.
Notice that the checked in `schema.yml` should reflect swift 5.6 but
might need some tweaking.
Closes https://github.com/github/codeql-c-team/issues/979
2022-04-14 11:27:41 +02:00
Jean Helie
d094bbc06d
Merge pull request #8546 from github/jhelie/enforce-unknown-incompatibiliy-with-notasink
...
ML: add defensive check to ensure Unknown endpoints cannot also be NotASink
2022-04-14 11:21:18 +02:00
Geoffrey White
2ac21d6932
C++: Use isBarrier rather than isBarrierOut (which is going away).
2022-04-14 09:21:57 +01:00
Harry Maclean
cf0611d1e7
Pass args to jq via --arg
2022-04-14 13:50:41 +12:00
Harry Maclean
a90647798e
Fail workflow if COMMENT_ID fails validation
...
And print an error message to STDERR.
2022-04-14 13:21:38 +12:00
Harry Maclean
c9a5cb4bf6
Distinguish between validated and raw COMMENT_ID
2022-04-14 13:19:14 +12:00
Harry Maclean
c3f1fba985
Merge pull request #8598 from hmac/hmac/insecure-dep-resolution
...
Ruby: Add rb/insecure-dependency query
2022-04-14 02:09:44 +02:00
Erik Krogh Kristensen
4c97f68a3d
remove postmessage events as source for js/resource-exhaustion
2022-04-13 23:14:42 +02:00
Erik Krogh Kristensen
51a0b6d501
remove client-side remote-flow from js/resource-exhaustion
2022-04-13 23:05:59 +02:00
Geoffrey White
27b6b99cd0
C++: Correct and improve some comments and naming.
2022-04-13 18:34:15 +01:00
Nick Rolfe
a1a7d2c088
Ruby: add changenote for rb/incomplete-sanitization
2022-04-13 17:32:38 +01:00
Nick Rolfe
fdca896614
Ruby: improve handling of [g]sub!
...
rb/incomplete-sanitization has a few cases where we find flow from one
one string substitution call to another, e.g.
a.sub(...).sub(...)
But this didn't find typical chained uses of the destructive variants,
e.g.
a.sub!(...)
a.sub!(...)
We now handle those cases by tracking flow from the post-update node for
the receiver of the first call.
2022-04-13 17:19:25 +01:00
Jean Helie
1e39a9caae
ML: update regression test output following fix to getAnUnknown predicate
2022-04-13 18:14:16 +02:00
Jean Helie
f87cd164ce
ML: add defensive check to ensure Unknown endpoints cannot also be NotASink
2022-04-13 18:14:16 +02:00
Jean Helie
f2b813a6e7
ML: add regression test for effective sink that is also NotASink
2022-04-13 18:14:16 +02:00
Henry Mercer
6603f8ab94
Merge pull request #8734 from github/henrymercer/non-extending-subtypes-minor-fixes
...
Docs: Fix typo and formatting in "Non-extending subtypes"
2022-04-13 17:11:33 +01:00
Nick Rolfe
bbb8177176
Ruby: add rc/incomplete-sanitization query
2022-04-13 16:48:43 +01:00
Henry Mercer
54b3d4d0d7
Docs: Fix typo and formatting in "Non-extending subtypes"
...
- Fix typo `select any(Foo f) would yield bar` -> `select any(Foo f).foo() would yield bar`
- Fix inline code formatting
- Change `foo_method` to `fooMethod` to follow QL style guide
2022-04-13 16:12:42 +01:00
Geoffrey White
2ad81e63a5
C++: Change note.
2022-04-13 16:11:14 +01:00
AlexDenisov
df2cc181a0
Merge pull request #8726 from redsun82/swift-prebuilt-fetching
...
Swift: fetch prebuilt swift and link against it
2022-04-13 16:58:36 +02:00
Geoffrey White
dfd846bb7b
C++: Changes to the qhelp.
2022-04-13 15:53:13 +01:00
Paolo Tranquilli
aaf9e7da2f
turn off universal_binaries for now
2022-04-13 16:45:23 +02:00
Paolo Tranquilli
9e3401ce59
make self repository name parametric
...
In a workspace macro we must use the exact repository name, and this
can be different when importing the workspace (it is different in
semmle-code).
2022-04-13 16:22:27 +02:00
Paolo Tranquilli
73d5691d91
update swift package
2022-04-13 16:22:27 +02:00
Paolo Tranquilli
e68172f4b0
Swift: fetch prebuilt swift and link against it
...
This is known to break linux integration in sembuild.
2022-04-13 16:22:27 +02:00
Geoffrey White
d83aea5ea3
C++: Copy the qhelp from Javascript.
2022-04-13 15:16:01 +01:00
Geoffrey White
b149666f45
C++: Query metadata (precision is provisional, might up it to 'high' later).
2022-04-13 15:15:28 +01:00
Rasmus Wriedt Larsen
a271e17f04
Python: Move dataflow call-graph to new qll file
...
Seems like all other languages use a file called `DataFlowDispatch`. I
want to introduce a setup where we have (old) points-to based approach
in one file, and can develop a type-tracking based approach in another
file, so that's the reason for the naming differing slightly.
For which predicates go in which files, I have taken mostly inspiration
from C# and Ruby.
2022-04-13 15:56:57 +02:00
Rasmus Wriedt Larsen
3d15205084
Python: Autoformat
2022-04-13 15:36:16 +02:00
Rasmus Wriedt Larsen
ded4e9250c
Python: Move IterableUnpacking to own file
2022-04-13 15:36:05 +02:00
Rasmus Wriedt Larsen
c740894408
Python: Move MatchUnpacking to own file
...
I had hoped that git would be able to see this as a rename, and
therefore I haven't done autoformat
2022-04-13 15:36:05 +02:00
AlexDenisov
058ac5bcae
Merge pull request #8717 from AlexDenisov/alexdenisov/swift-ql-ci
...
Swift: enable QL tests on CI
2022-04-13 14:42:27 +02:00
Geoffrey White
be0df1662c
C++: Rename the query file.
2022-04-13 13:20:02 +01:00
Geoffrey White
ffbe724040
C++: Remove unfinished parts for now.
2022-04-13 13:18:23 +01:00
Jean Helie
407a8a7715
ML: fix ATM expected tests outputs
2022-04-13 14:02:12 +02:00
Rasmus Wriedt Larsen
2e60172bfa
Python: Delete old dataflow readme
2022-04-13 12:09:38 +02:00
Rasmus Wriedt Larsen
6235dc5039
Python: Handle find_library assignment to temp variable
2022-04-13 11:44:15 +02:00
Rasmus Wriedt Larsen
c87b3087be
Python: Add test for Django FileField upload_to
...
The output from running the test script is:
```
'rootdir/bar'
[13/Apr/2022 09:20:36] "POST /app/file-test/ HTTP/1.1" 200 2
'rootdir/bar'
[13/Apr/2022 09:20:36] "POST /app/file-test/ HTTP/1.1" 200 2
'rootdir/foo%2fbar'
[13/Apr/2022 09:20:36] "POST /app/file-test/ HTTP/1.1" 200 2
'rootdir/%2e%2e%2fbar'
[13/Apr/2022 09:20:36] "POST /app/file-test/ HTTP/1.1" 200 2
'rootdir/foo%c0%afbar'
[13/Apr/2022 09:20:36] "POST /app/file-test/ HTTP/1.1" 200 2
```
I didn't add a `.py` extension, so it wasn't extracted, since we don't
actually care about what we model in that file.
2022-04-13 11:27:18 +02:00
Rasmus Wriedt Larsen
304713ca87
Python: Handle django v4 as well in tests
2022-04-13 11:21:44 +02:00
Paolo Tranquilli
6166f0601c
Merge pull request #8727 from redsun82/bazel_workspace_rename
...
Bazel: rename workspace to codeql
2022-04-13 10:51:10 +02:00
Alex Denisov
60c6241382
Swift: run QL tests on macOS
2022-04-13 10:35:15 +02:00
Rasmus Wriedt Larsen
bdadf2b445
Python: Fix warnings
2022-04-13 10:30:59 +02:00
Asger Feldthaus
a5ad4c8263
QL: Update printAst output
...
Annotations are not longer their own children/parent.
2022-04-13 10:29:21 +02:00
Rasmus Wriedt Larsen
4927f0018b
Merge branch 'main' into django-filefield-uploadto
2022-04-13 10:22:28 +02:00
Erik Krogh Kristensen
41bdd8f4da
minor fixes
2022-04-13 10:11:07 +02:00
Erik Krogh Kristensen
b13e7c055b
move the sanitizer-guard to the Query.qll file
2022-04-13 09:58:33 +02:00
Erik Krogh Kristensen
96e4633dfe
remove more code that did nothing
2022-04-13 09:57:32 +02:00
Erik Krogh Kristensen
a9595af01e
update expected output
2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen
d35604ed82
remove the length sanitizer from loop-bound-injection - it did nothing
2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen
dd28157d0a
add test of a length check
2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen
8e47a9b242
add sanitizer step for .length in js/resource-exhaustion
2022-04-13 09:30:09 +02:00
Stephan Brandauer
fb66ccff39
handlebars taint step: conservatively assume unknown templates have no flow to helpers
2022-04-13 09:27:59 +02:00
Asger Feldthaus
c1827cfd30
QL: Add test for getAStringValue
2022-04-13 08:45:25 +02:00
Asger Feldthaus
4c72c31a5a
QL: Add InlineExpectationsTest
2022-04-13 08:45:25 +02:00
Asger Feldthaus
b0801c9b2f
QL: Add some missing qldoc
2022-04-13 08:45:25 +02:00
Asger Feldthaus
8188e2876c
QL: Autoformat
2022-04-13 08:45:25 +02:00
Asger Feldthaus
6632b7da1c
QL: Add FrameworkCoverage query
2022-04-13 08:45:25 +02:00
Alex Denisov
b8c1f1a6e1
Swift: run QL tests on Linux
2022-04-13 07:44:19 +02:00
Geoffrey White
cdce72b87c
C++: Better join order for reachesWithoutAssignment.
2022-04-12 17:34:02 +01:00
Porcupiney Hairs
785dc1af3c
Include changes from review
2022-04-12 21:17:39 +05:30
Paolo Tranquilli
141ba2e039
Bazel: rename workspace to codeql
2022-04-12 17:37:29 +02:00
Robert Marsh
0e3e35f233
C++: don't dump global vars without initializers
2022-04-12 11:21:41 -04:00
Paolo Tranquilli
03ebf8b049
Merge pull request #8700 from redsun82/swift-skeleton
...
Swift: first skeleton extractor
2022-04-12 17:14:42 +02:00
Paolo Tranquilli
8ef28787b6
Swift: do not fail pack creation if dir does not exist
2022-04-12 17:05:26 +02:00
Erik Krogh Kristensen
a2d2626c9c
add security severity
2022-04-12 16:34:00 +02:00
Erik Krogh Kristensen
d64df30724
reintroduce the reverted qhelp
2022-04-12 16:33:06 +02:00
Erik Krogh Kristensen
ebf9ba7250
remove the type-overloaded new Buffer() as a sink
2022-04-12 16:29:58 +02:00
Erik Krogh Kristensen
e2b7f7d05d
reintroduce the number sinks
2022-04-12 16:26:10 +02:00
Erik Krogh Kristensen
029459cc35
reorganize CWE-770 tests
2022-04-12 16:15:40 +02:00
Paolo Tranquilli
6440242268
Swift+Bazel: apply review comments
2022-04-12 16:03:20 +02:00
Erik Krogh Kristensen
688b2b6898
use the Query.qll pattern
2022-04-12 15:52:52 +02:00
Erik Krogh Kristensen
8fb54c3f32
move js/resource-exhaustion out of experimental
2022-04-12 15:51:36 +02:00
Asger Feldthaus
4b74fa628c
QL: Add global flow and type-tracking
2022-04-12 15:25:09 +02:00
Asger Feldthaus
0ffb558e48
QL: Support local flow via unification
2022-04-12 15:25:06 +02:00
Asger Feldthaus
49d5b662ff
QL: Add Node.getEnclosingPredicate
2022-04-12 15:25:03 +02:00
Asger Feldthaus
2b8454001a
QL: Add scoped variable nodes
2022-04-12 15:24:59 +02:00
Asger Feldthaus
2d640e7e95
QL: Add basic data flow nodes
2022-04-12 15:24:55 +02:00
Asger Feldthaus
c9b9751894
QL: Add NodeNumbering library
2022-04-12 15:24:52 +02:00
Asger Feldthaus
60a22b71b4
QL: Remove redundant union part
2022-04-12 15:24:48 +02:00
Asger Feldthaus
f02912bdf5
QL: Add VarDef.getAnAccess
2022-04-12 15:24:45 +02:00
Asger Feldthaus
85403cd4de
QL: Fix up parent-child relation in tree
2022-04-12 15:24:42 +02:00
Erik Krogh Kristensen
df295e69d6
add change-note
2022-04-12 14:37:51 +02:00
Erik Krogh Kristensen
bca4d14129
rename files
2022-04-12 14:37:43 +02:00
Erik Krogh Kristensen
591fcda862
various improvements to the js/missing-origin-verification query
2022-04-12 14:20:41 +02:00
Erik Krogh Kristensen
2d6d304d7c
add InclusionTest to PostMessageEventSanitizer
2022-04-12 14:12:36 +02:00
Chris Smowton
a8eeef6ef8
Merge pull request #718 from owen-mc/fix-incorrect-integer-conversion-for-type-assertions
...
Integer conversion should ignore type assertions
2022-04-12 12:44:43 +01:00
Paolo Tranquilli
f2f99611bd
.gitignore CLion project files
2022-04-12 12:41:00 +02:00
Paolo Tranquilli
a205b465ba
Bazel: reorganization
...
* fixed 5.0.0 as bazel version
* made dependencies better loadable
* moved `//swift/install` to `//swift:create-extractor-pack` (following
the clearer ruby naming)
* renamed `extractor_pack` to `extractor-pack` for consistency with Ruby
2022-04-12 12:40:59 +02:00
Paolo Tranquilli
13b2442fed
Bazel: code reorganization
2022-04-12 12:40:59 +02:00
Paolo Tranquilli
664d5ba0a9
Swift: moved install to a separate package
...
When importing the workspace from semmle-code, we do not need nor want
to instantiate `@util`, so that must be in a separate bazel package.
2022-04-12 12:40:59 +02:00
Paolo Tranquilli
95dbf2d666
Swift: first skeleton extractor
...
This adds a first dummy extractor for swift.
Running `bazel run //swift:install` will create an `extractor_pack`
directory in `swift`. From that moment providing `--search-path=swift`
will pick up the extractor.
2022-04-12 12:40:59 +02:00
Owen Mansel-Chan
f9f21e9891
Integer conversion should ignore type assertions
2022-04-12 10:58:07 +01:00
Erik Krogh Kristensen
e2badab251
update expected output after test reorganization
2022-04-12 10:39:28 +02:00
Erik Krogh Kristensen
ec9c308d06
reorganize the tests in CWE-020
2022-04-12 10:39:28 +02:00
Erik Krogh Kristensen
18532bae54
move js/missing-postmessageorigin-verification out of experimental
2022-04-12 10:39:27 +02:00
CodeQL CI
a43f3a21a8
Merge pull request #8550 from erik-krogh/classJoin
...
Approved by asgerf
2022-04-12 09:23:58 +01:00
Erik Krogh Kristensen
34abef8a6c
Merge branch 'main' into dragAndDrop
2022-04-11 23:59:46 +02:00
bananabr
57fac949fd
included ClipboardEvent and DragEvent as XSS sources
2022-04-11 16:37:00 -05:00
luchua-bc
7029802f3b
Add sinks for getClass() and getClassLoader()
2022-04-11 21:03:48 +00:00
Erik Krogh Kristensen
aafa8ddc9f
add support for domNode.onpaste for copy-paste events
2022-04-11 20:10:56 +02:00
Erik Krogh Kristensen
6713b2c671
add support for domNode.ondrop for drag-and-drop events
2022-04-11 20:06:12 +02:00
bananabr
121aad7fd2
updated change notes
2022-04-11 12:45:37 -05:00
Geoffrey White
cb211f8844
Merge pull request #8599 from 4B5F5F4B/main
...
C++: refactor some code, and add access_ok cases
2022-04-11 15:57:27 +01:00
Mathias Vorreiter Pedersen
e86b6b182f
C++: Remove TC from 'Element.getRootCause'.
2022-04-11 15:27:10 +01:00
Bas van Schaik
c3912b2f29
Update README to clarify license explanation
2022-04-11 14:30:56 +01:00
CodeQL CI
9c8dee2a4d
Merge pull request #8687 from asgerf/js/missing-flow-fixes
...
Approved by erik-krogh
2022-04-11 14:08:15 +01:00
Bas van Schaik
422255b859
Update CODEOWNERS for documentation and license
...
To make sure the right people are pinged when a change like #5893 is made
2022-04-11 12:33:23 +01:00
Marcono1234
bc5dc6ad50
Java: Remove TODO comment for getRuleExpression() behavior
...
Predicate behavior has been fixed on `main`.
2022-04-10 18:24:26 +02:00
Marcono1234
7bed14bbf0
Merge remote-tracking branch 'remotes/origin/main' into marcono1234/statement-expression
2022-04-10 18:23:45 +02:00
Marcono1234
348a186df8
Java: Make JumpStmt a concrete class again
...
Public abstract classes can be error-prone, when users unintentionally
implement a new subclass instead of refining the set of existing subclasses.
2022-04-10 17:54:47 +02:00
bananabr
0f1582f3f6
included JavaScript drag and drop API Xss sources
2022-04-09 22:33:30 -05:00
luchua-bc
eccd97c7b7
Query to detect unsafe getResource calls in Java EE applications
2022-04-09 01:14:15 +00:00
Taus
626770aaab
Merge pull request #8004 from ahmed-farid-dev/ZipSlip
...
Add query to detect ZipSlip
2022-04-08 23:55:02 +02:00
Jeroen Ketema
4cfe04567f
Merge pull request #8702 from jketema/command-line-sanitizer
...
C++: Use `isSanitizerOut(DataFlow::Node node)` in `cpp/command-line-injection`
2022-04-08 23:42:35 +02:00
Taus
3d14c5f3c3
Python: Update tests
...
We need to import `tty` in order to be able to detect the standard library correctly.
2022-04-08 23:20:47 +02:00
Taus
ab81247b7c
Python: Fix modelling in ZipSlip.qll
...
- Remove use of points-to.
- Exclude sources and sinks in the standard library (to prevent test brittleness).
2022-04-08 23:19:41 +02:00
Taus
57beeaada0
Python: Fix name clash in CopyFile.qll
2022-04-08 23:18:03 +02:00
Taus
e1371151f9
Python: Autoformat Concepts.qll
2022-04-08 23:16:41 +02:00
Taus
8521f9a008
Python: Autoformat ZipSlip.ql
2022-04-08 23:13:38 +02:00
Taus
4b580820c8
Python: Fix broken QHelp
2022-04-08 23:12:46 +02:00
Edoardo Pirovano
b953fe39c2
Merge pull request #716 from github/edoardo/3.5-mergeback
...
Merge `rc/3.5` branch into `main`
2022-04-08 20:43:15 +01:00
Edoardo Pirovano
3d41a5cae3
Merge pull request #8704 from github/edoardo/3.5-mergeback
...
Merge `rc/3.5` branch into `main`
2022-04-08 19:32:58 +01:00
Dave Bartolomeo
e3b7ba6b1f
Revert "Bump version of suite-helpers dependency"
...
This reverts commit 49e568ed44 .
2022-04-08 14:06:59 -04:00
Dave Bartolomeo
49e568ed44
Bump version of suite-helpers dependency
2022-04-08 13:11:33 -04:00
Dave Bartolomeo
9f074cd8fd
Bump a few more versions
...
Also fixes up some dependency declarations that should have been "*" because they refer to packs in the same workspace.
2022-04-08 13:01:41 -04:00
Geoffrey White
8d1e8e9ecb
C++: Flow states and transformers.
2022-04-08 17:19:18 +01:00
Owen Mansel-Chan
f196538953
Merge pull request #714 from owen-mc/fix-get-enclosing-callable
...
Extend DataFlowCallable to include file scopes
2022-04-08 17:02:35 +01:00
Edoardo Pirovano
16c0f11c00
Bump minor version of packs
2022-04-08 15:51:34 +01:00
Edoardo Pirovano
f25618eed6
Bump minor version of all packs
2022-04-08 15:38:58 +01:00
Edoardo Pirovano
ce82c54b94
Merge branch 'main' into edoardo/3.5-mergeback
2022-04-08 15:30:58 +01:00
Owen Mansel-Chan
b9ff1ccd45
Add change note
2022-04-08 15:23:24 +01:00
Ian Lynagh
3e5b5bee8a
Merge pull request #8642 from github/post-release-prep/codeql-cli-2.8.5
...
Post-release preparation for codeql-cli-2.8.5
2022-04-08 15:09:21 +01:00
Ian Lynagh
6f6e8bfbd1
Merge pull request #713 from github/post-release-prep/codeql-cli-2.8.5
...
Post-release preparation for codeql-cli-2.8.5
2022-04-08 15:09:08 +01:00
Owen Mansel-Chan
76a0a51f39
Merge pull request #715 from owen-mc/print-empty-interface-with-single-space
...
Pretty-print empty interface without double space
2022-04-08 11:46:04 +01:00
Jeroen Ketema
83d35a9a96
C++: Use isSanitizerOut(DataFlow::Node node) in cpp/command-line-injection
2022-04-08 11:28:17 +02:00
annarailton
8ae905aef9
Update endpointTypeEncoded -> label
...
Fixes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/1821
2022-04-08 10:22:13 +01:00
annarailton
b0ab7218db
Add test for query mappings
2022-04-08 10:22:13 +01:00
annarailton
4808eb9926
Change encoding -> label and description -> labelName
...
Fixes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/1820
2022-04-08 10:22:13 +01:00
annarailton
de4e01a8f2
Change NotASinkType to NegativeType
...
Fixes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/1819
2022-04-08 10:22:13 +01:00
Anders Schack-Mulligen
35d30d6c3c
Doc: Add any() and none() to the language reference.
2022-04-08 10:28:13 +02:00
Owen Mansel-Chan
880afea959
Pretty-print empty interface without double space
2022-04-08 06:09:56 +01:00
Geoffrey White
3aaa058308
C++: Get the simplest part of the query working, disable the rest for now, fix metadata, formatting etc.
2022-04-07 19:01:30 +01:00
Geoffrey White
9a0880f516
C++: Clean up the tests, make them a bit more realistic, and add many more test cases.
2022-04-07 19:00:30 +01:00
Geoffrey White
e2eda65fe1
C++: Rename test, add .expected.
2022-04-07 18:59:51 +01:00
Tony Torralba
9833fa2451
Add tests for SpringController
2022-04-07 18:17:50 +02:00
Rasmus Wriedt Larsen
517444b5ff
Python: Fix SimpleXmlRpcServer.expected
2022-04-07 16:42:40 +02:00
Rasmus Wriedt Larsen
ec66f26ade
Python: Handle get_collection on pymongo DB
2022-04-07 16:32:20 +02:00
Rasmus Wriedt Larsen
89eeaf85d5
Python: Handle get_database on MongoClient instance
2022-04-07 16:31:17 +02:00
Rasmus Wriedt Larsen
7ca19653df
Python: mongoDBInstance refactor
2022-04-07 16:22:57 +02:00
Rasmus Wriedt Larsen
e58e9a273b
Python: mongoClientInstance refactoring
2022-04-07 16:22:16 +02:00
Rasmus Wriedt Larsen
0ce2ced1aa
Python: Model pymongo.mongo_client.MongoClient
2022-04-07 16:22:16 +02:00
Rasmus Wriedt Larsen
81fdc1bd78
Python: Add more pymongo NoSQL tests
2022-04-07 16:22:16 +02:00
Rasmus Wriedt Larsen
30fff1cf8b
Python: Merge pymongo NoSQL tests
2022-04-07 16:04:25 +02:00
Rasmus Wriedt Larsen
8191be9d75
Python: Move last XXE/XML bomb out of experimental
2022-04-07 15:37:56 +02:00
Rasmus Wriedt Larsen
405480c410
Python: Rename sink definitions for XXE/XML bomb
2022-04-07 15:37:56 +02:00
Anders Schack-Mulligen
4eaec3953a
Merge pull request #8694 from aschackmull/dataflow/cleanup-unused
...
Dataflow: Cleanup unused column
2022-04-07 15:16:27 +02:00
Anders Schack-Mulligen
c0f48b6c14
Merge pull request #8681 from JLLeitschuh/fix/JLL/os_check_bugs
...
Java: Fix Local Temp File/Dir Incorrect Guard Logic
2022-04-07 14:00:13 +02:00
Anders Schack-Mulligen
7beed570f2
Dataflow: Sync.
2022-04-07 13:53:48 +02:00
Anders Schack-Mulligen
876a9f80ce
Dataflow: remove unused column.
2022-04-07 13:53:27 +02:00
Erik Krogh Kristensen
7e4c76c63b
revert API-graph change in Flask.qll
2022-04-07 13:52:14 +02:00
Erik Krogh Kristensen
bdfd6bdc79
fix a ql/field-only-used-in-charpred warning
2022-04-07 13:52:14 +02:00
Erik Krogh Kristensen
50bfc8eaa0
refactor uses of API::Node::getAUse() that should have been something else
2022-04-07 13:52:13 +02:00
Erik Krogh Kristensen
4e5afab082
refactor more python type-trackers to API-graphs
2022-04-07 13:51:40 +02:00
Jeroen Ketema
319ff35bd7
Merge pull request #8692 from jketema/implied-cctor-source
...
Revert "Revert "Merge pull request #8592 from jketema/implied-cctor-source""
2022-04-07 13:38:39 +02:00
Asger Feldthaus
b85739cb7e
JS: Update test output
2022-04-07 13:23:26 +02:00
Jeroen Ketema
bfe9fb1721
Revert "Revert "Merge pull request #8592 from jketema/implied-cctor-source""
...
This reverts commit b1d9a070f4 .
2022-04-07 12:29:43 +02:00
Mathias Vorreiter Pedersen
a6f7bd102a
Merge pull request #8691 from jketema/revert-8592
...
Revert "Merge pull request #8592 from jketema/implied-cctor-source"
2022-04-07 11:26:33 +01:00
Owen Mansel-Chan
32f96c84ed
Merge pull request #8677 from github/RasmusWL/update-codeowners
...
Remove @xcorail from CODEOWNERS
2022-04-07 11:16:01 +01:00
Jeroen Ketema
b1d9a070f4
Revert "Merge pull request #8592 from jketema/implied-cctor-source"
...
This reverts commit d4834cb7ff , reversing
changes made to 268a3fd1c5 .
2022-04-07 12:02:37 +02:00
Mathias Vorreiter Pedersen
d4834cb7ff
Merge pull request #8592 from jketema/implied-cctor-source
...
C++: Add tests for copy constructor calls with implied source
2022-04-07 11:00:40 +01:00
Rasmus Wriedt Larsen
268a3fd1c5
Merge pull request #8680 from RasmusWL/subclass
...
Python: Refactor how we find a `Class` from `API::Node`
2022-04-07 11:52:52 +02:00
Rasmus Wriedt Larsen
e9df2f8fca
Update CODEOWNERS
...
remove extra blank line
2022-04-07 11:51:23 +02:00
Rasmus Wriedt Larsen
142ca78c7d
Update CODEOWNERS
...
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com >
2022-04-07 11:28:42 +02:00
Rasmus Wriedt Larsen
7728b6cf1b
Python: Change XmlBomb vulnerability kind
2022-04-07 10:56:35 +02:00
Asger Feldthaus
81cf3d4574
JS: Use Class#getAnInstanceReference
2022-04-07 10:43:29 +02:00
Rasmus Wriedt Larsen
218c698498
Update CODEOWNERS
...
Co-authored-by: Chuan-kai Lin <cklin@github.com >
2022-04-07 10:11:26 +02:00
Asger Feldthaus
2a67085d9d
JS: Change note
2022-04-07 10:02:21 +02:00
Erik Krogh Kristensen
ef9b6a11a6
Merge pull request #8679 from erik-krogh/getUrl
...
Java: rename existing getUrl predicate to getRepositoryUrl
2022-04-07 10:01:14 +02:00
Asger Feldthaus
4eda6f643f
JS: Recognize subclasses of HTMLElement in domValueRef
2022-04-07 09:57:31 +02:00
Asger Feldthaus
cff8dc0537
JS: Improve flow through Array.prototype.reduce
2022-04-07 09:57:31 +02:00
Michael Nebel
72d4c97463
Merge pull request #8628 from michaelnebel/csharp/generatedkind
...
C#: Introduce generated flag as a part of the kind column for flow summaries
2022-04-07 08:43:30 +02:00
Erik Krogh Kristensen
489d4cb908
add change-note
2022-04-06 23:23:50 +02:00
Jonathan Leitschuh
2753521650
Java: Fix Local Temp File/Dir Incorrect Guard Logic
...
Resolves https://github.com/github/codeql/pull/8032#discussion_r841723906
2022-04-06 12:16:09 -04:00
Rasmus Wriedt Larsen
f2f0873d91
Python: Use new API::CallNode for XML constant check
...
This also means that the detection of the values passed to these keyword
arguments will no longer just be from a local scope, but can also be
across function boundaries.
2022-04-06 15:49:06 +02:00
Rasmus Wriedt Larsen
c784f15762
Python: Rename more XML classes to follow convention
...
- `XMLEtree` to `XmlEtree`
- `XMLSax` to `XmlSax`
- `LXML` to `Lxml`
- `XMLParser` to `XmlParser`
2022-04-06 15:44:54 +02:00
Erik Krogh Kristensen
563d0d6532
rename existing getUrl predicate to getRepositoryUrl
2022-04-06 15:32:33 +02:00
Rasmus Wriedt Larsen
f8f41428df
Python: Minor refactor for FlaskViewClass
2022-04-06 15:15:42 +02:00
Rasmus Wriedt Larsen
1c2323eb85
Python: Refactor how we find a Class from API::Node
...
Using `getAnImmediateUse` might give better performance than `getAUse`.
Since all the changed code is about `API::Node`s that are found after
doing `.getASubclass*()`, this change is OK.
It's also nice to align how we actually do this.
2022-04-06 15:12:24 +02:00
Anders Schack-Mulligen
879b8a1200
Merge pull request #8676 from pwntester/java_hotspots_mods
...
Make security-related TaintTracking Configuration public
2022-04-06 14:40:14 +02:00
Robert Marsh
3a35a40062
WIP: start on CWE-611 tests
2022-04-06 12:55:56 +01:00
Robert Marsh
370dd057dc
C++: more WIP on Xerces XXE query
2022-04-06 12:55:54 +01:00
Robert Marsh
9b6c1bc691
WIP: Xerces XXE
2022-04-06 12:55:52 +01:00
Tom Hvitved
4099d1318f
Data flow: Tweak two join-orders
...
Before
```
[2022-04-06 13:19:29] (96s) Tuple counts for DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff/2@i14#aa10f2wi after 4.4s:
10681 ~0% {2} r1 = SCAN DataFlowImpl2::Stage1::revFlow#7ad53399#fff#prev_delta OUTPUT In.0, In.2 'config'
982 ~1% {3} r2 = JOIN r1 WITH DataFlowImpl2::readSet#7ad53399#ffff_2301#join_rhs ON FIRST 2 OUTPUT Rhs.3, Lhs.1 'config', Rhs.2
83691528 ~2% {3} r3 = JOIN r2 WITH DataFlowPublic::ContentSet::getAReadContent#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'config', Lhs.2, Rhs.1 'c'
83581763 ~2% {3} r4 = r3 AND NOT DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff#prev(Lhs.2 'c', Lhs.0 'config')
83581763 ~0% {3} r5 = SCAN r4 OUTPUT In.2 'c', In.0 'config', In.1
0 ~0% {3} r6 = JOIN r5 WITH DataFlowImpl2::Stage1::fwdFlowConsCand#7ad53399#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.1 'config', Lhs.0 'c'
0 ~0% {2} r7 = JOIN r6 WITH DataFlowImpl2::Stage1::fwdFlow#7ad53399#2#fff_02#join_rhs ON FIRST 2 OUTPUT Lhs.2 'c', Lhs.1 'config'
return r7
```
After
```
[2022-04-06 13:44:38] (6s) Tuple counts for DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff/2@i14#5abbf2wn after 6ms:
10681 ~0% {2} r1 = SCAN DataFlowImpl2::Stage1::revFlow#7ad53399#fff#prev_delta OUTPUT In.0, In.2 'config'
982 ~1% {3} r2 = JOIN r1 WITH DataFlowImpl2::readSet#7ad53399#ffff_2301#join_rhs ON FIRST 2 OUTPUT Rhs.3, Lhs.1 'config', Rhs.2
109765 ~0% {3} r3 = JOIN r2 WITH DataFlowImpl2::Stage1::fwdFlowConsCandSet#7ad53399#fff#reorder_0_2_1 ON FIRST 2 OUTPUT Lhs.1 'config', Lhs.2, Rhs.2 'c'
0 ~0% {3} r4 = r3 AND NOT DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff#prev(Lhs.2 'c', Lhs.0 'config')
0 ~0% {3} r5 = SCAN r4 OUTPUT In.1, In.0 'config', In.2 'c'
0 ~0% {2} r6 = JOIN r5 WITH DataFlowImpl2::Stage1::fwdFlow#7ad53399#2#fff_02#join_rhs ON FIRST 2 OUTPUT Lhs.2 'c', Lhs.1 'config'
return r6
```
2022-04-06 13:52:30 +02:00
Erik Krogh Kristensen
943af17d10
Merge pull request #8619 from erik-krogh/atmSteps
...
JS-ML: fix isKnownStepSrc such that it recognizes taint-steps
2022-04-06 12:56:53 +02:00
Rasmus Wriedt Larsen
23637fd691
Merge branch 'main' into promote-xxe
2022-04-06 12:56:31 +02:00
Erik Krogh Kristensen
0435cee57f
add a taint-step through URL.createObjectURL for js/xss-through-dom
2022-04-06 12:18:47 +02:00
Rasmus Wriedt Larsen
b99767ef52
Merge pull request #8668 from RasmusWL/use-instanceof
...
Python: Rewrite concepts to use `extends ... instanceof ...`
2022-04-06 12:09:12 +02:00
Erik Krogh Kristensen
b11d48e749
add files in the DOM as a source for js/xss-through-dom
2022-04-06 12:09:07 +02:00
Anders Schack-Mulligen
bbb6d08071
Merge pull request #8661 from Marcono1234/marcono1234/getMethod-public-only
...
Java: Fix reflection predicate for `getMethod` having non-public method result
2022-04-06 12:03:14 +02:00
Alvaro Muñoz Sanchez
9ccd0e564b
Add QLDocs
2022-04-06 12:00:41 +02:00
Rasmus Wriedt Larsen
4d2a3b38d2
Merge pull request #8511 from RasmusWL/use-query-suffix
...
Python: Use `Query.qll` suffix for dataflow configuration definitions
2022-04-06 11:59:29 +02:00
Rasmus Wriedt Larsen
2e9505e7f2
Remove @xcorail from CODEOWNERS
...
Since @xcorail didn't have write access to this repo, that caused troubles with the CODEOWNERS file.
2022-04-06 11:48:38 +02:00
Anders Schack-Mulligen
d0b5b99e74
Merge pull request #8611 from github/smowton/doc/switch-expr-accessors
...
Java: make SwitchCase.getRuleExpression/Statement more consistent
2022-04-06 11:16:40 +02:00
Tom Hvitved
31ec2988df
Merge pull request #8674 from hvitved/csharp/useless-upcast-lambda-tests
...
C#: Add more tests for `cs/useless-cast-to-self`
2022-04-06 11:11:40 +02:00
Tom Hvitved
cee527e03a
Document flow through arrays in dataflow.md
2022-04-06 11:11:02 +02:00
Alvaro Muñoz Sanchez
19b8d51c0b
Update CommandLineQuery
...
Make TaintTracking configuration public
2022-04-06 10:58:56 +02:00
Alvaro Muñoz Sanchez
abaa71e2c5
Update Sql Injection queries
...
move java/ql/src/Security/CWE/CWE-089/SqlInjectionLib.qll -> java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
2022-04-06 10:57:14 +02:00
Geoffrey White
6c70cb4581
Merge pull request #8672 from jketema/unused-locals
...
C++: Add `cpp/unused-local-variable` test case with `switch` initializer
2022-04-06 09:03:12 +01:00
Tom Hvitved
02b11084bc
C#: Add more tests for cs/useless-cast-to-self
2022-04-06 09:36:59 +02:00
4B5F5F4B
04538d0599
Autoformated to make CodeQL happy
2022-04-06 11:59:26 +08:00
ihsinme
275b29a288
Update DangerousUseOfExceptionBlocks.expected
2022-04-05 22:48:11 +03:00
Jeroen Ketema
d19504fca2
C++: Add cpp/unused-local-variable test case with switch initializer
...
This is similar to the test case with the `if` initializer, and we should
not forget about it once we support `if` initialization.
2022-04-05 18:27:53 +02:00
Owen Mansel-Chan
603c1d518e
Extend DataFlowCallable to include file scopes
...
The motivation is so that getEnclosingCallable() can cope with
nodes that are not in a callable.
2022-04-05 16:00:53 +01:00
Alex Ford
ccd7bb5e70
Merge pull request #8421 from alexrford/ruby/weak-cryptographic-algorithm
...
Ruby: Add `rb/weak-cryptographic-algorithm` query
2022-04-05 14:34:45 +01:00
Ahmed Farid
29f69bde75
Update zipslip_bad.py
2022-04-05 12:46:51 +00:00
Ahmed Farid
dfe7f532ac
Update CopyFile.qll
2022-04-05 12:42:05 +00:00
Ahmed Farid
0d6d07886b
Rename Zip.qll to CopyFile.qll
2022-04-05 12:37:14 +00:00
Ahmed Farid
8882bc1533
Update Frameworks.qll
2022-04-05 12:32:10 +00:00
Ahmed Farid
68bfe38529
Update Zip.qll
2022-04-05 12:31:30 +00:00
Michael Nebel
2562910b94
C#: Update Csv validation to allow sources and sink kinds to be prefixed with generated.
2022-04-05 14:25:34 +02:00
Michael Nebel
d7bf024318
Java: Add testcase for generated summary model.
2022-04-05 14:25:34 +02:00
Michael Nebel
0374f84c05
Java: Make support for generated as a part of kind.
2022-04-05 14:25:34 +02:00
Michael Nebel
3a04e9a03d
Java: Update java capture models with new kind column (including tests).
2022-04-05 12:55:47 +02:00
Michael Nebel
412699f407
C#: Modify generator and update test output with updated kind column.
2022-04-05 12:51:01 +02:00
Rasmus Wriedt Larsen
5b96db26b3
Python: Rewrite concepts to use extends ... instanceof ...
...
This solved performance problems experienced in
https://github.com/github/codeql/pull/8634 , and this commit+PR is to
ensure we get this change in as fast as possible.
2022-04-05 12:34:15 +02:00
Rasmus Wriedt Larsen
b7f56dd17e
Python: Rewrite concepts to use extends ... instanceof ...
...
This caused compilation time for `ConceptsTest.ql` to go from 1m24s to
7s
2022-04-05 12:31:09 +02:00
Rasmus Wriedt Larsen
a7dab53ed2
Python: Add change-note
2022-04-05 11:46:49 +02:00
Rasmus Wriedt Larsen
1f285b8983
Python: Rename to XmlParsingVulnerabilityKind
...
To keep up with style guide
2022-04-05 11:07:12 +02:00
Rasmus Wriedt Larsen
ab59d5c786
Python: Rename to XmlParsing
...
To follow our style guide
2022-04-05 11:06:22 +02:00
Michael Nebel
c2920405fc
C#: Add a query for detecting flow summaries that are discarded due to existing handwritten models.
2022-04-05 08:55:12 +02:00
Michael Nebel
3937714f9f
C#: The CaptureSummaryModels query should only produce summary models that will not be discarded at run-time.
2022-04-05 08:55:12 +02:00
Michael Nebel
784327c183
Java/Ruby: Hardcode generated flag to false.
2022-04-05 08:55:12 +02:00
Michael Nebel
8e1fa35367
C#: Add testcase, where generated flow summary is ignored.
2022-04-05 08:55:12 +02:00
Michael Nebel
de76df3988
C#: Only use generated summaries, if no handwritten model exist for a particular dataflow callable.
2022-04-05 08:55:12 +02:00
Michael Nebel
30dc4ae788
C#: Add testcase with multiple generated flow summaries.
2022-04-05 08:55:12 +02:00
Michael Nebel
689e8f1952
C#: Small testcase with a summary flow model that is listed as generated.
2022-04-05 08:55:12 +02:00
Michael Nebel
26ad4861a3
C#: Introduce parsing of the kind field.
2022-04-05 08:55:12 +02:00
Michael Nebel
f8b094ac1f
C#: Only use generated flow summaries in case no handwritten summary exists.
2022-04-05 08:55:11 +02:00
Michael Nebel
4d953da480
C#: Initial steps to allow generated as a part of the kind.
2022-04-05 08:55:11 +02:00
Michael Nebel
1f72f6c2cd
Merge pull request #8559 from michaelnebel/csharp/generateflowmodelsscript
...
C#: Generate Flow Models script
2022-04-05 08:43:22 +02:00
Harry Maclean
1df1f42589
Fail workflow if files cannot be uploaded
2022-04-05 14:16:42 +12:00
Harry Maclean
5739a3b4e8
Fix typo
2022-04-05 14:14:39 +12:00
Harry Maclean
342bb17fb6
Simplify shell script
2022-04-05 14:03:29 +12:00
Harry Maclean
de743418e2
Add more validations to workflow inputs
2022-04-05 13:36:34 +12:00
Harry Maclean
815c6f4113
Use env vars instead of contexts
2022-04-05 12:03:10 +12:00
Harry Maclean
8f3578c92a
Ruby: Include query results in test
2022-04-05 10:20:02 +12:00
Robert Marsh
a3072fcd83
Merge pull request #8664 from geoffw0/privdata3
...
C++: More enhancements to PrivateData.qll
2022-04-04 14:43:19 -04:00
ihsinme
73de757f39
Update DangerousUseOfExceptionBlocks.ql
2022-04-04 21:38:03 +03:00
Geoffrey White
04b8306f06
C++: Add some more patterns.
2022-04-04 16:57:00 +01:00
Geoffrey White
d2e7f22d1b
C++: Group all phone number related exprs together.
2022-04-04 16:48:03 +01:00
Geoffrey White
d42ee7d279
C++: Extend tests.
2022-04-04 16:46:56 +01:00
Michael Nebel
8c3be653c2
C#: Update test output.
2022-04-04 16:07:46 +02:00
Michael Nebel
3fe941aae2
C#: Add missing empty ext column in generated summaries.
2022-04-04 15:58:35 +02:00
Michael Nebel
c6fe54c41b
C#: Add script for running CaptureModel queries and generate qll source file.
2022-04-04 15:58:35 +02:00
Marcono1234
6dd14a6cb3
Java: Fix reflection predicate for getMethod having non-public method result
2022-04-04 15:10:49 +02:00
Tom Hvitved
415a1c2107
Java/C#: Update CaptureModels.qll
2022-04-04 13:51:44 +02:00
Tom Hvitved
57f2a74636
Python: Implement ContentSet
2022-04-04 13:51:44 +02:00
Tom Hvitved
7113c1b29c
C#: Implement ContentSet
2022-04-04 13:51:44 +02:00
Tom Hvitved
b91858e7cf
Java: Implement ContentSet
2022-04-04 13:51:44 +02:00
Tom Hvitved
d99bb65ea9
C++: Implement ContentSet
2022-04-04 13:51:44 +02:00
Tom Hvitved
725d76e934
Ruby: Implement ContentSet
2022-04-04 13:51:44 +02:00
Tom Hvitved
c4fbc618a9
Data flow: Sync files
2022-04-04 13:51:44 +02:00
Tom Hvitved
309fd937c1
Data flow: Introduce ContentSet
2022-04-04 13:51:43 +02:00
Tom Hvitved
a5040fd0ce
Ruby: Add data-flow test for reverse array stores
2022-04-04 13:51:43 +02:00
Asger F
de169277cb
Merge pull request #8576 from asgerf/js/decorated-method-or-class
...
JS: Add decorator edges in API graphs and corresponding MaD tokens
2022-04-04 12:49:28 +02:00
Jeroen Ketema
e91c04234e
C++: Update tests for copy constructor calls with implied source
2022-04-04 12:48:02 +02:00
Jeroen Ketema
e710cf7921
C++: Add tests for copy constructor direct initializations
2022-04-04 12:48:01 +02:00
Jeroen Ketema
82b1cd69d2
Merge pull request #8554 from jketema/bitwise-lambda-capture-init
...
C++: Handle bitwise copies in lambda captures
2022-04-04 12:23:05 +02:00
Michael Nebel
3466adaf8c
C#: Add kind tag to Capture model queries.
2022-04-04 11:00:58 +02:00
Michael Nebel
25881d673e
Merge pull request #8626 from michaelnebel/csharp/equalsgethashcodeoverrides
...
C#: Exclude Equals and GetHashCode overrides from model generation.
2022-04-04 09:40:31 +02:00
Harry Maclean
ee81bf2767
Use --paginate to get all comments
2022-04-04 10:21:26 +12:00
Harry Maclean
1cf2530feb
Use environment variable instead of GH context
2022-04-04 10:18:41 +12:00
Harry Maclean
c2b94e8d1d
Rename workflow to reflect its generic nature
...
This workflow can (pretty much) be used by any other workflow that wants
to post a PR comment.
2022-04-04 10:16:48 +12:00
Harry Maclean
e34911118f
Use gh api instead of third-party actions
...
Also move more steps to the unprivileged workflow.
2022-04-04 10:16:48 +12:00
Harry Maclean
9116dbd670
Update QHelp PR comment if it already exists
...
If we've already commented on a PR with a preview of the QHelp changes,
then update the existing comment instead of creating a new one.
2022-04-04 10:16:48 +12:00
Tom Hvitved
50dc3820c6
Merge pull request #8589 from hvitved/regex/speedup-concretise
2022-04-03 17:56:07 +02:00
ihsinme
61860c9ae9
Update DangerousUseOfExceptionBlocks.ql
2022-04-02 13:44:40 +03:00
Jeroen Ketema
e1fa58a6f2
C++: Update tests after generating reference conversion
2022-04-01 18:32:46 +02:00
Jeroen Ketema
1d51b618d1
C++: Update tests for handling op bitwise copy in lambda captures
2022-04-01 18:32:46 +02:00
Jeroen Ketema
dea510ac95
C++: Add change note for cpp/unused-local-variable changes
2022-04-01 18:32:46 +02:00
Jeroen Ketema
4f49f9d6e1
C++: Remove exception from cpp/unused-local-variable that is no longer needed
2022-04-01 18:32:46 +02:00
Jeroen Ketema
3fed59fd13
C++: Add more lambda capture IR tests
2022-04-01 18:32:45 +02:00
github-actions[bot]
6af568b16d
Post-release preparation for codeql-cli-2.8.5
2022-04-01 16:22:14 +00:00
github-actions[bot]
469af4c501
Post-release preparation for codeql-cli-2.8.5
2022-04-01 16:21:57 +00:00
Chris Smowton
3119885a9b
Merge pull request #8638 from smowton/smowton/docs/additional-flow-step-description
...
Improve wording of isAdditionalFlow/TaintStep qldoc
2022-04-01 16:41:04 +01:00
Paolo Tranquilli
a323cce03e
Merge pull request #8630 from redsun82/bazel-workspace
...
Bazel: add skeleton bazel workspace
2022-04-01 15:46:59 +02:00
Ian Lynagh
4551af90f6
Merge pull request #8640 from github/release-prep/2.8.5
...
Release preparation for version 2.8.5
2022-04-01 14:07:21 +01:00
Ian Lynagh
837d1fbe38
Merge pull request #712 from github/release-prep/2.8.5
...
Release preparation for version 2.8.5
2022-04-01 14:07:16 +01:00
Mathias Vorreiter Pedersen
002f7cd438
Merge pull request #8623 from geoffw0/privdata2
...
C++: Some enhancements to SensitiveExprs.qll
2022-04-01 13:49:44 +01:00
Chris Smowton
28fa49dcd6
dataflow -> data-flow
2022-04-01 13:22:58 +01:00
Rasmus Wriedt Larsen
ba011fb13f
Merge pull request #8601 from zbazztian/recognize-flask-named-body-param
...
Python: Flask: Identify body contents passed via named response parameter in invocations of Response constructor
2022-04-01 14:19:28 +02:00
Paolo Tranquilli
1cc7621300
Bazel: add to CODEOWNERS and move around doc note
2022-04-01 14:04:50 +02:00
Paolo Tranquilli
3772efd193
.gitignore bazel symlinks
2022-04-01 14:04:50 +02:00
Paolo Tranquilli
8a5e611453
Bazel: add skeleton bazel workspace
...
This moves in codeql some internal bazel definitions in preparation for
future work.
2022-04-01 14:04:50 +02:00
Sebastian Bauersfeld
504e7e4a55
Update python/ql/lib/change-notes/2022-03-30-flask-recognize-body-param.md
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-04-01 18:41:27 +07:00
Erik Krogh Kristensen
29a5bdb601
Merge pull request #7339 from erik-krogh/pyPerf
...
Python: Cache more predicates to improve performance.
2022-04-01 13:37:21 +02:00
Michael Nebel
81904cc993
C#: Refactor isIrrelevantOverrideOrImplementation to make it easier to extend it with more methods later.
2022-04-01 13:27:05 +02:00
Erik Krogh Kristensen
eae2a6af36
update expected output for Locations.ql
2022-04-01 12:58:00 +02:00
Erik Krogh Kristensen
ed7e1206ff
rename isBeforeCode to isCommentAfterCode
2022-04-01 12:55:00 +02:00
Tony Torralba
4cf0ebc5a8
Add change note
2022-04-01 12:43:27 +02:00
github-actions[bot]
ee746d20df
Release preparation for version 2.8.5
2022-04-01 10:39:31 +00:00
github-actions[bot]
950519c884
Release preparation for version 2.8.5
2022-04-01 10:39:24 +00:00
Tony Torralba
cc9b16beff
Fix wrong models of spring-web
2022-04-01 12:37:30 +02:00
Tony Torralba
3747aec144
Improve models of spring-beans
2022-04-01 12:37:22 +02:00
Chris Smowton
3b0bd3bc0f
Improve wording
2022-04-01 11:31:31 +01:00
Chris Smowton
314bd20eb2
Merge pull request #711 from rverme/patch-1
...
Address incorrectly referenced parameter in QLdoc
2022-04-01 11:22:57 +01:00
Chris Smowton
81e60eb145
Add change note
2022-04-01 11:20:03 +01:00
Chris Smowton
99026a6071
Improve wording of isAdditionalFlow/TaintStep qldoc
2022-04-01 11:07:27 +01:00
Michael Nebel
5cb2bd9245
C#: Exclude IEquatable Equals implementations.
2022-04-01 11:39:41 +02:00
Michael Nebel
02a0cbf0f4
C#: Add test cases.
2022-04-01 11:32:10 +02:00
Michael Nebel
99bbca8c31
C#: Exclude overrides of Equals and GetHashCode in model generation.
2022-04-01 11:32:10 +02:00
Michael Nebel
f480ab9fd2
Merge pull request #8629 from michaelnebel/csharp/capturemodelmetadata
...
C#: Improve query meta data.
2022-04-01 10:40:05 +02:00
Jeroen Ketema
f2beb9eb2b
Merge pull request #8622 from MathiasVP/fix-cpp-performance
...
C++: Fix bad magic and bad join
2022-04-01 09:51:16 +02:00
rverme
9b6dd60615
Address incorrectly reference parameter in QLdoc
...
The qldoc of the predicate `isParameterOf` mentions the parameter `fd` that does not exists and is possible replaced by `c`
2022-04-01 09:37:56 +02:00
Michael Nebel
c139850cd6
Merge pull request #8609 from michaelnebel/csharp/operatorsummaries
...
C#: Operator flow
2022-04-01 09:04:04 +02:00
Michael Nebel
01e57e90c9
C#: Fix query name for source model generation.
2022-04-01 08:54:35 +02:00
Harry Maclean
ae60d40511
Ruby: Fix typo in rb/insecure-dependency qhelp
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-04-01 15:35:53 +13:00
Harry Maclean
5814db19d5
Ruby: Fix bug in rb/insecure-dependency query
...
Only look at the first component of strings for the prefix.
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-04-01 15:35:21 +13:00
Harry Maclean
3d96c5e6db
Ruby: Add test case for rb/insecure-dependency
...
This tests that we recognise kwargs in hashrocket style:
gem "foo", "1.2.3", :git => "..."
as well as the modern style:
gem "foo", "1.2.3", git: "..."
2022-04-01 15:30:07 +13:00
Chris Smowton
9309a652df
Merge pull request #8493 from JLLeitschuh/feat/JLL/test_assertion_guard_preconditions
...
[Java]: Add precondition support for testing library asserts
2022-03-31 22:30:09 +01:00
Rasmus Wriedt Larsen
d2b03bb480
Python: Fix SimpleXmlRpcServer.ql
2022-03-31 20:37:28 +02:00
Rasmus Wriedt Larsen
4abab22066
Python: Promote XXE and XML-bomb queries
...
Need to write a change-note as well, but will do that tomorrow
2022-03-31 18:47:50 +02:00
Rasmus Wriedt Larsen
b8d3c5e96f
Python: Remove last bits of experimental XML modeling
2022-03-31 18:40:26 +02:00
Rasmus Wriedt Larsen
5083023aa8
Python: Move XML parsing PoC
...
Since the folder where it used to live is now empty otherwise :O
2022-03-31 18:37:47 +02:00
Alex Ford
8b0ebbfecc
Ruby: replace use of deprecated getStringOrSymbol()
2022-03-31 17:21:17 +01:00
Rasmus Wriedt Larsen
673220b231
Python: Minor cleanup of XmlParsingTest
2022-03-31 18:18:35 +02:00
Alex Ford
882f78c6f9
Merge remote-tracking branch 'origin/main' into ruby/weak-cryptographic-algorithm
2022-03-31 17:17:46 +01:00
Rasmus Wriedt Larsen
b4c0065aeb
Python: Extend FileSystemAccess for xml.sax and xml.dom.* parsing
2022-03-31 18:08:47 +02:00
Rasmus Wriedt Larsen
1d7cec60ae
Python: xml.sax.parse is not a method call
...
And it's not possible to provide a parser argument either
2022-03-31 17:50:23 +02:00
Rasmus Wriedt Larsen
e11269715d
Python: Promote xml.sax and xml.dom.* modeling
2022-03-31 17:44:00 +02:00
Rasmus Wriedt Larsen
05bb0ef976
Python: Align xml.etree.ElementTree modeling
...
I didn't find a good way to actually share the stuff, so we kinda just
have 2 things that look very similar :|
2022-03-31 17:24:16 +02:00
Rasmus Wriedt Larsen
70b3eecdd5
Python: Merge xml.etree.ElementTree models
...
I forgot about the existing ones when I promoted it
2022-03-31 17:13:11 +02:00
Alex Ford
2b66dfa93e
Ruby: replace a range field with instanceof
2022-03-31 15:39:11 +01:00
Chris Smowton
9bcf466aa8
Accept expected test result improvement
2022-03-31 15:19:08 +01:00
Stephan Brandauer
2cbb25acaa
another review fix
2022-03-31 16:04:04 +02:00
Erik Krogh Kristensen
06fdaacd82
just look at the field name in the "detect uses of the field in an inbetween class"-check
2022-03-31 15:30:56 +02:00
Erik Krogh Kristensen
fa651d2f60
remove the override restriction from ql/unused-field
2022-03-31 15:30:19 +02:00
Chris Smowton
2829770003
Autoformat and fix typo
2022-03-31 14:11:09 +01:00
Michael Nebel
2edd6d72c0
C#: Improve query meta data.
2022-03-31 14:56:23 +02:00
Anders Schack-Mulligen
f1ec2e3260
Merge pull request #8426 from atorralba/atorralba/missing-severities
...
Java: Add missing security-severity scores
2022-03-31 14:53:47 +02:00
Chris Smowton
fa8791f1d5
Merge pull request #8620 from jketema/doc-typo-fix
...
CLI docs: make the running text match the example
2022-03-31 12:36:51 +01:00
Anders Schack-Mulligen
8d9ce5fb4c
Merge pull request #8625 from aschackmull/java/qldoc-casing-fix
...
Java: Fix acronym casing in qldoc referring to Java class names.
2022-03-31 13:33:11 +02:00
Chris Smowton
04325abfa5
Add test
2022-03-31 12:26:38 +01:00
Chris Smowton
c2d461bcee
Format
2022-03-31 12:19:53 +01:00
Chris Smowton
0d9c353c37
Represent switch statement and switch expression results alike
2022-03-31 12:19:11 +01:00
Chris Smowton
96bf754f01
Accept intrigus suggested doc clarifications
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-03-31 12:09:45 +01:00
Tom Hvitved
46d69cf544
Regex: Further tweaks to concretise computations
2022-03-31 12:52:43 +02:00
Tom Hvitved
5181544790
Sync shared files
2022-03-31 12:52:42 +02:00
Tom Hvitved
5052452ef9
SuperlinearBackTracking: Speedup concretise
2022-03-31 12:52:42 +02:00
Tom Hvitved
7efe698e56
Address review comment
2022-03-31 12:52:42 +02:00
Tom Hvitved
0fb28f4bc9
Sync shared files
2022-03-31 12:52:42 +02:00
Tom Hvitved
20f4d5a584
ExponentialBackTracking: Speedup concretise
2022-03-31 12:52:42 +02:00
Tom Hvitved
9c90385846
Merge pull request #8624 from hvitved/ruby/fix-import
...
Ruby: Fix broken import
2022-03-31 12:51:50 +02:00
Anders Schack-Mulligen
f28da00ec4
Java: Fix qldoc as followup to https://github.com/github/codeql/pull/8323
2022-03-31 12:50:36 +02:00
Stephan Brandauer
8f1a3597a7
autoformat
2022-03-31 12:32:29 +02:00
Tom Hvitved
40986bfcb1
Ruby: Fix broken import
2022-03-31 12:32:03 +02:00
Geoffrey White
fbd71cd050
C++: Update to regexpMatch.
2022-03-31 11:27:20 +01:00
Rasmus Wriedt Larsen
db43d043c4
Python: Add test showing misalignment of xml.etree modeling
2022-03-31 11:55:46 +02:00
Rasmus Wriedt Larsen
543454eff2
Python: Model file access from XML parsing
2022-03-31 11:47:29 +02:00
Michael Nebel
27b1d1e1e0
Merge pull request #8348 from michaelnebel/csharp/externalapi-telemetry
...
C#: ExternalAPI implementation for Telemetry.
2022-03-31 11:36:07 +02:00
Mathias Vorreiter Pedersen
dc88f715f8
C++: Fix join order.
2022-03-31 10:35:36 +01:00
Mathias Vorreiter Pedersen
da39c9f5ef
C++: Fix bad magic.
2022-03-31 10:35:29 +01:00
Rasmus Wriedt Larsen
386ff53614
Python: Model lxml.iterparse
2022-03-31 11:32:22 +02:00
Geoffrey White
9035ca236e
C++: Change note.
2022-03-31 10:24:18 +01:00
Geoffrey White
b296b0150a
C++: Some enhancements to SensitiveExprs.qll as well, inspired by csharp.
2022-03-31 10:24:17 +01:00
Rasmus Wriedt Larsen
12cbdcde28
Python: Model lxml.etree.XMLID
2022-03-31 11:21:24 +02:00
Rasmus Wriedt Larsen
6774085e7a
Python: Add note about parseid/XMLID
2022-03-31 11:19:25 +02:00
Rasmus Wriedt Larsen
a315aa84b2
Python: Add some links in QLDocs
2022-03-31 11:16:50 +02:00
Geoffrey White
146318dbc1
Merge pull request #8580 from geoffw0/privdata
...
C++: Port PrivateData.qll from C# and use it in cpp/cleartext-transmission
2022-03-31 10:12:46 +01:00
Rasmus Wriedt Larsen
64aa503cc3
Python: Promote xml.etree modeling
2022-03-31 11:12:02 +02:00
Arthur Baars
15c54f6100
Merge pull request #8354 from aibaars/incomplete-url-string-sanitization
...
Incomplete url string sanitization
2022-03-31 10:59:51 +02:00
Stephan Brandauer
a6d2ecdc4d
review comments
2022-03-31 10:49:33 +02:00
Rasmus Wriedt Larsen
7f5f7679f8
Python: Promote xmltodict modeling
2022-03-31 10:28:34 +02:00
Rasmus Wriedt Larsen
80b5cde3a2
Python: Promote lxml parsing modeling
2022-03-31 10:19:08 +02:00
Jeroen Ketema
85e2367769
CLI docs: make the running text match the example
2022-03-31 10:14:30 +02:00
Rasmus Wriedt Larsen
3040adfd9b
Python: Handle XMLParser().close() for XPath
2022-03-31 10:08:26 +02:00
Rasmus Wriedt Larsen
c4473c5f65
Python: Rename lxml XPath tests
2022-03-31 10:08:02 +02:00
Arthur Baars
7e866ed376
Merge pull request #8617 from cklin/qldoc-coverage-new-language
...
QLdoc check: handle new languages gracefully
2022-03-31 10:00:36 +02:00
Rasmus Wriedt Larsen
1ea4bcc59f
Python: Make XMLParsing a Decoding subclass
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
35ccba2ec1
Python: Promote XMLParsing concept test
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
e45288e812
Python: => XMLParsingVulnerabilityKind
...
Since there are other XML vulnerabilities that are not about parsing,
this is more correct.
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
e005a5c0ab
Python: Promote XMLParsing concept
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
9caf4be21b
Python: Add PortSwigger link to Xxe.qhelp
...
I found this resource quite good myself at least :)
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
56b9c891d8
Python: Adjust XmlBomb.qhelp from JS
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
b00766b054
Python: Adjust XXE qhelp
...
and remove the old copy, we don't need it anymore :)
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
c365337867
Python: Delete XmlEntityInjection.ql
...
Kept the test of SimpleXmlRpcServer, and kept the qhelp so it can be
used to write the new qhelp files
2022-03-31 09:52:55 +02:00
Rasmus Wriedt Larsen
769f5691d0
Python: Add taint for StringIO and BytesIO
2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
57b9780428
Python: XXE: Add example of exfiltrating data through dtd-retrival
2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
a1d88e39a7
Python: Adjust XXE PoC for newer lxml versions
...
Which doesn't raise that syntax error (at least not on my laptop)
2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
91795b8577
Python: Add simple test of Xxe/XmlBomb
...
Note that most of the testing happens in the framework specific tests,
with an inline-expectation test
2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
e45f9d69cc
Python: Adjust Xxe/XmlBomb for Python
...
I changed a few QLdocs so they fit the style we have used in Python...
although I surely do regret having introduced a new style for how these
QLDocs look :D
2022-03-31 09:52:54 +02:00
Rasmus Wriedt Larsen
65907c9762
Python: Copy Xxe/XmlBomb queries from JS
...
After internal discussion, these will replace the `XmlEntityInjection`
query, so we can have separate severities on DoS and the other (more
serious) attacks.
Note: These clearly don't work, since they are verbatim copies of the JS
code, but I split it into multiple commits to clearly highlight what
changes were made.
2022-03-31 09:52:54 +02:00
Erik Krogh Kristensen
67e1ffdd3e
fix isKnownStepSrc such that it actually includes taint/dataflow-steps
2022-03-31 09:46:01 +02:00
Erik Krogh Kristensen
e038baed36
add .gitignore ignoring test dbs
2022-03-31 09:45:28 +02:00
Chuan-kai Lin
1ff0fda5d1
QLdoc check: handle new languages gracefully
2022-03-30 14:58:13 -07:00
Erik Krogh Kristensen
1218c4f4ed
fix ql/name-casing, and drive-by QL-for-QL typo fix
2022-03-30 22:59:14 +02:00
Erik Krogh Kristensen
1847a5713b
remove TODO
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
7ca6426ea5
revert the Taint stage, as it caused an alert for ql/abstract-class-import
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
7e4ab4c60b
Revert "import all the frameworks that extend RegexString"
...
This reverts commit 84bc9042de4e876685f8f5ffdd88893383d1cfdc.
It caused ql/abstract-class-import alerts
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
3b9335c051
nomagic on containsInScope
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
5caff81ff9
import all the frameworks that extend RegexString
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
b959705531
revert changes in MRO.qll
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
b74852ffd6
cache a bit more (again)
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
d9ced55e2c
make private predicates private
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
040196f40d
cache more basicblock predicates
2022-03-30 22:54:01 +02:00
Erik Krogh Kristensen
79713e0ef8
a bit more caching
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
7643aac207
revert bad nomagic
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
35c7fa58a7
joiner order fixes
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
88e896992e
cache the remainder of the pointsto layer
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
79da0970cc
various join order fixes
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
3e9ee887d4
fix bad mistake
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
758a5d7a85
few join order fixes
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
6eca4ba2d3
get around identical files by adding the ref() call somewhere else
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
4089788629
revert caching of some large predicates that caused the DB size to increase too much
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
0da80f90d3
rename the SSA stages to AST
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
c9e3a62953
cached stages iteration 5
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
a8f9a91e38
cached stages iteration 4
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
f68357a063
cached stages iteration 3.5
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
37a9b41e26
cached stages iteration 3
2022-03-30 22:54:00 +02:00
Erik Krogh Kristensen
60b5af215f
cached stages iteration 2
2022-03-30 22:53:59 +02:00
Erik Krogh Kristensen
71eacea90b
add the cached stages pattern to Python
2022-03-30 22:53:59 +02:00
Chuan-kai Lin
48015e5a2e
Merge pull request #8597 from cklin/run-js-ml-tests
...
JS: Fix expected test output for ATM queries
2022-03-30 13:10:02 -07:00
Chuan-kai Lin
a8dabb238d
JS: Fix expected test output for ATM queries
2022-03-30 11:35:17 -07:00
Robert Marsh
3ce7c521d1
C++: fix IR global var init for string constants
2022-03-30 14:01:59 -04:00
Robert Marsh
e01799827a
C++: add test for string global var inits in IR
2022-03-30 13:38:25 -04:00
Robert Marsh
fb0a848e5a
C++: fix inconsistency with global var constructor
2022-03-30 13:32:02 -04:00
Robert Marsh
9d4aac61fd
C++: add IR tests for global var with constructor
2022-03-30 13:20:26 -04:00
Chris Smowton
19cd97e426
Java: Clarify the meaning of getRuleExpression/Statement
2022-03-30 17:58:11 +01:00
Ian Lynagh
46c27dd20f
Merge pull request #8514 from github/post-release-prep/codeql-cli-2.8.4
...
Post-release preparation for codeql-cli-2.8.4
2022-03-30 16:36:14 +01:00
Ian Lynagh
e9acb4f8e8
Merge pull request #706 from github/post-release-prep/codeql-cli-2.8.4
...
Post-release preparation for codeql-cli-2.8.4
2022-03-30 16:35:29 +01:00
Nick Rolfe
fa1bb82701
Merge pull request #8610 from github/nickrolfe/re-fix-location-join-order
...
Ruby: undo accidental revert of #8538
2022-03-30 16:31:52 +01:00
Nick Rolfe
10b75bff76
Ruby: undo accidental revert of 13be9919
2022-03-30 16:02:12 +01:00
Chris Smowton
9675f34cf5
Merge pull request #8257 from luchua-bc/java/insecure-webview-resource-response
...
Java: CWE-200 Query to detect insecure WebResourceResponse implementation
2022-03-30 15:56:27 +01:00
Arthur Baars
031d183bdf
Merge pull request #8532 from aibaars/regex-refactor-2
...
JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll
2022-03-30 16:38:47 +02:00
Robert Marsh
417b0b5353
C++: accept test changes for updated extractor
2022-03-30 10:23:17 -04:00
Owen Mansel-Chan
79e6f7876b
Merge pull request #710 from owen-mc/delete-consistency
...
Delete unused file DataFlowImplConsistency
2022-03-30 15:15:55 +01:00
Michael Nebel
8238c99199
C#: Only include APIs that has a proper namespace.
2022-03-30 15:22:32 +02:00
Michael Nebel
5c13391580
C#: Add test cases for operators.
2022-03-30 15:09:44 +02:00
Michael Nebel
04960fc0c6
C#: Filter out explicit and implicit conversion operators, when creating summaries.
2022-03-30 15:09:26 +02:00
Michael Nebel
8b08ddf7ad
C#: Use callables qualified name instead of name, when printing summary like information.
2022-03-30 15:05:57 +02:00
Michael Nebel
4163078ecc
C#: The qualified name of the operator should use the function name instead of the displayed name.
2022-03-30 15:05:03 +02:00
Tom Hvitved
3c50987b9b
Merge pull request #8590 from hvitved/ruby/rc-perf-picks
...
Ruby: Cherry pick performance fixes onto `rc/3.5`
2022-03-30 14:48:33 +02:00
Sebastian Bauersfeld
a3c3a7fe0d
Python: Identify alternative body argument in invocations of Response constructor.
2022-03-30 19:34:54 +07:00
Dave Bartolomeo
70c44734e6
Merge pull request #8445 from dbartol/dbartol/ir-range/semantic-scratch
...
Sign, Modulus, and Range analysis for C++ using sharable semantic layer
2022-03-30 07:08:09 -04:00
Dave Bartolomeo
e2396a5e03
Remove PrintIR tests for range analysis
...
These were only used for debugging, and don't actually make good tests.
2022-03-30 06:45:28 -04:00
Dave Bartolomeo
19789fa738
Merge remote-tracking branch 'upstream/main' into semantic-scratch
2022-03-30 06:39:14 -04:00
Nick Rolfe
a274af2b16
Merge pull request #7985 from github/nickrolfe/constant_regexp
...
Ruby: separate constant propagation of regexps from strings
2022-03-30 11:37:33 +01:00
Owen Mansel-Chan
8a3a58ca76
Delete unused file DataFlowImplConsistency
2022-03-30 11:03:46 +01:00
ihsinme
b95094235c
Apply suggestions from code review
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-03-30 10:51:38 +03:00
4B5F5F4B
9ab773422a
refactor some code, and add access_ok cases
2022-03-30 12:25:32 +08:00
Harry Maclean
167bda2d4e
Ruby: Add QLDoc for InsecureDependencyQuery.qll
2022-03-30 13:50:12 +13:00
Harry Maclean
d13bbbaf35
Ruby: Add change note for rb/insecure-dependency
2022-03-30 13:39:35 +13:00
Harry Maclean
37cedda63a
Ruby: Add InsecureDependencyResolution query
...
This query looks for places in a Gemfile where URLs with insecure
protocols (HTTP or FTP) are specified.
2022-03-30 13:39:15 +13:00
Marcono1234
a93b4ed0f2
Java: Make JumpStmt a proper superclass
2022-03-30 00:30:27 +02:00
Erik Krogh Kristensen
48ef3b106f
fix mistake in inlining
2022-03-29 23:39:22 +02:00
Erik Krogh Kristensen
090c5c39f6
add explicit this
2022-03-29 22:44:03 +02:00
Erik Krogh Kristensen
cebba05b8b
rename getAClassReferenceStep to getAClassReferenceRec
2022-03-29 22:44:03 +02:00
Erik Krogh Kristensen
be6c122b27
improve the join order of getAClassReference
2022-03-29 22:44:02 +02:00
Erik Krogh Kristensen
979fa2386a
autoformat
2022-03-29 22:38:23 +02:00
Robert Marsh
9442be1a27
Autoformat
2022-03-29 16:23:57 -04:00
Porcupiney Hairs
92033047a5
Python : Add query to detect PAM authorization bypass
...
Using only a call to `pam_authenticate` to check the validity of a login can
lead to authorization bypass vulnerabilities. A `pam_authenticate` only
verifies the credentials of a user. It does not check if a user has an
appropriate authorization to actually login. This means a user with a
expired login or a password can still access the system.
This PR includes a qhelp describing the issue, a query which detects instances where a call to
`pam_acc_mgmt` does not follow a call to `pam_authenticate` and it's
corresponding tests.
This PR has multiple detections. Some of the public one I can find are :
* [CVE-2022-0860](https://nvd.nist.gov/vuln/detail/CVE-2022-0860 ) found
in [cobbler/cobbler](https://www.github.com/cobbler/cobbler )
* [fredhutch/motuz](https://www.huntr.dev/bounties/d46f91ca-b8ef-4b67-a79a-2420c4c6d52b/ )
2022-03-30 00:47:58 +05:30
Robert Marsh
8d21c8b7c5
Merge pull request #8423 from 4B5F5F4B/main
...
[CPP][Linux Kernel]Add ql to detect CVE-2017-5123
2022-03-29 15:10:15 -04:00
luchua-bc
fa2a6a7da3
Remove unnecessary taint step and update qldoc
2022-03-29 17:52:49 +00:00
Jeroen Ketema
e5ac492b62
Merge pull request #8593 from jketema/pointless-options
...
C++: Remove debugging options from library tests
2022-03-29 17:55:47 +02:00
Jeroen Ketema
d1857a9e37
C++: Remove debugging options from library tests
2022-03-29 17:24:18 +02:00
Geoffrey White
e04298d532
C++: Delete experimental PrivateData.qll.
2022-03-29 15:26:46 +01:00
Asger Feldthaus
8bb58a3222
Merge branch 'js/decorated-method-or-class' of github.com:asgerf/codeql into js/decorated-method-or-class
2022-03-29 16:13:54 +02:00
Asger Feldthaus
75a84378ac
JS: Do not generate def-nodes for decorated parameters
2022-03-29 16:13:45 +02:00
Asger Feldthaus
ca145f21b0
JS: Add test showing why parameter-sinks wont actually work well in JS
2022-03-29 16:06:53 +02:00
Geoffrey White
cf5c6baadd
C++: More test cases for salary.
2022-03-29 15:05:27 +01:00
Asger Feldthaus
3bcfca421f
JS: Add test case for decorated parameter sinks
2022-03-29 15:55:43 +02:00
Geoffrey White
0e3e145e53
C++: Add CWE-359 tag to cpp/cleartext-transmission.
2022-03-29 14:44:06 +01:00
Asger F
6e630cccc2
Apply suggestions from code review
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-03-29 15:41:20 +02:00
Michael Nebel
db7abb429f
C#: Remove unneeded exists.
2022-03-29 14:59:32 +02:00
Michael Nebel
6be41b0c29
C#/Java: Address review comments.
2022-03-29 14:52:57 +02:00
Michael Nebel
b0a24a7a44
C#: Change the implementation on getAnInput and getAnOutput based on hvitveds recommendations.
2022-03-29 14:52:57 +02:00
Michael Nebel
c2196a04aa
C#: Update the description of the telemetry queries.
2022-03-29 14:52:57 +02:00
Michael Nebel
bfb206c810
C#: Let ExternalApi extend DataFlowCallable instead of Callable.
2022-03-29 14:52:57 +02:00
Michael Nebel
e1d4c1b68c
C#/Java: Reorder code in terms of dependency, rename ExternalAPI to ExternalApi and add some missing predicate qualifiers.
2022-03-29 14:52:52 +02:00
Michael Nebel
4f00666591
C#: Add query and test case for supported external taint.
2022-03-29 14:49:37 +02:00
Michael Nebel
03c1bf6d87
C#: Mark Xunit as uninteresting.
2022-03-29 14:49:37 +02:00
Michael Nebel
18b1b51d07
C#: Add test for known sources telemetry query.
2022-03-29 14:49:37 +02:00
Michael Nebel
1f1059bfc6
C#: Add telemetry query for supported sources.
2022-03-29 14:49:37 +02:00
Michael Nebel
a7ece69f2b
C#: Add test for supported sinks query.
2022-03-29 14:49:37 +02:00
Michael Nebel
d81e73f9c6
C#: Add telemetry query for supported sinks.
2022-03-29 14:49:37 +02:00
Michael Nebel
e4f6321851
C#: Add test for unsupported uses of library code.
2022-03-29 14:49:37 +02:00
Michael Nebel
e014cae7df
C#: Add test and output for all library usages.
2022-03-29 14:49:37 +02:00
Michael Nebel
7cef859253
C#: Add sample code file that calls both supported and unsupported library code with respect to flow summaries.
2022-03-29 14:49:37 +02:00
Michael Nebel
918a6c7425
C#: Telemetry query for measuring (unsupport dataflow) library usage.
2022-03-29 14:49:37 +02:00
Michael Nebel
c023808657
C#: Telemetry query for measuring all library usage.
2022-03-29 14:49:37 +02:00
Michael Nebel
0650c6d395
C#: Add initial port of the java implementation of ExternalAPI.qll.
2022-03-29 14:49:37 +02:00
Michael Nebel
e9070b010b
C#: Add getCall predicate to ArgumentNode.
2022-03-29 14:49:37 +02:00
Michael Nebel
c552ab4138
Java: Remove duplicate import statement in ExternalAPI.qll.
2022-03-29 14:49:37 +02:00
Michael Nebel
c3ac5aba57
Merge pull request #8482 from michaelnebel/csharp/capturesourcesink-models
...
C#: Capture[Source|Sink]Models utility.
2022-03-29 14:43:10 +02:00
yoff
3416f074e8
Update python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql
...
Explain why `TestScope` is not used.
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-03-29 13:59:04 +02:00
Dave Bartolomeo
c9f79047b3
Improve QLDoc
2022-03-29 07:27:45 -04:00
Dave Bartolomeo
01c747ccb7
Remove debugging code
2022-03-29 07:14:51 -04:00
Dave Bartolomeo
820beed085
Remove Java portion (moved to separate PR)
2022-03-29 07:09:33 -04:00
Tony Torralba
e564481e9f
Organize imports
2022-03-29 11:38:24 +02:00
Asger F
68575f3655
Merge pull request #8579 from asgerf/js/literal-csv-rows
...
JS: write all CSV rows as literals
2022-03-29 11:13:19 +02:00
Michael Nebel
8e60073d5a
Java: Remove dataflow imports for java.qll.
2022-03-29 11:07:58 +02:00
Michael Nebel
f734edf8ff
C#/Java: Minor refactor and re-arranging of code to align the CaptureModel specific implementations.
2022-03-29 11:07:58 +02:00
Michael Nebel
dd267b353a
C#: Move isRelevantMemberAccess out of PropagateToSinkConfigurationSpecific.
2022-03-29 11:07:58 +02:00
Michael Nebel
3933dfa78e
Java: Make imports private and add parts of the dataflow library to java.qll (same as in C#).
2022-03-29 11:07:58 +02:00
Michael Nebel
ad90c55bc6
C#: Improve encapsulation in CaptureModelsSpecific.
2022-03-29 11:07:57 +02:00
Michael Nebel
26d5eb64b3
C#/Java: Initial merge ModelGeneratorUtils into CaptureModels.
2022-03-29 11:07:57 +02:00
Michael Nebel
9b7691a5fc
C#/Java: Address comments on re-exposing functionality.
2022-03-29 11:07:57 +02:00
Michael Nebel
1710b66003
C#/Java: Some minor variable name changes and QL Doc updates.
2022-03-29 11:07:57 +02:00
Michael Nebel
4298024cd6
C#: Refactor isRelevantForModels.
2022-03-29 11:07:57 +02:00
Michael Nebel
5970fd9904
C#: Also include property reads in possible new sink discovery. Only include public fields and properties.
2022-03-29 11:07:57 +02:00
Michael Nebel
8a65efbae4
C#/Java: Add isRelevantSinkKind predicate with language specific implementation.
2022-03-29 11:07:57 +02:00
Michael Nebel
0009d781d7
Java: Make most imports private.
2022-03-29 11:07:57 +02:00
Michael Nebel
1c7d764d54
C#: Make most module imports private.
2022-03-29 11:07:57 +02:00
Michael Nebel
ad27a5a1a6
C#/Java: Add some more QL Doc to the CaptureModels[Specific] implementation.
2022-03-29 11:07:57 +02:00
Michael Nebel
62dcbff67f
C#: Update sync files config.
2022-03-29 11:07:57 +02:00
Michael Nebel
5d62c48890
C#/Java: Move libraries to internal folder as these are for internal use only.
2022-03-29 11:07:57 +02:00
Michael Nebel
3d2ce57c9e
Java: Collapse all the specific code for summary, source and sink models into a single file.
2022-03-29 11:07:57 +02:00
Michael Nebel
43c9f9d7bb
C#: Collapse all the specific code for summary, source and sink models into a single file.
2022-03-29 11:07:57 +02:00
Michael Nebel
852d8a2770
Java: Collapse all the shared code for summary, source and sink models into a single file.
2022-03-29 11:07:57 +02:00
Michael Nebel
4f2227f206
C#: Collapse all the shared code for summary, source and sink models into a single file.
2022-03-29 11:07:57 +02:00
Michael Nebel
79fd2e6a40
C#/Java: Make configurations private and sprinkle some QL Doc.
2022-03-29 11:07:57 +02:00
Michael Nebel
6194d5cf63
C#: Add test for CaptureSinkModel query.
2022-03-29 11:07:57 +02:00
Michael Nebel
5babb0e66a
C#: Update stubs to include one more known sink method.
2022-03-29 11:07:57 +02:00
Michael Nebel
858508fa33
C#: Make sure that language independent parts of CaptureSinkModels is in sync.
2022-03-29 11:07:57 +02:00
Michael Nebel
db21a6a0f3
C#: Add CaptureSummaryModels query.
2022-03-29 11:07:57 +02:00
Michael Nebel
fb2a7dfb48
Java: Refactor CaptureSinkModels into language specific and generic part.
2022-03-29 11:07:57 +02:00
Michael Nebel
cc5fbbb7c5
Java: Minor cleanup in CaptureSinkModels.
2022-03-29 11:07:56 +02:00
Michael Nebel
cc4e26466f
C#: Add test case for CaptureSummaryModels query.
2022-03-29 11:07:56 +02:00
Michael Nebel
b4efd0e154
C#: Make sure that the shared CaptureSummaryModel is in sync.
2022-03-29 11:07:56 +02:00
Michael Nebel
4ae5dc323f
C#: Add CaptureSourceModel query.
2022-03-29 11:07:56 +02:00
Michael Nebel
45234b1631
Java: Refactor CaptureSourceModel to enable re-use.
2022-03-29 11:07:56 +02:00
Michael Nebel
f00837578b
Java: isPublic and fromSource check as this is already ensured by the TargetApi characteristic predicate.
2022-03-29 11:07:56 +02:00
Michael Nebel
f42ed1e3ad
Java: Cleanup imports in CaptureSourceModels.
2022-03-29 11:07:56 +02:00
Geoffrey White
b94ade3bdd
C++: Improve the regexps.
2022-03-29 10:03:58 +01:00
Erik Krogh Kristensen
ae3b32409a
update expected output of tests that relied on API::Node::toString()
2022-03-29 10:59:08 +02:00
Geoffrey White
393819837c
C++: Convert to regexp.
2022-03-29 09:33:16 +01:00
Tom Hvitved
f429dafb09
Address review comments
2022-03-29 10:23:59 +02:00
Tom Hvitved
15ef8c1d8f
Ruby: Cache ConstantReadAccess::getValue
2022-03-29 10:23:54 +02:00
Tom Hvitved
fe50c2879e
Ruby: Rework getConstantValue implementation
2022-03-29 10:23:49 +02:00
Tom Hvitved
ec82fb1221
Ruby: Fix bad join-order in RegExpTerm::hasLocationInfo
...
Before:
```
[2022-03-23 14:50:16] (776s) Tuple counts for RegExpTreeView::RegExpTerm::hasLocationInfo#dispred#f0820431#ffffff/6@5f6cf7if after 1m4s:
707103 ~7% {2} r1 = SCAN Literal::StringlikeLiteral::getNumberOfComponents#dispred#f0820431#ff OUTPUT In.0, (In.1 - 1)
64721 ~0% {5} r2 = JOIN r1 WITH RegExpTreeView::RegExpTerm#7783c185#ffff_1023#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1 'this', Rhs.2, Rhs.3
64721 ~0% {5} r3 = JOIN r2 WITH Literal::StringlikeLiteral::getComponent#dispred#f0820431#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.0, Lhs.2 'this', Lhs.3, Lhs.4
64721 ~0% {5} r4 = JOIN r3 WITH AST::AstNode::getLocation#dispred#f0820431#bf ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 'this', Lhs.3, Lhs.4
64721 ~3% {6} r5 = JOIN r4 WITH Locations::Location::hasLocationInfo#dispred#f0820431#ffffff ON FIRST 1 OUTPUT Rhs.1 'filepath', Lhs.1, Lhs.2 'this', Lhs.3, Lhs.4, Rhs.4 'endline'
353247577 ~1% {10} r6 = JOIN r5 WITH Locations::Location::hasLocationInfo#dispred#f0820431#ffffff_1023#join_rhs ON FIRST 1 OUTPUT Lhs.1, 0, Lhs.2 'this', Lhs.3, Lhs.4, Lhs.0 'filepath', Lhs.5 'endline', Rhs.1, Rhs.2 'startline', Rhs.3
353247577 ~0% {9} r7 = JOIN r6 WITH Literal::StringlikeLiteral::getComponent#dispred#f0820431#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.7, Lhs.2 'this', Lhs.3, Lhs.4, Lhs.5 'filepath', Lhs.6 'endline', Lhs.8 'startline', Lhs.9
64721 ~2% {6} r8 = JOIN r7 WITH AST::AstNode::getLocation#dispred#f0820431#bf ON FIRST 2 OUTPUT Lhs.2 'this', Lhs.5 'filepath', Lhs.7 'startline', (Lhs.8 + Lhs.3), Lhs.6 'endline', ((Lhs.8 + Lhs.4) - 1)
return r8
```
After:
```
[2022-03-23 14:58:35] (247s) Tuple counts for RegExpTreeView::RegExpTerm::componentHasLocationInfo#f0820431#fbfffff/7@de55ac7l after 1.1s:
12956 ~0% {3} r1 = SCAN files OUTPUT In.0, 0, In.1 'filepath'
9850785 ~0% {7} r2 = JOIN r1 WITH locations_default_102345#join_rhs ON FIRST 1 OUTPUT Rhs.1, 0, Lhs.2 'filepath', Rhs.2 'startline', Rhs.3 'startcolumn', Rhs.4 'endline', Rhs.5 'endcolumn'
823486 ~0% {8} r3 = JOIN r2 WITH AST::AstNode::getLocation#dispred#f0820431#bf_10#join_rhs ON FIRST 1 OUTPUT 0, Rhs.1, 0, Lhs.2 'filepath', Lhs.3 'startline', Lhs.4 'startcolumn', Lhs.5 'endline', Lhs.6 'endcolumn'
698251 ~4% {7} r4 = JOIN r3 WITH Literal::StringlikeLiteral::getComponent#dispred#f0820431#fff_120#join_rhs ON FIRST 2 OUTPUT Rhs.2, 0, Lhs.3 'filepath', Lhs.4 'startline', Lhs.5 'startcolumn', Lhs.6 'endline', Lhs.7 'endcolumn'
64721 ~1% {7} r5 = JOIN r4 WITH RegExpTreeView::RegExpTerm#7783c185#ffff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'this', 0, Lhs.2 'filepath', Lhs.3 'startline', Lhs.4 'startcolumn', Lhs.5 'endline', Lhs.6 'endcolumn'
return r5
[2022-03-23 14:58:35] (247s) Tuple counts for RegExpTreeView::RegExpTerm::hasLocationInfo#dispred#f0820431#ffffff/6@ad66b12q after 53ms:
707103 ~7% {2} r1 = SCAN Literal::StringlikeLiteral::getNumberOfComponents#dispred#f0820431#ff OUTPUT In.0, (In.1 - 1)
64721 ~0% {4} r2 = JOIN r1 WITH RegExpTreeView::RegExpTerm#7783c185#ffff_1023#join_rhs ON FIRST 1 OUTPUT Rhs.1 'this', Lhs.1, Rhs.2, Rhs.3
64721 ~5% {5} r3 = JOIN r2 WITH project#RegExpTreeView::RegExpTerm::componentHasLocationInfo#f0820431#bffffff ON FIRST 2 OUTPUT Lhs.0 'this', Rhs.2 'filepath', Lhs.2, Lhs.3, Rhs.3 'endline'
64721 ~2% {6} r4 = JOIN r3 WITH project#RegExpTreeView::RegExpTerm::componentHasLocationInfo#f0820431#fbfffff ON FIRST 2 OUTPUT Lhs.0 'this', Lhs.1 'filepath', Rhs.2 'startline', (Rhs.3 + Lhs.2), Lhs.4 'endline', ((Rhs.3 + Lhs.3) - 1)
return r4
```
2022-03-29 10:23:32 +02:00
Tony Torralba
6799838ece
Simplification
2022-03-29 09:43:37 +02:00
4B5F5F4B
9358b824c0
modify select clause to make codeql happy:)
2022-03-29 10:41:12 +08:00
luchua-bc
833d842113
Drop the getPath check from the library
2022-03-28 20:14:40 +00:00
Robert Marsh
3c1ec5a595
Merge branch 'main' into rdmarsh2/ir-global-vars
2022-03-28 16:06:17 -04:00
luchua-bc
657f615703
Fine tune the query and update qldoc
2022-03-28 20:05:12 +00:00
Robert Marsh
af6a4f31e7
C++: TranslatedInstructionContainer to RootElement
2022-03-28 15:20:48 -04:00
Robert Marsh
5811d0b2ad
C++: add AliasedDefinition to IR global var inits
2022-03-28 14:53:43 -04:00
Stephan Brandauer
9c3fcb6268
precise tracking of handlebars arguments
2022-03-28 17:26:43 +02:00
Asger Feldthaus
cf596a1856
JS: Add decorator edges in API graphs and corresponding MaD tokens
2022-03-28 15:34:40 +02:00
Erik Krogh Kristensen
20599d1846
Merge branch 'main' of github.com:github/codeql into labelNaming
2022-03-28 15:30:33 +02:00
Asger Feldthaus
e152416317
JS: write all CSV rows as literals
2022-03-28 15:30:18 +02:00
Asger F
e5f2b830f3
Merge pull request #8577 from asgerf/fix-mad-warning
...
JS/Ruby: Fix regexp in MaD checking
2022-03-28 15:29:16 +02:00
Asger F
f22df765ed
Merge pull request #8533 from asgerf/mad-receiver-token
...
JS/Ruby: Represent non-positional arguments with Argument/Parameter tokens
2022-03-28 15:28:52 +02:00
Geoffrey White
611b820cbc
C++: Change notes.
2022-03-28 14:27:21 +01:00
Erik Krogh Kristensen
e79eecb640
update toString() of API::Node, and update expected output that depends on the former
2022-03-28 15:23:45 +02:00
Nick Rolfe
9406aa2f29
Merge remote-tracking branch 'origin/main' into nickrolfe/constant_regexp
2022-03-28 13:05:34 +01:00
Asger Feldthaus
0b30ecf36a
Ruby: add select clause back to Summaries.ql
2022-03-28 13:57:50 +02:00
Erik Krogh Kristensen
36db492aa2
move the polynomialbacktracking-test to the test folder
2022-03-28 13:22:26 +02:00
Erik Krogh Kristensen
c5fb19c377
update the JS API-graph labels toString() to print the predicate calls on the API-graphs
2022-03-28 13:19:16 +02:00
Arthur Baars
85c4daa2bf
Address comments
2022-03-28 13:15:32 +02:00
Asger Feldthaus
d5bcd14733
Sync ApiGraphModels.qll
2022-03-28 12:43:55 +02:00
Asger Feldthaus
7e6206ed36
JS: Fix the regexp for valid MaD token arguments
2022-03-28 12:43:43 +02:00
Arthur Baars
2ae5e8158e
Python: import RegExpTreeView correctly
2022-03-28 12:41:32 +02:00
Nick Rolfe
a9eac19dac
Ruby: address review feedback
2022-03-28 11:19:24 +01:00
Arthur Baars
b103679d8a
JS/Ruby/Python: rename RegExpTreeView.qll to ReDoSUtilSpecific.qll
2022-03-28 12:17:26 +02:00
Arthur Baars
af1d949d06
Merge pull request #8489 from aibaars/regex-refactor
...
Ruby: refactor regex libraries
2022-03-28 12:17:00 +02:00
Geoffrey White
18f80eb3e3
C++: Loosen a few constraints slightly.
2022-03-28 11:16:57 +01:00
Geoffrey White
850646b8ba
C++: Deprecate the experimental version, forward to the new one.
2022-03-28 11:16:56 +01:00
Geoffrey White
3fed7bf6d0
C++: Extend cpp/cleartext-transmission using PrivateData.qll.
2022-03-28 11:16:56 +01:00
Geoffrey White
202b6d44a5
C++: Update SensitiveExprs.qll to clarify the relationship.
2022-03-28 10:54:56 +01:00
Geoffrey White
0453c0f0a1
C++: Convert to C++ and make it look more like SensitiveExprs.qll.
2022-03-28 10:54:55 +01:00
Geoffrey White
ec98269a24
C++: Copy PrivateData.qll from csharp.
2022-03-28 10:54:54 +01:00
Geoffrey White
bb272003b4
C++: More test cases.
2022-03-28 10:54:54 +01:00
Erik Krogh Kristensen
c98d024c0e
Merge pull request #8575 from erik-krogh/qlFixTypo
...
QL: fix Import::getImportString
2022-03-28 11:41:59 +02:00
Arthur Baars
accdd9499a
Ruby: drop unused predicates that do not exist in Python variant
2022-03-28 11:32:52 +02:00
Erik Krogh Kristensen
7ac6f5849c
fix Import::getImportString
2022-03-28 11:04:18 +02:00
Ahmed Farid
53f756b078
Update ZipSlip.expected
2022-03-28 08:54:44 +00:00
Mathias Vorreiter Pedersen
57c39e9642
Merge pull request #8574 from erik-krogh/qlForQlFixes
...
QL: two small improvements
2022-03-28 09:26:43 +01:00
Erik Krogh Kristensen
77aff04429
add a getImportString utility predicate to Import
2022-03-28 10:14:27 +02:00
Erik Krogh Kristensen
d4c8f42336
add QLDoc to the child relation for TopLevel
2022-03-28 09:54:08 +02:00
yoff
5efc19c39d
Merge pull request #7806 from erik-krogh/pyDef
...
Python: Add def nodes to API graphs
2022-03-28 08:09:14 +02:00
Rasmus Lerchedahl Petersen
d39410aa2d
python: backport review comment to Ruby
2022-03-28 07:35:14 +02:00
Rasmus Lerchedahl Petersen
774c811e97
python: move CSRF concepts inside HTTP::Server
2022-03-28 07:35:13 +02:00
Ahmed Farid
d89ed8b98b
Update zipslip_bad.py
2022-03-28 01:40:08 +00:00
Ahmed Farid
a50f051cdd
Update zipslip_bad.py
2022-03-28 01:38:58 +00:00
Ahmed Farid
cafbd98454
Update zipslip_bad.py
2022-03-28 01:08:39 +00:00
Ahmed Farid
f364e41dbe
Update ZipSlip.expected
2022-03-28 01:02:38 +00:00
Ahmed Farid
a8c14ed6c3
Update zipslip_bad.py
2022-03-28 01:00:38 +00:00
Ahmed Farid
ddba3b7784
Update ZipSlip.qll
2022-03-28 00:59:56 +00:00
Ahmed Farid
0fac4f195d
Update Concepts.qll
2022-03-28 00:47:27 +00:00
Ahmed Farid
413f1945ce
Update Zip.qll
2022-03-28 00:44:56 +00:00
Marcono1234
f19ade3446
Java: Add StmtExpr
2022-03-27 01:42:34 +01:00
4B5F5F4B
2d7b9c0c4f
modify a little cute typo
2022-03-26 22:55:27 +08:00
4B5F5F4B
7a091f808b
Create NoCheckBeforeUnsafePutUser.ql
2022-03-26 22:45:03 +08:00
4B5F5F4B
64863d493b
Delete cve-2017-5123.ql
2022-03-26 22:42:59 +08:00
Edoardo Pirovano
8faabb837a
Merge pull request #8561 from erik-krogh/latestTools
...
QL: use latest tools in codeql-action/init
2022-03-25 15:12:58 -04:00
Erik Krogh Kristensen
21192b7593
use latest tools in codeql-action/init
2022-03-25 19:26:10 +01:00
Andrew Eisenberg
5fb84a774b
Merge pull request #8553 from github/aeisenberg/cpp-suites
...
Suites: Remove self-referential `from` directives
2022-03-25 09:15:53 -07:00
Michael Nebel
79f3da8af1
Merge pull request #8506 from michaelnebel/java/generalize-generate-flow-model
...
Java/C#: Generalize script for generating flow models.
2022-03-25 16:20:53 +01:00
Geoffrey White
2014599f88
Merge pull request #8318 from geoffw0/cwe497b
...
C++: New query cpp/potential-system-data-exposure
2022-03-25 14:55:00 +00:00
Taus
b75ac4e827
Merge pull request #8540 from tausbn/python-add-points-to-call-graph-meta-query
...
Python: Add call graph meta-query
2022-03-25 15:36:33 +01:00
Erik Krogh Kristensen
9e71d9bada
Merge pull request #8556 from erik-krogh/bumpAction
...
QL: update codeql-action version in QL-for-QL
2022-03-25 14:46:31 +01:00
Erik Krogh Kristensen
68c07fe1c0
pin the commit of codeql-action in the remaining steps/workflows
2022-03-25 14:35:44 +01:00
Erik Krogh Kristensen
8f377f4101
pin the commit
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-03-25 14:19:29 +01:00
Erik Krogh Kristensen
cf57eb825c
update codeql-action version in QL-for-QL
2022-03-25 13:37:27 +01:00
Taus
d56caa2398
Merge pull request #8547 from RasmusWL/regexstring-imports
...
Python: Import framework-modeling in `regex.qll`
2022-03-25 13:26:04 +01:00
Geoffrey White
9f3fd57534
Merge branch 'main' into cwe497b
2022-03-25 11:57:30 +00:00
Mathias Vorreiter Pedersen
c115c68247
Merge pull request #8542 from MathiasVP/public-iterated-dominance-frontier
...
C++: Use `iterated (post)dominance frontier` algorithm in `IRBlock`
2022-03-25 11:51:15 +00:00
Jeroen Ketema
b91914bd89
Merge pull request #8534 from jketema/bitwise-ctor-field-init
...
C++: Handle bitwise copies in copy constructors
2022-03-25 12:47:57 +01:00
Geoffrey White
e377eebdbc
C++: More 'adversary' -> 'malicious user' and related doc changes.
2022-03-25 11:34:37 +00:00
Rasmus Lerchedahl Petersen
1e9840d779
python: broaden local protection concept
2022-03-25 12:28:33 +01:00
Geoffrey White
11074b6d77
Update cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-03-25 11:08:07 +00:00
Nick Rolfe
c7ba7fd389
Ruby: add changenotes for regexp constant value changes
2022-03-25 11:08:01 +00:00
Geoffrey White
6b6ee61d3f
Apply suggestions from code review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-03-25 11:06:46 +00:00
Rasmus Lerchedahl Petersen
179f77b123
python: clearer comment
2022-03-25 11:51:24 +01:00
Rasmus Lerchedahl Petersen
778a88f32c
python: update qhelp
...
removing custom middleware stack
will _not_ enable CSRF protection
2022-03-25 11:49:06 +01:00
Jeroen Ketema
94f014d948
C++: Update tests for handling of bitwise copies in copy constructors
2022-03-25 11:43:01 +01:00
Jeroen Ketema
b18b86b2e2
C++: Remove check for value-less literals in constructors
2022-03-25 11:43:01 +01:00
yoff
85f1d92a0d
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-03-25 11:42:32 +01:00
Chris Smowton
f0168d00d1
Merge pull request #8529 from github/smowton/admin/commons-lang3-test-typo
...
Java: Fix harmless search-replace mistake
2022-03-25 10:36:00 +00:00
Asger Feldthaus
8e2ffc2508
Ruby: add the inline test expectations
2022-03-25 11:31:22 +01:00
Asger Feldthaus
5703f63afa
Ruby: use InlineFlowTest in Summaries.ql test
2022-03-25 11:18:52 +01:00
Erik Krogh Kristensen
cf94c93b1a
Merge pull request #8481 from erik-krogh/schemeChain
...
JS: recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check
2022-03-25 11:13:10 +01:00
Nick Rolfe
034fce0682
Ruby: show constant value type in tests
2022-03-25 08:25:07 +00:00
Andrew Eisenberg
99f14af56a
Suites: Remove self-referential from directives
...
Fixes https://github.com/github/codeql/issues/8412
See https://github.com/github/codeql/issues/8412#issuecomment-1078281668
for more detail.
2022-03-24 14:19:20 -07:00
Nick Rolfe
0613fda57f
Ruby: separate constant propagation of regexps from strings
2022-03-24 17:46:58 +00:00
Erik Krogh Kristensen
47a9376e81
fix bad join in js/unreachable-method-overloads
2022-03-24 16:09:10 +01:00
Tom Hvitved
e12b6df118
Merge pull request #8484 from hvitved/ruby/constant-value-rework
...
Ruby: Rework `getConstantValue` implementation
2022-03-24 14:32:31 +01:00
Rasmus Wriedt Larsen
d51aaf2f91
Python: Import framework-modeling in regex.qll
2022-03-24 14:28:44 +01:00
Mathias Vorreiter Pedersen
80630972b1
Merge branch 'main' into public-iterated-dominance-frontier
2022-03-24 12:50:29 +00:00
Rasmus Wriedt Larsen
98c0d73ffe
Merge pull request #8524 from RasmusWL/ruby-update-ssrf-concept
...
Ruby: Minor change of SSRF concept
2022-03-24 13:48:06 +01:00
Stephan Brandauer
a28e9c5b6e
documentation for handlebars.js flow step
2022-03-24 13:08:52 +01:00
Rasmus Lerchedahl Petersen
ce017394e6
python: fix change note (hepofully)
2022-03-24 12:01:46 +01:00
Stephan Brandauer
0bd9e9f298
add handlebars taint step
2022-03-24 11:46:16 +01:00
Rasmus Lerchedahl Petersen
aecf4e48f8
python: add change note
2022-03-24 11:43:07 +01:00
Chris Smowton
005a020f04
Merge pull request #8508 from igfoo/igfoo/error_elements
...
Java: Add ErrorExpr, ErrorStmt
2022-03-24 10:39:14 +00:00
Arthur Baars
15801fcc85
Apply suggestions from code review
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-03-24 11:37:03 +01:00
Arthur Baars
eef0da09bb
Ruby: move RegExpTreeView.qll out of 'internal'
2022-03-24 11:37:03 +01:00
Arthur Baars
1a9aaf4543
Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-03-24 11:37:03 +01:00
Arthur Baars
5f787144c0
Add change note
2022-03-24 11:37:03 +01:00
Arthur Baars
3c434931ec
Ruby: make ParseRegExp.qll and RegExpTreeView.qll internal libraries
2022-03-24 11:37:03 +01:00
Arthur Baars
74aea81fe3
Ruby: refactor regex libraries
2022-03-24 11:37:02 +01:00
Arthur Baars
65f8f56095
Merge branch 'main' into incomplete-url-string-sanitization
2022-03-24 11:27:30 +01:00
Arthur Baars
496aab78a7
Merge pull request #8535 from aibaars/setter-method-arg-location
...
Ruby: fix location of setter-call argument
2022-03-24 11:26:13 +01:00
Tom Hvitved
eff7cf6396
Merge pull request #8538 from hvitved/ruby/regexpterm-location-perf
...
Ruby: Fix bad join-order in `RegExpTerm::hasLocationInfo`
2022-03-24 10:01:12 +01:00
Tom Hvitved
2699412160
Merge pull request #8543 from hmac/hmac/test-naming-fix
...
Ruby: Fix bad name of lambda in test
2022-03-24 09:46:04 +01:00
Harry Maclean
28a430a2f2
Ruby: Fix bad name of lambda in test
...
This isn't the identity function, so it's confusing for it to be named
so.
2022-03-24 12:44:41 +13:00
Ahmed Farid
eab6568cda
Update zipslip_good.py
2022-03-24 00:35:24 +01:00
Ahmed Farid
8dea7248ea
Update zipslip_bad.py
2022-03-24 00:34:52 +01:00
Ahmed Farid
b5f1e9de08
Update zipslip_bad.py
2022-03-24 00:33:28 +01:00
Ahmed Farid
a05318f10c
Update zipslip_good.py
2022-03-24 00:32:11 +01:00
Ahmed Farid
1836723ecb
Merge branch 'main' into ZipSlip
2022-03-23 19:27:12 -04:00
Harry Maclean
3b4206cebf
Merge pull request #8517 from hmac/hmac/lambda-captured-var
...
Ruby: fix bug with captured variable reads in lambdas
2022-03-24 10:00:19 +13:00
Mathias Vorreiter Pedersen
61c944201f
Merge pull request #8461 from Paul1nh0/dev_cve_2016_6480
...
Add query for double-fetch vulnerability
2022-03-23 18:15:05 +00:00
Asger Feldthaus
b0b795dbbb
JS: Autoformat
2022-03-23 19:15:01 +01:00
Mathias Vorreiter Pedersen
c76a323246
C++/C#: Sync identical files.
2022-03-23 17:27:25 +00:00
Mathias Vorreiter Pedersen
1b4fb45089
C++: Use the iterated (post)dominance frontier algorithm in the public '(post)dominanceFrontier' predicate on 'IRBlocks'.
2022-03-23 17:27:16 +00:00
Asger Feldthaus
69eb24e748
Ruby: fix toCsv representation of argument/parameter positions
2022-03-23 18:11:09 +01:00
Asger Feldthaus
6870a19ace
Ruby: autoformat
2022-03-23 18:06:12 +01:00
Asger Feldthaus
0d51804b5e
Ruby: update a comment mentioning Receiver
2022-03-23 18:06:12 +01:00
Asger Feldthaus
ce54eb3c78
Ruby: Add Argument[foo:] syntax for keyword arguments
2022-03-23 18:06:12 +01:00
Asger Feldthaus
c923b9bb9b
Ruby: Replace Receiver with Argument[self]
2022-03-23 18:06:12 +01:00
Asger Feldthaus
ec30a0f975
Ruby: replace BlockArgument with Argument[block]
2022-03-23 18:06:12 +01:00
Asger Feldthaus
6d84baf276
Ruby: Support self,block in Argument/Parameter tokens
2022-03-23 18:06:12 +01:00
Asger Feldthaus
95122b2b6c
JS: Support Argument[this] token
2022-03-23 18:06:12 +01:00
Asger Feldthaus
d476f976fe
JS: Support Parameter[this] token
2022-03-23 18:06:12 +01:00
Taus
af888f7604
Python: Add call graph meta-query
2022-03-23 16:36:28 +00:00
CodeQL CI
ac29d5f51b
Merge pull request #8523 from asgerf/js/api-graph-receiver-label
...
Approved by erik-krogh
2022-03-23 15:31:12 +00:00
Mathias Vorreiter Pedersen
8b8f0ca6e5
Merge pull request #8479 from geoffw0/widecharperf
...
C++: Fix expensive getWideCharType().
2022-03-23 14:22:17 +00:00
Anna Railton
41418e729e
Merge pull request #8536 from github/codeql-ci/js-atm-new-release
...
JS: Bump version numbers of ML-powered packs after 0.2.0 release
2022-03-23 14:16:11 +00:00
Tom Hvitved
13be99196f
Ruby: Fix bad join-order in RegExpTerm::hasLocationInfo
...
Before:
```
[2022-03-23 14:50:16] (776s) Tuple counts for RegExpTreeView::RegExpTerm::hasLocationInfo#dispred#f0820431#ffffff/6@5f6cf7if after 1m4s:
707103 ~7% {2} r1 = SCAN Literal::StringlikeLiteral::getNumberOfComponents#dispred#f0820431#ff OUTPUT In.0, (In.1 - 1)
64721 ~0% {5} r2 = JOIN r1 WITH RegExpTreeView::RegExpTerm#7783c185#ffff_1023#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1 'this', Rhs.2, Rhs.3
64721 ~0% {5} r3 = JOIN r2 WITH Literal::StringlikeLiteral::getComponent#dispred#f0820431#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.0, Lhs.2 'this', Lhs.3, Lhs.4
64721 ~0% {5} r4 = JOIN r3 WITH AST::AstNode::getLocation#dispred#f0820431#bf ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2 'this', Lhs.3, Lhs.4
64721 ~3% {6} r5 = JOIN r4 WITH Locations::Location::hasLocationInfo#dispred#f0820431#ffffff ON FIRST 1 OUTPUT Rhs.1 'filepath', Lhs.1, Lhs.2 'this', Lhs.3, Lhs.4, Rhs.4 'endline'
353247577 ~1% {10} r6 = JOIN r5 WITH Locations::Location::hasLocationInfo#dispred#f0820431#ffffff_1023#join_rhs ON FIRST 1 OUTPUT Lhs.1, 0, Lhs.2 'this', Lhs.3, Lhs.4, Lhs.0 'filepath', Lhs.5 'endline', Rhs.1, Rhs.2 'startline', Rhs.3
353247577 ~0% {9} r7 = JOIN r6 WITH Literal::StringlikeLiteral::getComponent#dispred#f0820431#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.7, Lhs.2 'this', Lhs.3, Lhs.4, Lhs.5 'filepath', Lhs.6 'endline', Lhs.8 'startline', Lhs.9
64721 ~2% {6} r8 = JOIN r7 WITH AST::AstNode::getLocation#dispred#f0820431#bf ON FIRST 2 OUTPUT Lhs.2 'this', Lhs.5 'filepath', Lhs.7 'startline', (Lhs.8 + Lhs.3), Lhs.6 'endline', ((Lhs.8 + Lhs.4) - 1)
return r8
```
After:
```
[2022-03-23 14:58:35] (247s) Tuple counts for RegExpTreeView::RegExpTerm::componentHasLocationInfo#f0820431#fbfffff/7@de55ac7l after 1.1s:
12956 ~0% {3} r1 = SCAN files OUTPUT In.0, 0, In.1 'filepath'
9850785 ~0% {7} r2 = JOIN r1 WITH locations_default_102345#join_rhs ON FIRST 1 OUTPUT Rhs.1, 0, Lhs.2 'filepath', Rhs.2 'startline', Rhs.3 'startcolumn', Rhs.4 'endline', Rhs.5 'endcolumn'
823486 ~0% {8} r3 = JOIN r2 WITH AST::AstNode::getLocation#dispred#f0820431#bf_10#join_rhs ON FIRST 1 OUTPUT 0, Rhs.1, 0, Lhs.2 'filepath', Lhs.3 'startline', Lhs.4 'startcolumn', Lhs.5 'endline', Lhs.6 'endcolumn'
698251 ~4% {7} r4 = JOIN r3 WITH Literal::StringlikeLiteral::getComponent#dispred#f0820431#fff_120#join_rhs ON FIRST 2 OUTPUT Rhs.2, 0, Lhs.3 'filepath', Lhs.4 'startline', Lhs.5 'startcolumn', Lhs.6 'endline', Lhs.7 'endcolumn'
64721 ~1% {7} r5 = JOIN r4 WITH RegExpTreeView::RegExpTerm#7783c185#ffff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'this', 0, Lhs.2 'filepath', Lhs.3 'startline', Lhs.4 'startcolumn', Lhs.5 'endline', Lhs.6 'endcolumn'
return r5
[2022-03-23 14:58:35] (247s) Tuple counts for RegExpTreeView::RegExpTerm::hasLocationInfo#dispred#f0820431#ffffff/6@ad66b12q after 53ms:
707103 ~7% {2} r1 = SCAN Literal::StringlikeLiteral::getNumberOfComponents#dispred#f0820431#ff OUTPUT In.0, (In.1 - 1)
64721 ~0% {4} r2 = JOIN r1 WITH RegExpTreeView::RegExpTerm#7783c185#ffff_1023#join_rhs ON FIRST 1 OUTPUT Rhs.1 'this', Lhs.1, Rhs.2, Rhs.3
64721 ~5% {5} r3 = JOIN r2 WITH project#RegExpTreeView::RegExpTerm::componentHasLocationInfo#f0820431#bffffff ON FIRST 2 OUTPUT Lhs.0 'this', Rhs.2 'filepath', Lhs.2, Lhs.3, Rhs.3 'endline'
64721 ~2% {6} r4 = JOIN r3 WITH project#RegExpTreeView::RegExpTerm::componentHasLocationInfo#f0820431#fbfffff ON FIRST 2 OUTPUT Lhs.0 'this', Lhs.1 'filepath', Rhs.2 'startline', (Rhs.3 + Lhs.2), Lhs.4 'endline', ((Rhs.3 + Lhs.3) - 1)
return r4
```
2022-03-23 14:55:06 +01:00
Geoffrey White
9ae1ec69dc
C++: Autoformat.
2022-03-23 13:37:39 +00:00
Michael Nebel
6804e20e4a
Merge pull request #8451 from michaelnebel/csharp/modelgenerator-improvements
...
C#: Model generator improvements and more tests
2022-03-23 13:30:58 +01:00
Arthur Baars
06a99c3987
Ruby: fix location of setter-call argument
2022-03-23 12:55:52 +01:00
github-actions[bot]
1e620c99c6
JS: Bump patch version of ML-powered library and query packs post-release
2022-03-23 11:53:34 +00:00
github-actions[bot]
dc0c8374d2
JS: Bump minor version of ML-powered library and query packs
2022-03-23 11:47:53 +00:00
github-actions[bot]
2b42d84ccd
JS: Bump patch version of ML-powered model pack post-release
2022-03-23 11:47:53 +00:00
github-actions[bot]
6fbc0e6e32
JS: Bump ML model pack dependency of ML-powered model building and query packs
2022-03-23 11:47:53 +00:00
github-actions[bot]
8d13662315
JS: Bump minor version of ML-powered model pack
2022-03-23 11:47:08 +00:00
Rasmus Lerchedahl Petersen
93336bcb16
python: allow alternative middleware
...
(observed [on LGTM](9d6a7ee180/files/mozillians/settings.py (L96) ))
2022-03-23 12:27:51 +01:00
yoff
647d37492d
Merge pull request #8289 from tausbn/python-remove-with-test-syntax-error
...
Python: Fix syntax error in `with` test output
2022-03-23 12:25:11 +01:00
Rasmus Lerchedahl Petersen
6c2449564a
python: add concept tests
2022-03-23 12:05:09 +01:00
Mathias Vorreiter Pedersen
a81024a485
Merge pull request #8525 from MathiasVP/more-precise-is-before
...
C++: Consider columns in `Location.isBefore`
2022-03-23 11:04:34 +00:00
Mathias Vorreiter Pedersen
0eab54d385
Merge pull request #8491 from jketema/command-line-injection-with-flow-state
...
C++: Use flow states in `cpp/command-line-injection`
2022-03-23 11:03:29 +00:00
Rasmus Lerchedahl Petersen
441e206cfa
python: CSRF -> Csrf
2022-03-23 11:29:27 +01:00
Michael Nebel
b204f783fb
C#: Remove special handling of bulk types.
2022-03-23 11:26:49 +01:00
Rasmus Wriedt Larsen
671889372b
Ruby: Update wording of change-note
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-03-23 11:26:41 +01:00
Rasmus Wriedt Larsen
e66932c728
Ruby: Make deprecated getURL work with new modeling
...
So an "old" query using the deprecated predicate, will still find the
same results, even when the modeling has been updated.
2022-03-23 11:22:34 +01:00
Tom Hvitved
4bcd4d75a9
Address review comments
2022-03-23 11:22:25 +01:00
Asger Feldthaus
f2285709bd
JS: Change note
2022-03-23 10:42:51 +01:00
Asger Feldthaus
59d5c54432
JS: Update test output from knex
2022-03-23 10:42:51 +01:00
Asger Feldthaus
73071bdc08
JS: Change getAParameter to not return the receiver
2022-03-23 10:42:51 +01:00
Asger Feldthaus
6bef5a70b3
JS: Add dedicated API graph label for receiver, instead of parameter -1
2022-03-23 10:42:51 +01:00
Mathias Vorreiter Pedersen
a84ee50af0
Update cpp/ql/src/change-notes/2022-03-21-command-line-injection-with-flow-states.md
2022-03-23 09:35:41 +00:00
Michael Nebel
bbe28bc668
Java: Do not explicitly require python3 when executing the GenerateFlowModel.py.
2022-03-23 10:35:32 +01:00
Michael Nebel
7eddc1e7ec
Java: Adjust scripts for new location.
2022-03-23 10:35:32 +01:00
Michael Nebel
7fc11be787
Java: Move generate_flow_model file into a shared models-as-data script folder.
2022-03-23 10:35:32 +01:00
Michael Nebel
bd89de3c43
Java: Make sure to use python3 during workflow execution (required for python string interpolation).
2022-03-23 10:35:32 +01:00
Michael Nebel
6c9d1a3edb
Java: Make standalone library for shared functionality.
2022-03-23 10:35:32 +01:00
Michael Nebel
9564f8bf5c
Java: Put remainings parts of the generator code into the class.
2022-03-23 10:35:32 +01:00
Michael Nebel
20414c0e56
Java: Move Generator creation into class definition.
2022-03-23 10:35:32 +01:00
Michael Nebel
3f33cdf688
Java: Introduce generator class.
2022-03-23 10:35:32 +01:00
Michael Nebel
6ed1424679
Java: Refactor language specific parts into variable.
2022-03-23 10:35:32 +01:00
Michael Nebel
1ac988323a
Java: Add dry-run optional paramteter to generator script.
2022-03-23 10:35:31 +01:00
Michael Nebel
586fd5a43b
Java: Rename file for generating flow models.
2022-03-23 10:35:31 +01:00
Rasmus Wriedt Larsen
bbf60b875e
Merge pull request #8476 from RasmusWL/shared-concepts-scaffolding
...
Python/JS/Ruby: Shared concepts scaffolding
2022-03-23 10:22:42 +01:00
Paul1nh0
5a1dc61d9d
modify arguments check logic
...
As far as I can tell, root cause of double-fetech issue is read from the same user mode memory twice, so it makes sense that only check whether user mode pointer is same or not
2022-03-23 11:20:08 +08:00
Paul1nh0
6a6cd61d83
automated using CodeQL for VSCode extension
2022-03-23 09:37:45 +08:00
Mathias Vorreiter Pedersen
01929d484e
Merge pull request #8526 from MathiasVP/internal-diagmetric-queries-ql
...
C++: Add internal `ExtractionError` query
2022-03-22 17:26:38 +00:00
Robert Marsh
12ccf3662a
C#: match IR global variable changes
2022-03-22 13:22:37 -04:00
Robert Marsh
6be3db8575
C++: update test expectations for extractor changes
2022-03-22 13:01:56 -04:00
Owen Mansel-Chan
efc0d95535
Merge pull request #8528 from github/smowton/admin/fix-go-doc-links
...
Fix broken links
2022-03-22 16:25:41 +00:00
Taus
f9120167b4
Python: Fix syntax error in with test output
...
Depends on an internal PR. The two lines in question were caused by
the insertion of an extra node due to the failure to parse a trailing
comma corrcetly.
2022-03-22 16:22:03 +00:00
Jonathan Leitschuh
bd87be636a
Refactor to conditionCheckArgument deprecate old method
2022-03-22 11:56:43 -04:00
Rasmus Wriedt Larsen
64a5c5d9aa
Ruby: Keep getURL predicate for easier deprecation
...
Notice that we still don't fully keep our standard deprecation support,
since the new `getAUrlPart` is still abstract, and therefore will cause
compile errors if not implemented.
2022-03-22 16:48:14 +01:00
Paul1nh0
f2728f5284
delete some unused code
2022-03-22 23:20:30 +08:00
Chris Smowton
b5c05a580d
Java: Fix harmless search-replace mistake
2022-03-22 14:42:09 +00:00
yoff
47e062cfb9
Merge pull request #8486 from aibaars/incomplete-hostname-python
...
Python: switch to shared implementation of IncompleteHostnameRegExp.ql
2022-03-22 15:06:14 +01:00
Rasmus Lerchedahl Petersen
53de8287f5
python: rule out test code for CSRF
2022-03-22 14:57:05 +01:00
Erik Krogh Kristensen
8ae04e04d4
Merge pull request #8509 from erik-krogh/fpXss
...
JS: filter away reads of .src that end in a URL sink for js/xss-through-dom
2022-03-22 14:51:17 +01:00
Mathias Vorreiter Pedersen
c35b385383
C++: Fix 'implicit this' warning.
2022-03-22 13:32:46 +00:00
Tom Hvitved
c06508570a
Ruby: Cache ConstantReadAccess::getValue
2022-03-22 14:15:07 +01:00
Paul1nh0
afe4a8435f
Using globalValueNumber to match same arguments
2022-03-22 21:14:07 +08:00
Rasmus Lerchedahl Petersen
0f2c21c8bd
python: require local protection to be absent
...
for CSRF to be likely
2022-03-22 13:42:52 +01:00
Chris Smowton
35af797683
Fix broken links
2022-03-22 12:34:22 +00:00
Mathias Vorreiter Pedersen
93346a574f
C++: Add a new 'Location.isBefore' predicate that also considers columns.
2022-03-22 12:16:53 +00:00
Mathias Vorreiter Pedersen
c6c3206031
C++: Add example of 'goto' on the same line as the destination label.
2022-03-22 12:11:29 +00:00
Mathias Vorreiter Pedersen
5cdf0b5ee2
Merge pull request #8507 from geoffw0/sde-perf
...
C++: Make getUnderlyingType nomagic
2022-03-22 11:12:44 +00:00
Paul1nh0
d476493c3e
Add double-fetch.ql under CWE-362 directory
2022-03-22 19:08:44 +08:00
Paul1nh0
dd4e82126c
remove to another directory
2022-03-22 19:06:53 +08:00
Paul1nh0
2dad2c477b
query description added
2022-03-22 19:06:03 +08:00
Geoffrey White
5d5904d6c8
C++: Autoformat.
2022-03-22 10:55:04 +00:00
Mathias Vorreiter Pedersen
5cbd86519b
C++: Add internal extraction errors query and modify the 'code-scanning-selectors' to exclude internal queries.
2022-03-22 10:52:02 +00:00
Michael Nebel
b95a332ded
C#: Simplify the isCollectionType predicate.
2022-03-22 11:25:14 +01:00
Rasmus Wriedt Larsen
9254b2904e
Ruby: Adjust HttpClients test
2022-03-22 11:19:55 +01:00
Rasmus Wriedt Larsen
6bd9d82610
Merge pull request #8061 from RasmusWL/orm
...
Python: Add data-flow through Django ORM models
2022-03-22 11:14:08 +01:00
Rasmus Wriedt Larsen
945b52fc46
Ruby: autoformat
...
😳
2022-03-22 10:59:26 +01:00
Michael Nebel
1d45996001
Merge pull request #8466 from michaelnebel/csharp/refactor-aspartial
...
C#: Refactor asPartial to allow re-use.
2022-03-22 10:54:54 +01:00
Rasmus Wriedt Larsen
68de6a4e3c
Ruby: Add change-note
2022-03-22 10:53:55 +01:00
Rasmus Wriedt Larsen
9c2fc1b415
Ruby: client request: getUrl => getAUrlPart
...
This is a port of the same change in Python from
f8fc583af3
The description of that commit was:
> I think `getUrl` is a bit too misleading, since from the name, I would
> only ever expect ONE result for one request being made.
>
> `getAUrlPart` captures that there could be multiple results, and that
> they might not constitute a whole URl.
>
> Which is the same naming I used when I tried to model this a long time ago
> a80860cdc6/python/ql/lib/semmle/python/web/Http.qll (L102-L111)
2022-03-22 10:53:55 +01:00
Rasmus Wriedt Larsen
311cbb4e13
Merge branch 'main' into shared-concepts-scaffolding
2022-03-22 10:36:33 +01:00
Rasmus Wriedt Larsen
414764ccee
Concepts: Minor rewrite in qldoc
...
As suggested by @hmac
2022-03-22 10:33:58 +01:00
Rasmus Wriedt Larsen
e50a9421a6
JS: Update dataflow import in ConceptsImports.qll
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-03-22 10:32:20 +01:00
Erik Krogh Kristensen
099d91ba6f
update qldoc
2022-03-22 10:27:21 +01:00
Tom Hvitved
99ddfb489f
Ruby: Rework getConstantValue implementation
2022-03-22 10:07:44 +01:00
Erik Krogh Kristensen
ea065b7d8a
Merge pull request #8521 from erik-krogh/getRubyMoreInSync
...
Ruby: sync ExponentialBackTracking.qll
2022-03-22 09:59:20 +01:00
Erik Krogh Kristensen
90a6717932
sync ExponentialBackTracking.qll for ruby
2022-03-22 09:27:04 +01:00
Tamás Vajk
36c7e10195
Merge pull request #8519 from github/revert-8294-tamasvajk/fix/mad-adjustments
...
Revert "Fix MaD workflows to be more resilient to missing files"
2022-03-22 09:19:14 +01:00
Tamás Vajk
87e1641772
Revert "Fix MaD workflows to be more resilient to missing files"
2022-03-22 09:08:56 +01:00
Tamás Vajk
80fb021e32
Merge pull request #8294 from github/tamasvajk/fix/mad-adjustments
...
Fix MaD workflows to be more resilient to missing files
2022-03-22 09:02:37 +01:00
Rasmus Lerchedahl Petersen
f5b53083ae
python: require authentication middleware
...
for CSRF to be relevant
2022-03-22 08:44:19 +01:00
Harry Maclean
99b5c580a5
Ruby: Fix captured reads in lambdas
...
These were previously identified as method calls. The fix is to
recognise lambdas as a scope which can inherit variables from its
parent.
2022-03-22 15:35:43 +13:00
Harry Maclean
c891e62a0e
Ruby: Add some tests for method calls in lambdas
...
This reveals a bug where we identify reads of captured variables in
lambdas as method calls. This is fixed in a followup commit.
2022-03-22 15:33:22 +13:00
Harry Maclean
3e8bc8b0f2
Merge pull request #8224 from github/hmac/http-to-file-access
...
Ruby: Add rb/http-to-file-access query
2022-03-22 13:46:36 +13:00
Jeroen Ketema
2d9b630fa8
C++: Fix ExecTainted.ql formatting
2022-03-21 23:28:58 +01:00
Harry Maclean
b1ae548f4c
Ruby: Fix doc comment formatting
2022-03-22 11:10:09 +13:00
Harry Maclean
c2d4bc50c9
Add missing file doc comment
2022-03-22 11:10:09 +13:00
Harry Maclean
91a7e9405c
Share HttpToFileAccessQuery between JS and Ruby
...
There's so little in this query that it may not be worth sharing, but
it's an interesting exercise in figuring out how we do it nicely.
2022-03-22 11:10:08 +13:00
Harry Maclean
130d93dded
Ruby: Make HttpToFileAccess more specific
...
Only consider sources from HTTP requests, rather than any remote flow
source.
2022-03-22 11:09:08 +13:00
Harry Maclean
fac17384c3
Ruby: Add RequestInputAccess concept
...
This sits in between RemoteFlowSource and specific classes like
ParamsSource from ActionController. It represents any user-controller
input from an incoming HTTP request.
This more closely aligns our concepts with the JS library, and allows us
to specifically target sources from HTTP requests in the
HttpToFileAccess query.
2022-03-22 11:09:08 +13:00
Harry Maclean
ff1d96c922
Ruby: Add rb/http-to-file-access query
2022-03-22 11:09:08 +13:00
Jeroen Ketema
b79eb6d10d
C++: Encode string value of data flow nodes in ExecState
2022-03-21 21:29:42 +01:00
Robert Marsh
23e9963a19
Merge branch 'main' into rdmarsh2/ir-global-vars
2022-03-21 16:13:40 -04:00
Robert Marsh
32e128d207
C#: sync IR files
2022-03-21 16:01:53 -04:00
Robert Marsh
5bb6441047
C++: Fix consistency issues with aggregate inits
2022-03-21 16:01:24 -04:00
Harry Maclean
6c18e1d7ac
Merge pull request #8272 from hmac/hmac/tainted-format-string
2022-03-22 08:37:47 +13:00
github-actions[bot]
a3e74efc21
Post-release preparation for codeql-cli-2.8.4
2022-03-21 19:36:47 +00:00
github-actions[bot]
9ba21923a3
Post-release preparation for codeql-cli-2.8.4
2022-03-21 19:36:39 +00:00
Rasmus Wriedt Larsen
88184ba9f5
Python: Update path-injection .expected
...
AHA! This change happened because we are no longer importing all the old
deprecated implementation.
2022-03-21 20:24:12 +01:00
Robert Marsh
a36c6f2dab
C++: restrict IR generation to global vars w inits
2022-03-21 14:26:29 -04:00
Mathias Vorreiter Pedersen
aff76b7295
Merge pull request #8512 from github/fix-dead-select-clause-link
...
Fix dead link in `CONTRIBUTING.md`
2022-03-21 17:39:07 +00:00
Robert Marsh
c27dfb5120
C++: IR translation for global variable inits
2022-03-21 13:17:05 -04:00
Mathias Vorreiter Pedersen
2e55fd6be3
Update CONTRIBUTING.md
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-03-21 16:49:59 +00:00
Ian Lynagh
30bd1a6eb6
Merge pull request #704 from github/release-prep/2.8.4
...
Release preparation for version 2.8.4
2022-03-21 16:27:35 +00:00
Ian Lynagh
e41bbfd931
Merge pull request #8510 from github/release-prep/2.8.4
...
Release preparation for version 2.8.4
2022-03-21 16:27:29 +00:00
Mathias Vorreiter Pedersen
cf54006c86
Fix dead link in CONTRIBUTING.md
...
cc @felicitymay.
2022-03-21 16:05:57 +00:00
Erik Krogh Kristensen
c8385a1e80
js/xss-through-dom: filter away reads of .src that end in a URL sink
2022-03-21 16:48:59 +01:00
Rasmus Wriedt Larsen
758a81cc0f
Python: Remove import of Concepts in DataFlowPrivate
...
As discussed in PR review
2022-03-21 16:22:15 +01:00
Jonathan Leitschuh
b3ee1bd313
Refactor Preconditions and add Tests
2022-03-21 11:20:05 -04:00
Rasmus Wriedt Larsen
978ef05571
Python: Add change-note
2022-03-21 16:18:40 +01:00
Ian Lynagh
1f8ce3a868
Java: Tweak release notes
2022-03-21 15:14:45 +00:00
Rasmus Wriedt Larsen
b8dee25cce
Python: ReflectedXSS -> ReflectedXss for new Query file
...
So we stick to the naming conventions.
This rename is OK, since the new file was only just introduced in this
PR.
2022-03-21 16:12:38 +01:00
Arthur Baars
79cd7bf8ed
Python: create semmle/python/dataflow/new/Regex.qll
2022-03-21 15:57:19 +01:00
Jonathan Leitschuh
db0879ec25
Apply suggestions from code review
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-03-21 10:35:13 -04:00
Rasmus Wriedt Larsen
695553ba9f
Python: Deprecate old non-Query.qll dataflow defs
2022-03-21 15:03:22 +01:00
Rasmus Wriedt Larsen
db86a18791
Python: Autoformat
2022-03-21 14:53:53 +01:00
Rasmus Wriedt Larsen
0125aea91b
Python: Re-introduce old dataflow configs .qll files
...
and move all the old deprecated aliases to that file. We now have a
situation where all queries should work as they did before, and we just
have these new Query.qll files that contain the implementation.
(deprecation comes later)
2022-03-21 14:53:53 +01:00
Rasmus Wriedt Larsen
1bf8fa6a3b
Python: Adopt Query.qll suffix for dataflow config defs
...
This commit in itself makes everything break, but should make it easy to
follow the overall changes being made.
2022-03-21 14:53:53 +01:00
Michael Nebel
92f8a90f31
C#: Introduce a collectionType predicate.
2022-03-21 14:44:38 +01:00
github-actions[bot]
b96eba9875
Release preparation for version 2.8.4
2022-03-21 13:26:27 +00:00
github-actions[bot]
dedc8c2254
Release preparation for version 2.8.4
2022-03-21 13:25:49 +00:00
Michael Nebel
8e2277e4f3
C#: Improve some of the QL Doc string.
2022-03-21 14:24:51 +01:00
Michael Nebel
d31ef371ec
Merge pull request #8391 from michaelnebel/csharp/gvn-interface
...
C#: Deprecate the StructuralComparisonConfiguration interface and use sameGvn instead.
2022-03-21 14:10:53 +01:00
Geoffrey White
97fef4b3a5
C++: Switch strategy to nomagic.
2022-03-21 12:58:06 +00:00
Ian Lynagh
7295a5d313
Java: Add an upgrade script
2022-03-21 11:51:36 +00:00
Ian Lynagh
6284362868
Java: Update stats
2022-03-21 11:44:19 +00:00
Geoffrey White
7f825c12eb
C++: Make getUnderlyingType 'nomagic'.
2022-03-21 11:12:18 +00:00
Jeroen Ketema
e05227d3fe
C++: Add change note for the cpp/command-line-injection changes
2022-03-21 11:30:39 +01:00
Jeroen Ketema
8b4c42dd07
C++: Add cpp/command-line-injection test using a wrapper macro
2022-03-21 11:19:54 +01:00
Alex Ford
c891c53835
Merge pull request #8395 from alexrford/ruby/clear-text-storage
...
Ruby: add `rb/clear-text-storage-sensitive-data` query
2022-03-21 10:05:39 +00:00
CodeQL CI
b04c46f96d
Merge pull request #8478 from asgerf/js/store-load-flow-context-sensitivity-bug
...
Approved by erik-krogh
2022-03-21 08:54:51 +00:00
ihsinme
151c93f502
Update DangerousUseOfExceptionBlocks.cpp
2022-03-21 09:52:14 +03:00
ihsinme
22cf3f7b20
Update test.cpp
2022-03-21 09:50:30 +03:00
Harry Maclean
5a6da827d0
Ruby: Avoid FP in TaintedFormatString query
...
Kernel#printf supports two call signatures:
printf(String, *args)
printf(IO, String, *args)
We want to identify the String argument, which is the format string.
Previously we would return the 0th and 1st arguments, which gives some
FPs when the 1st arg is not a format string.
We now try to rule out the trivial case by checking if arg 0 has a
string value, and then assuming it is the format string. Otherwise we
fall back to returning both arguments.
This still has some false positive potential, but less than previously.
2022-03-21 12:51:47 +13:00
Harry Maclean
5dcf0ad759
Ruby: Make IOPrintfCall more sensitive
...
It will now identify cases like this:
file = File.open "foo.txt", "a"
file.printf(params[:format], arg)
2022-03-21 12:51:47 +13:00
Harry Maclean
c253bddbe0
Ruby: Make getFormatArgument 0-indexed
2022-03-21 12:51:47 +13:00
Harry Maclean
c73dc8ad0c
Ruby: Add change note for rb/tainted-format-string
2022-03-21 12:51:47 +13:00
Harry Maclean
10a411e5cc
Ruby: Remove duplicate CWE reference
2022-03-21 12:51:47 +13:00
Harry Maclean
d79a6ddcb2
Ruby: Improve qhelp for rb/tainted-format-string
2022-03-21 12:51:47 +13:00
Harry Maclean
0cfe37dff4
Share TaintedFormatString between Ruby and JS
2022-03-21 12:51:46 +13:00
Harry Maclean
4249e30824
Ruby: Test tainted interpolated format arg
2022-03-21 12:51:18 +13:00
Harry Maclean
63199024a2
Add missing QLDoc
2022-03-21 12:51:18 +13:00
Harry Maclean
f6215d4c7e
Ruby: Add rb/tainted-format-string query
2022-03-21 12:51:18 +13:00
Alex Ford
b79bb72153
Ruby: split up CipherInstantiation charpred
2022-03-20 18:32:47 +00:00
Jonathan Leitschuh
1d0275344d
[Java]: Add precondition support for testing library asserts
2022-03-18 20:39:24 -04:00
Jeroen Ketema
f8198c3123
C++: Use flow states in cpp/command-line-injection
2022-03-18 20:06:45 +01:00
Robert Marsh
4bf35ad188
Merge pull request #8483 from jketema/command-line-injection-test-cases-with-calls
...
C++: Add additional command line injection tests
2022-03-18 15:05:12 -04:00
Arthur Baars
beef8e29bc
Merge pull request #8332 from hvitved/ruby/regexp-taint-flow
...
Ruby: Use taint tracking instead of type tracking to define `regExpSource`
2022-03-18 18:24:02 +01:00
Arthur Baars
9412b331db
Revert "Revert "Python: switch to shared implementation of IncompleteHostnameRegExp.ql""
...
This reverts commit 6d24591416 .
2022-03-18 16:31:22 +01:00
Jeroen Ketema
d37ef1b5ca
C++: Add command line injection test that currently results in a false positive
2022-03-18 16:12:09 +01:00
Arthur Baars
bf888f0f0b
Merge remote-tracking branch 'upstream/main' into incomplete-url-string-sanitization
...
Conflicts:
config/identical-files.json
javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql
javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.qll
ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.qll
2022-03-18 16:09:20 +01:00
Arthur Baars
117fb5be7d
Merge pull request #7917 from aibaars/incomplete-hostname
...
Ruby: IncompleteHostnameRegExp.ql
2022-03-18 16:00:09 +01:00
Alex Ford
2bd25da8e3
Ruby: Tidy an exists
2022-03-18 14:43:45 +00:00
Alex Ford
62bc0357ea
Ruby: Improve Cryptography module qldoc
2022-03-18 14:38:14 +00:00
Tom Hvitved
1437aefe9d
Ruby: Use taint tracking instead of type tracking to define regExpSource
2022-03-18 14:48:12 +01:00
Tom Hvitved
d97eaba070
Ruby: Add dataflow/taintracking copies for use in libraries
2022-03-18 14:48:12 +01:00
Arthur Baars
4a27928728
Ruby/JS add missing ^ in qhelp
2022-03-18 14:00:10 +01:00
Jeroen Ketema
459870ac1e
C++: Add additional command line injection tests
2022-03-18 13:42:27 +01:00
Arthur Baars
431b60506e
Merge remote-tracking branch 'upstream/main' into incomplete-hostname
2022-03-18 13:05:34 +01:00
Arthur Baars
6d24591416
Revert "Python: switch to shared implementation of IncompleteHostnameRegExp.ql"
...
This reverts commit ce50f35dda .
2022-03-18 13:02:55 +01:00
Chris Smowton
767453520e
Merge pull request #8032 from JLLeitschuh/feat/JLL/check_os
...
Java: Add Guard Classes for checking OS & unify System Property Access
2022-03-18 11:20:36 +00:00
Asger Feldthaus
26b7edccd4
JS: Change note
2022-03-18 11:59:36 +01:00
Erik Krogh Kristensen
693c77f3df
add test for string replacement chains of URL schemes
2022-03-18 11:05:59 +01:00
Asger F
929419abba
Merge pull request #8254 from asgerf/ruby/mad-prototype
...
Ruby: initial prototype of models-as-data
2022-03-18 10:48:33 +01:00
Erik Krogh Kristensen
235aa9c24e
recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check
2022-03-18 10:37:20 +01:00
Mathias Vorreiter Pedersen
8bf172913e
Merge pull request #8474 from hvitved/flow-state-changing-steps-should-be-in-path-explanation-alternative
...
Dataflow: Flow-state changing steps should always be in path explanations
2022-03-18 09:08:36 +00:00
Asger Feldthaus
8753632193
JS: Fix bug in reachableFromStoreBase
2022-03-17 17:30:46 +01:00
Asger Feldthaus
8c6ca6582e
JS: Add test showing missing flow
2022-03-17 17:30:46 +01:00
Geoffrey White
ff3bedcab9
C++: Fix expensive getWideCharType().
2022-03-17 14:41:57 +00:00
Mathias Vorreiter Pedersen
abe30457ee
Python: Accept test changes.
2022-03-17 14:03:58 +01:00
Tom Hvitved
79ea2a3a9c
Data flow: Sync files
2022-03-17 14:03:58 +01:00
Tom Hvitved
4df12dc6e6
Data flow: State-changing taint steps should not be stepped over by the big step relation
2022-03-17 14:03:58 +01:00
Rasmus Wriedt Larsen
2b9408b0c3
Concepts: Add some architecture documentation
2022-03-17 13:49:10 +01:00
Harry Maclean
36c421346b
Introduce ConceptsShared.qll
2022-03-17 13:49:10 +01:00
Erik Krogh Kristensen
870521bd1e
Merge pull request #8473 from erik-krogh/redundantAnyCast
...
QL: expand redundant-inline-cast, and rename to redundant-cast
2022-03-17 10:41:50 +01:00
Erik Krogh Kristensen
fe94421d32
rename redundant-inline-cast to redundant-cast
2022-03-17 10:25:40 +01:00
Erik Krogh Kristensen
f3ca6bbc2e
PY: update expected output after fixing bug in flask model
2022-03-17 09:42:30 +01:00
Erik Krogh Kristensen
879680057e
fix all ql/unused-field warnings
2022-03-17 09:41:42 +01:00
Erik Krogh Kristensen
d5fd0d6724
add ql/unused-field query
2022-03-17 09:40:16 +01:00
Erik Krogh Kristensen
86398a8c65
Merge pull request #8304 from erik-krogh/xssUrl
...
JS: Refactor the XSS / Client-side-url queries
2022-03-17 09:13:09 +01:00
4B5F5F4B
d4c7314484
Delete cve-2016-6480.ql
...
commit by mistake
2022-03-17 09:49:28 +08:00
Erik Krogh Kristensen
aa8b7c8679
update reference to deprecated class name
2022-03-16 22:32:54 +01:00
Erik Krogh Kristensen
6cdc38748c
update expected output
2022-03-16 22:32:09 +01:00
Erik Krogh Kristensen
d8a5947a08
simplify TaintedUrlSuffix::source() to only consider window.location based sources
2022-03-16 22:32:09 +01:00
Erik Krogh Kristensen
b3de5d94a6
move PrefixStringSanitizer to the Query.qll file, and have it extend LabeledSanitizerGuardNode
2022-03-16 22:32:09 +01:00
Erik Krogh Kristensen
562dce57e8
rename isXSSSink to isXssSink
2022-03-16 22:32:09 +01:00
Erik Krogh Kristensen
f083e87fa1
refactor the js/xss query to use three flowlabels and one configuration
2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
87842bb8b7
add client-side-url sinks that may execute JavaScript as XSS sinks
2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
b471fec149
split interpretsArgumentsAsURL out of interpretsArgumentsAsHTML, and use it to generalize AttributeUrlSink
2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
2576e1f655
add utility predicate to get client-side remote-flow-sources that contain a URL query/fragment
2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
67e6a4c716
add a isXSSSink predicate to the client-side-url-redirection sinks
2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
fc79242674
add tests
2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
559f03ebbc
remove unnecessary module qualifier
2022-03-16 22:32:07 +01:00
Erik Krogh Kristensen
2d9d383c55
remove unused import
2022-03-16 22:32:07 +01:00
Arthur Baars
1a51f0cf56
Ruby: regex: fix getGroupNumber
...
non-capture groups should not have a group number
2022-03-16 18:50:51 +01:00
Dave Bartolomeo
606e015afb
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-16 13:07:35 -04:00
Dave Bartolomeo
e275ab3951
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-16 13:07:15 -04:00
Dave Bartolomeo
6adc11b10e
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-16 13:07:08 -04:00
Dave Bartolomeo
b36281dd8c
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-16 13:07:02 -04:00
Dave Bartolomeo
db4963ada0
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-16 13:06:54 -04:00
Michael Nebel
4a68b74aa3
C#: Re-use the asPartialModel for DataFlowPrivate in tests.
2022-03-16 17:02:00 +01:00
Michael Nebel
115cef2484
C#: Move asPartialModel into DataFlowPrivate (to enable re-use).
2022-03-16 16:44:24 +01:00
Arthur Baars
f95e1efb67
Ruby: remove wrong clause
2022-03-16 16:25:42 +01:00
Arthur Baars
fb8cc6e1a4
Ruby: String.index method returns 'nil', not '-1'
2022-03-16 16:18:19 +01:00
Michael Nebel
138eb485c6
C#: Address review comments.
2022-03-16 16:00:48 +01:00
Jeroen Ketema
7a9a9d833a
Merge pull request #8435 from jketema/all-the-barriers
...
Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard
2022-03-16 15:50:19 +01:00
Michael Nebel
68f24cda0b
Merge pull request #8462 from michaelnebel/csharp/capture-models-fix-bad-join-order
...
C#: Fix bad join order in returnNodeAsOutput.
2022-03-16 15:46:17 +01:00
Dave Bartolomeo
571c034549
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-16 10:14:45 -04:00
Tony Torralba
8790df7a34
Style fixes
2022-03-16 15:11:04 +01:00
Asger Feldthaus
e1976da7f9
JS: Autoformat
2022-03-16 15:01:17 +01:00
Arthur Baars
f2ec5132ba
Apply suggestions from code review
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-03-16 14:46:34 +01:00
Dave Bartolomeo
e669ffa22e
Merge pull request #8320 from jketema/structured-binding-array
...
C++: Handle initialization of structured bindings via bitwise copy in extractor
2022-03-16 09:41:31 -04:00
Ian Lynagh
565f607096
Java: Add a changenote for ErrorExpr/ErrorStmt
2022-03-16 13:20:33 +00:00
Asger F
228570129e
Merge branch 'main' into ruby/mad-prototype
2022-03-16 13:50:31 +01:00
Asger Feldthaus
e168da4c5f
Shared: make a predicate private
2022-03-16 13:48:56 +01:00
Michael Nebel
5f7b5ec5df
C#: Fix bad join order in returnNodeAsOutput.
2022-03-16 13:44:11 +01:00
Asger Feldthaus
8cef512234
Ruby: ensure ApiGraphs.qll imports its entry points
2022-03-16 13:40:14 +01:00
Asger Feldthaus
e3fbaf5d8f
Shared: prefer exists(var) instead of var = any(string s)
2022-03-16 13:37:08 +01:00
Asger Feldthaus
102540072e
Shared: remove documentation prone to falling out of date
2022-03-16 13:32:55 +01:00
Nick Rolfe
f6681f30c6
Merge pull request #8399 from github/nickrolfe/simple_symbol_constant_value
...
Ruby: implement getComponent(n) for simple and hash-key symbols
2022-03-16 12:10:39 +00:00
Asger Feldthaus
2ca45ef9f9
Ruby: support BlockArgument in identifying access path
2022-03-16 12:51:14 +01:00
Nick Rolfe
94ce578ea4
Ruby: implement getComponent(n) for simple and hash-key symbols
2022-03-16 11:43:46 +00:00
Asger Feldthaus
c9355095e3
Ruby: Use Receiver instead of Argument[-1] in ActiveStorage
2022-03-16 12:37:21 +01:00
Asger Feldthaus
71f195d1e0
Ruby: add test for Receiver in summary
2022-03-16 12:37:21 +01:00
Arthur Baars
6b323eeda8
Update expected output
2022-03-16 12:34:03 +01:00
Arthur Baars
ab93b3784b
Merge remote-tracking branch 'upstream/main' into incomplete-hostname
2022-03-16 12:31:12 +01:00
Arthur Baars
852f05bfb7
Address comment
2022-03-16 12:26:39 +01:00
Nick Rolfe
76918238f0
Ruby: test ExprCfgNode::getConstantValue()
2022-03-16 11:21:57 +00:00
Geoffrey White
95a63a69a5
Merge branch 'main' into cwe497b
2022-03-16 11:09:46 +00:00
Asger Feldthaus
f140c13261
JS: Sync ApiGraphModels.qll and update accordingly
2022-03-16 12:04:41 +01:00
Asger Feldthaus
2b02a173c1
Ruby: canonicalize callables based on package;type;path instead of input;output;kind
2022-03-16 12:04:41 +01:00
Asger Feldthaus
d8b4bc81ff
JS: Rename EntryPoint.getNode -> getANode
2022-03-16 12:04:39 +01:00
Erik Krogh Kristensen
f53df255b9
Merge pull request #8459 from erik-krogh/addSeverities
...
JS: add missing @security-severity to JS queries
2022-03-16 12:03:19 +01:00
Nick Rolfe
82ef2a12f6
Merge pull request #8164 from github/nickrolfe/escape_sequences
...
Ruby: interpret string escape sequences in getConstantValue()
2022-03-16 10:45:39 +00:00
Chris Smowton
b11340c829
Change note tense and detail level
2022-03-16 10:34:25 +00:00
Nick Rolfe
1a850028e7
Ruby: update date in changenote filename
2022-03-16 10:32:43 +00:00
Erik Krogh Kristensen
cd9d61c1fc
Merge pull request #8450 from erik-krogh/importAs
...
disallow lowercase import-as aliases
2022-03-16 11:32:37 +01:00
Jeroen Ketema
37293141ee
Merge pull request #8428 from jketema/noreturn
...
C++: Handle C11 _Noreturn in DefaultOptions
2022-03-16 11:23:23 +01:00
Rasmus Wriedt Larsen
ae1ba11d57
Merge branch 'main' into orm
2022-03-16 11:23:14 +01:00
Paul1nh0
85b22647ac
Add query for double-fetch vulnerability
2022-03-16 18:16:49 +08:00
4B5F5F4B
2a29c201ff
Merge branch 'github:main' into main
2022-03-16 18:06:16 +08:00
Asger Feldthaus
33ca55770c
Ruby: EntryPoint.getNode -> getANode
2022-03-16 11:02:26 +01:00
Asger Feldthaus
ecf7073bf1
Shared: codeql -> ql in code blocks
2022-03-16 11:00:24 +01:00
Rasmus Wriedt Larsen
f1e6271d20
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-03-16 10:53:19 +01:00
4B5F5F4B
baf1c8d76b
Create cve-2016-6480.ql
2022-03-16 17:49:05 +08:00
Rasmus Wriedt Larsen
461e2f3663
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-03-16 10:43:20 +01:00
Michael Nebel
8b16c1f585
C#: Add some test cases for inheritance.
2022-03-16 10:40:49 +01:00
Erik Krogh Kristensen
d47b0a68e7
exclude tests from ql/missing-security-metadata
2022-03-16 10:40:45 +01:00
Erik Krogh Kristensen
2442beaf9a
add missing severities to JS queries
2022-03-16 10:40:34 +01:00
Michael Nebel
e69ea8f577
C#: Add some testcases for generics.
2022-03-16 10:20:55 +01:00
jorgectf
f6eb83fd22
Update MyBatisAnnotationSqlInjection.qlref
...
By adding more imports in the test file, the expected result's lines changed.
2022-03-16 10:12:38 +01:00
Michael Nebel
814947b876
C#: Add some test cases for methods that are not properly exposed and will this not get their summary captured.
2022-03-16 09:47:14 +01:00
Michael Nebel
a555e04b55
C#: Bulk array flow.
2022-03-16 09:30:15 +01:00
Michael Nebel
226a874a74
C#: Test cases for IEnumerable.
2022-03-16 09:22:18 +01:00
Michael Nebel
ec6dab89d8
C#: Update the Summary model generator with better support for IEnumerable typed parameters.
2022-03-16 09:21:02 +01:00
ihsinme
ccbb4434de
Update DangerousUseOfExceptionBlocks.expected
2022-03-16 09:54:35 +03:00
ihsinme
cd561dd19c
Update test.cpp
2022-03-16 09:53:45 +03:00
ihsinme
2959150198
Update DangerousUseOfExceptionBlocks.ql
2022-03-16 09:30:38 +03:00
Jeroen Ketema
d51cbe2525
C++: Update IR tests for handling of bitwise copy with explicit source
2022-03-15 23:22:37 +01:00
Jeroen Ketema
8be02b164c
C++: Add IR tests exposing incorrect translation due to unhandled bitwise copy
...
These tests are in addition to exisiting tests involving default copy
constructors, which suffer from the same problem, i.e., the extractor not
handling bitwise copies.
2022-03-15 23:22:37 +01:00
Jeroen Ketema
2894bb0933
C++: Use correct change note file name format
2022-03-15 23:21:14 +01:00
Jeroen Ketema
638b2cac04
C++: Add change note on _Noreturn/noreturn in C11
2022-03-15 23:21:14 +01:00
Jeroen Ketema
1a1c34e1be
C++: Handle C11 _Noreturn in DefaultOptions
2022-03-15 23:21:14 +01:00
Geoffrey White
92d748e006
C++: Fix ODR/dbcheck issue in test.
2022-03-15 20:00:19 +00:00
Dave Bartolomeo
7359e3253d
Fix reference to deprecated predicate
2022-03-15 15:59:35 -04:00
Dave Bartolomeo
62553ab089
Merge remote-tracking branch 'upstream/main' into semantic-scratch
2022-03-15 15:53:50 -04:00
Erik Krogh Kristensen
b45f56ac08
Merge pull request #8431 from erik-krogh/deadCode
...
Delete dead code
2022-03-15 20:09:06 +01:00
Dave Bartolomeo
f22c91b762
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-15 15:01:32 -04:00
Dave Bartolomeo
c8a0a86354
Fix Code Scanning warning
2022-03-15 14:53:43 -04:00
Dave Bartolomeo
7623b3d04d
Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/SemanticType.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-15 14:49:20 -04:00
Dave Bartolomeo
ea9a5b782c
Don't bother hiding toString() and getLocation()
2022-03-15 14:47:26 -04:00
Ian Lynagh
2116e6d120
Java: Add ErrorExpr, ErrorStmt
2022-03-15 17:30:19 +00:00
Jonathan Leitschuh
09cc8ee09e
Add tests for StandardSystemProperty
2022-03-15 12:37:42 -04:00
Mathias Vorreiter Pedersen
57922f56ee
Merge pull request #8424 from ihsinme/ihsinme-patch-fix077
...
Detection reduction on request
2022-03-15 16:17:47 +00:00
jorgectf
e0952ba432
Fix change note
...
Thanks @atorralba!
2022-03-15 16:41:32 +01:00
Mathias Vorreiter Pedersen
05758181bb
Merge pull request #7884 from rdmarsh2/rdmarsh2/template-implicit-copy-constructor
...
C++: fix hasImplicitCopyConstructor for templates
2022-03-15 15:32:05 +00:00
jorgectf
3356bc4085
Add change note
2022-03-15 16:26:34 +01:00
Anna Railton
a08246a2a7
Merge pull request #8448 from github/annarailton-patch-1
...
Add docstring to `ExtractEndpointMapping.ql`
2022-03-15 14:54:45 +00:00
Geoffrey White
46f3f28a11
C++: Fix broken merge.
2022-03-15 14:53:25 +00:00
Michael Nebel
4f2678fc72
C#: Add some testcases for model generation of methods using Lists.
2022-03-15 15:44:06 +01:00
Michael Nebel
a9bbe6889b
C#: Use CollectionType instead of ArrayType when generating models.
2022-03-15 15:41:46 +01:00
Erik Krogh Kristensen
b0fc958b32
simplify imports
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-03-15 15:10:04 +01:00
Erik Krogh Kristensen
57db7633c8
C#: make csharp import private
2022-03-15 14:59:06 +01:00
Erik Krogh Kristensen
89af50f6d5
rename all lower-case import-as statements
2022-03-15 14:40:38 +01:00
Erik Krogh Kristensen
54582438a1
QL: recognize the names defined by import as statements
2022-03-15 14:29:33 +01:00
Geoffrey White
71e0da738d
Merge branch 'main' into cwe497b
2022-03-15 13:29:32 +00:00
Anna Railton
739d94e8f9
Add docstring to ExtractEndpointMapping.ql
2022-03-15 12:50:51 +00:00
jorgectf
ed198709b4
Refactor MyBatisAbstractSQLMethodsStep
...
Set output to `Argument[-1]` instead of `ReturnValue` to be able to get rid of `MyBatisAbstractSQLAnonymousClassStep`.
Thanks @pwntester!
2022-03-15 13:46:06 +01:00
Erik Krogh Kristensen
3067231b1a
Merge pull request #8253 from erik-krogh/domWrite
...
JS: merge hasDominatingWrite and hasDominatingAssignment
2022-03-15 13:37:00 +01:00
jorgectf
9aa440e5b6
Refactor MyBatisAbstractSQLMethodsStep and MyBatisAbstractSQLMethod
...
See https://github.com/github/codeql/pull/8345\#discussion_r826734537
2022-03-15 13:23:23 +01:00
Erik Krogh Kristensen
154d0171d3
Merge pull request #8438 from erik-krogh/apiDisable
...
JS: add some API-nodes to js/disabling-certificate-validation
2022-03-15 12:56:59 +01:00
Chris Smowton
451661dd20
Improve guard class names
2022-03-15 11:46:54 +00:00
Mathias Vorreiter Pedersen
9f014be7c7
Merge pull request #8447 from MathiasVP/add-missing-security-severity
...
C++: Add missing `security-severity` tags
2022-03-15 11:29:28 +00:00
Geoffrey White
28315df405
Merge branch 'main' into cwe497b
2022-03-15 11:23:00 +00:00
Joe Farebrother
8acd8ea01f
Merge pull request #8446 from joefarebrother/sensitive-logging
...
Java: Add security severity to sensitive logging query
2022-03-15 11:17:46 +00:00
Jeroen Ketema
157a36bc4f
Use node variable in all disjuncts
2022-03-15 11:55:35 +01:00
Jeroen Ketema
9a0e94f389
Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard
2022-03-15 11:55:34 +01:00
Mathias Vorreiter Pedersen
7337ebd569
C++: Add missing 'security-severity' tags.
2022-03-15 10:54:36 +00:00
Mathias Vorreiter Pedersen
9642e59349
Merge pull request #8382 from MathiasVP/use-taint-configuration-in-three-more-queries
...
C++: Use a `TaintTracking::Configuration` in three more queries
2022-03-15 10:43:05 +00:00
Joe Farebrother
e4a16cc700
Add security severity
2022-03-15 10:42:41 +00:00
Tony Torralba
6d5414281e
Merge pull request #8437 from atorralba/atorralba/missing-security-severity-query
...
Added MissingSecurityMetadata query
2022-03-15 11:42:41 +01:00
Dave Bartolomeo
72725875a5
Undo debugging changes
2022-03-15 06:05:33 -04:00
Henry Mercer
f38b498eed
Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore
...
JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries
2022-03-15 10:04:30 +00:00
Dave Bartolomeo
c9fbf83c1c
Working range analysis for C++
2022-03-15 06:02:54 -04:00
Tony Torralba
6f484d3d64
Merge pull request #8440 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-03-15 10:58:27 +01:00
Asger Feldthaus
d628dc0b52
Ruby: sync ApiGraphModels.qll
2022-03-15 10:52:41 +01:00
Asger Feldthaus
82750638c6
JS: Verify models even if package is not used in database
2022-03-15 10:51:44 +01:00
Tony Torralba
fd4c9fd543
Cover a missing @tag security when @security-severity is used
2022-03-15 10:39:42 +01:00
Asger Feldthaus
a19f06ffc0
JS: Port checks to JS
2022-03-15 10:35:49 +01:00
Asger Feldthaus
7f8205684e
Ruby: verify tokens in identifying access path
2022-03-15 10:25:59 +01:00
Tony Torralba
82b2fd2d23
Exclude queries without precision
2022-03-15 10:22:10 +01:00
Dave Bartolomeo
f53a66b52a
Add working sign and modulus analysis
2022-03-15 05:16:23 -04:00
Mathias Vorreiter Pedersen
7e0e7d5004
Merge branch 'main' into use-taint-configuration-in-three-more-queries
2022-03-15 09:06:55 +00:00
Asger Feldthaus
97ca1155c3
JS: Sync ApiGraphModels.qll and test
2022-03-15 09:29:34 +01:00
Asger Feldthaus
65249dabd3
Ruby: add warning for wrong number of columns in CSV row
2022-03-15 09:28:21 +01:00
Erik Krogh Kristensen
c7509c4dd3
Merge branch 'main' into deadCode
2022-03-15 09:19:14 +01:00
Tony Torralba
18165cbb46
Exclude examples folder
2022-03-15 09:14:11 +01:00
Michael Nebel
ba67ea0445
C#: Fix performance issue with UselessNullCoalescingExpression query.
2022-03-15 09:09:45 +01:00
Jonas Jensen
d89c52f4b0
Merge pull request #8403 from erik-krogh/noUpper
...
Rename all upper-case variables, and all lower-case modules
2022-03-15 09:00:37 +01:00
Asger Feldthaus
f28acbf3dc
Ruby: autoformat
2022-03-15 08:15:18 +01:00
ihsinme
62ecf54aaa
Update DangerousUseOfExceptionBlocks.cpp
2022-03-15 08:53:38 +03:00
ihsinme
e99eaeb256
Apply suggestions from code review
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-03-15 08:53:00 +03:00
github-actions[bot]
b10adfc8da
Add changed framework coverage reports
2022-03-15 00:13:15 +00:00
Arthur Baars
3311fedda7
Merge pull request #8365 from aibaars/qldoc-test
...
CI: add QLdoc test
2022-03-14 23:36:01 +01:00
Robert Marsh
143b79c0cc
C++/WIP: Generate IR for global variables
2022-03-14 17:12:30 -04:00
jorgectf
f10dac31f9
Format some tests
2022-03-14 22:12:22 +01:00
Robert Marsh
bf21a471ed
C++: add some global variables to IR tests
2022-03-14 17:11:36 -04:00
jorgectf
b62b8c8d28
Use SummaryModelCsv for the toString taint step
2022-03-14 21:47:06 +01:00
jorgectf
c683b48af7
Add MyBatisInjectionSink's QLDoc
2022-03-14 21:41:36 +01:00
jorgectf
8482c01959
Make MyBatisProviderStep an AdditionalValueStep
2022-03-14 21:35:26 +01:00
Erik Krogh Kristensen
195ce9c58a
add some API-nodes to js/disabling-certificate-validation
2022-03-14 21:33:13 +01:00
jorgectf
32f494eba1
Use SummaryModelCsv in MyBatisAbstractSQLMethodsStep
2022-03-14 21:32:55 +01:00
jorgectf
d47fcedd21
Add tests
2022-03-14 21:31:51 +01:00
Jorge
158366ab46
Apply suggestions from code review
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
2022-03-14 21:27:37 +01:00
Arthur Baars
6a74e761c8
Merge pull request #8398 from github/post-release-prep/codeql-cli-2.8.3
...
Post-release preparation for codeql-cli-2.8.3
2022-03-14 21:05:09 +01:00
Arthur Baars
be412b1b5d
Merge pull request #702 from github/post-release-prep/codeql-cli-2.8.3
...
Post-release preparation for codeql-cli-2.8.3
2022-03-14 21:04:37 +01:00
Geoffrey White
73710e9edb
C++: Fix QLDoc.
2022-03-14 19:11:43 +00:00
Tom Hvitved
d3d20c69dd
Merge pull request #8425 from hvitved/csharp/structural-comparision-fix
...
C#: Avoid combinatorial explosion in structural comparison library
2022-03-14 20:10:40 +01:00
Geoffrey White
7c93eb1eaf
C++: Fix large newtype.
2022-03-14 19:06:41 +00:00
Geoffrey White
d1b04b4e07
C++: Use asDefiningArgument() where appropriate.
2022-03-14 17:53:47 +00:00
Henry Mercer
5102cadf8e
Merge pull request #8404 from github/codeql-ci/js-atm-new-release
...
JS: Bump version numbers of ML-powered packs after 0.1.0 release
2022-03-14 17:32:37 +00:00
Dave Bartolomeo
20c3cfb1a0
Squash a few sign analysis diffs due to range analysis fixes
2022-03-14 13:07:45 -04:00
Tony Torralba
03f3535188
Added MissingSecuritySeverity query
2022-03-14 17:53:08 +01:00
Asger Feldthaus
fee32d3480
Elaborate on qldoc for API::EntryPoint
2022-03-14 17:52:07 +01:00
Asger Feldthaus
be65b9bebc
Ruby: remove spurious Instance token from getExtraSuccessorFromInvoke
2022-03-14 17:39:43 +01:00
Asger Feldthaus
072ad8f4a7
Ruby: add (from model) to remote flow description
2022-03-14 17:39:17 +01:00
Asger Feldthaus
37bbd46e43
Ruby: fix broken comment
2022-03-14 17:33:57 +01:00
Asger Feldthaus
c9d7651c59
Be explicit about re-exporting
2022-03-14 17:26:30 +01:00
Nick Rolfe
488c8ef609
Ruby: accept test changes after adding more literals
2022-03-14 15:49:22 +00:00
Nick Rolfe
2a892c39ac
Ruby: add change note for getConstantValue improvements
2022-03-14 15:45:58 +00:00
Nick Rolfe
a39aed52c6
Ruby: add more tests for edge cases in parsing of integers
2022-03-14 15:45:57 +00:00
Nick Rolfe
6c5868cfb5
Ruby: use NumberUtils in parseInteger
...
And make parse{Binary,Octal,Hex}Int hold only for values in the range
0 to 2^31-1 (incl.)
2022-03-14 15:45:57 +00:00
Nick Rolfe
6bd9616c6e
Ruby: interpret string escape sequences in getConstantValue()
2022-03-14 15:45:57 +00:00
Michael Nebel
bcdbfefb2b
Merge pull request #8329 from michaelnebel/csharp/model-generator
...
C#: Capture Summary models.
2022-03-14 16:10:05 +01:00
Erik Krogh Kristensen
c93f29b1a1
fix typo in change note
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-03-14 16:03:45 +01:00
Joe Farebrother
d4b5eed3e4
Merge pull request #8410 from joefarebrother/sensitive-logging
...
Java: Promote Sensitive Logging query
2022-03-14 14:50:26 +00:00
Henry Mercer
8b1b2af2d8
JS: Remove isEffectiveSinkWithOverridingScore
...
This was previously used in the ATM external API query, but is now dead
code.
2022-03-14 14:25:36 +00:00
Erik Krogh Kristensen
8c28b93427
QL: rename query to ql/name-casing
2022-03-14 15:03:58 +01:00
Erik Krogh Kristensen
87987872c6
QL: use an/a correctly in the alert message
2022-03-14 15:03:07 +01:00
Erik Krogh Kristensen
93fcfc3012
QL: use negative char classes to generalize query to detect e.g. underscores
2022-03-14 15:00:27 +01:00
Mathias Vorreiter Pedersen
7593ebaa62
C++: Use 'getAstVariable' now that 'getASTVariable' is deprecated.
2022-03-14 13:38:27 +00:00
Chris Smowton
9f02ca0db2
Merge pull request #8357 from p0wn4j/jdbc-url-ssrf-sink
...
Java: Add JDBC connection SSRF sinks
2022-03-14 13:27:34 +00:00
Michael Nebel
432ac7a824
C#: Deprecate the StructuralComparisonConfig class.
2022-03-14 14:17:56 +01:00
Michael Nebel
5a4a97569f
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in Constants.
2022-03-14 14:17:56 +01:00
Michael Nebel
5b5ea140d2
C#: Delete the Internal StructuralComparisonConfiguration class as it is no longer needed.
2022-03-14 14:17:56 +01:00
Michael Nebel
bf4dc0034a
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in Guards.
2022-03-14 14:17:56 +01:00
Michael Nebel
90b4eb9e13
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UnsafeLazyInitialization.
2022-03-14 14:17:56 +01:00
Michael Nebel
74b8e73133
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in MissedTernaryOpportunity.
2022-03-14 14:17:56 +01:00
Michael Nebel
94999d4df5
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UselessIsBeforeAs.
2022-03-14 14:17:56 +01:00
Michael Nebel
8e7c7d8259
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UselessNullCoalescingExpression.
2022-03-14 14:17:56 +01:00
Michael Nebel
4a1981edfd
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in NestedLoopsSameVariable.
2022-03-14 14:17:56 +01:00
Michael Nebel
b4f2fc60ec
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in SelfAssignment.
2022-03-14 14:17:56 +01:00
Michael Nebel
f241eef2ea
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in structuralComparison test.
2022-03-14 14:17:56 +01:00
Michael Nebel
6f5b2e8440
C#: Use Gvn comparison instead of StructuralComparisonConfiguration in UseTryGetValue.
2022-03-14 14:17:56 +01:00
Chris Smowton
ca8237b9de
Make comment into qldoc
2022-03-14 13:14:31 +00:00
Mathias Vorreiter Pedersen
50b77761f1
C++: Port the 'predictable' barrier from 'DefaultTaintTracking' to 'cpp/unclear-array-index-validation' to prevent an explosion of new results.
2022-03-14 13:14:07 +00:00
Joe Farebrother
e4b762b5c5
Improve qldoc; make taint tracking
2022-03-14 13:10:34 +00:00
Michael Nebel
21bcaf6a0e
C#/Java: After remaining code after rebase.
2022-03-14 14:08:49 +01:00
Michael Nebel
74352925e4
C#/Java: Remove inline from returnNodeEnclosingCallable.
2022-03-14 13:50:55 +01:00
Michael Nebel
48dc9d7057
C#/Java: Move containerContent to DataFlowPrivate.
2022-03-14 13:50:55 +01:00
Michael Nebel
b7803ef0b1
C#: Introduce SyntheticFieldContent in RelevantContent.
2022-03-14 13:50:55 +01:00
Michael Nebel
12ff2c6cd5
C#/Java: Improve comments in CaptureSummaryModels.
2022-03-14 13:50:55 +01:00
Michael Nebel
3ad9731e91
C#/Java: Add some more QL docs.
2022-03-14 13:50:50 +01:00
Michael Nebel
2476e716a2
C#: Move the isRelevantTaintStep and isRelevantContent into the shared utils.
2022-03-14 13:49:52 +01:00
Michael Nebel
665e3c9326
C#: Re-factor containerContent into standalone predicate in DataFlow library.
2022-03-14 13:49:51 +01:00
Michael Nebel
5d03e510d2
C#/Java: Include synthetic fields in isRelevantContent.
2022-03-14 13:49:51 +01:00
Michael Nebel
d881d31959
C#: Remove comma from QL Doc.
2022-03-14 13:49:51 +01:00
Michael Nebel
cd03af3be4
C#: Get rid of the isOwnInstanceAccess based on ReturnStmt.
2022-03-14 13:49:46 +01:00
Mathias Vorreiter Pedersen
0bf4ce7cf1
Merge pull request #8427 from MathiasVP/fix-bad-join-in-return-stack-allocated-memory
...
C++: Fix join in `cpp/return-stack-allocated-memory`
2022-03-14 12:49:30 +00:00
Michael Nebel
34a91f1aac
C#: Rename CaptureSummaryModelsQuery to CaptureSummaryModels.
2022-03-14 13:48:56 +01:00
Michael Nebel
94a840e96b
C#: Add some more testcases for flow summary generation.
2022-03-14 13:48:56 +01:00
Michael Nebel
36e0c683bd
C#: Add QL Doc to the primary predicate used for capturing flow.
2022-03-14 13:48:56 +01:00
Michael Nebel
e8aacb710e
C#: Add file level QL Doc to Capture Summary models specific implementations.
2022-03-14 13:48:56 +01:00
Michael Nebel
d114582b56
C#: Add QLDoc to the shared Capture summary models library.
2022-03-14 13:48:51 +01:00
Michael Nebel
8d2593ba0c
C#: Add expected output from running the test.
2022-03-14 13:47:24 +01:00
Michael Nebel
4d46b581c3
C#: Add some initial examples.
2022-03-14 13:47:24 +01:00
Michael Nebel
75b4632815
C#: Add test query.
2022-03-14 13:47:24 +01:00
Michael Nebel
20cbd6b332
Java/C#: Include the share files in sync files.
2022-03-14 13:47:24 +01:00
Michael Nebel
b08e696d42
C#: Add query.
2022-03-14 13:47:24 +01:00
Michael Nebel
31a374afa3
C#: Add copy of the shared CaptureSummaryModels logic.
2022-03-14 13:47:24 +01:00
Michael Nebel
e5cce6cca3
C#: Add initial implementation of specific predicates needed to capture summary models.
2022-03-14 13:47:24 +01:00
Michael Nebel
82d93d0f9e
Java: Refactor CaptureSummaryModels code to enable re-use in C#.
2022-03-14 13:47:20 +01:00
Michael Nebel
ba233ed7a1
Java: Rearrange and refactor language specific content into standalone predicates.
2022-03-14 13:46:24 +01:00
Chris Smowton
b351d5bc2f
Autoformat
2022-03-14 12:44:40 +00:00
Michael Nebel
6259ecfc12
C#: Add copy of shared functionality.
2022-03-14 13:43:51 +01:00
Michael Nebel
dadc143b60
C#: Add printer predicates for parameter and return nodes.
2022-03-14 13:43:51 +01:00
Michael Nebel
2b90b5ff62
C#: Add isRelevant predicates.
2022-03-14 13:43:51 +01:00
Michael Nebel
81c8cac77e
C#: Add partial model printer for TargetApi class.
2022-03-14 13:43:51 +01:00
Michael Nebel
9c6ed0ade3
C#: Add TargetAPI class.
2022-03-14 13:43:51 +01:00
Michael Nebel
9ca199c9ae
Java: Move generic code out of language specific file for model generation.
2022-03-14 13:43:45 +01:00
Michael Nebel
a2d9f4f6f4
Java: Introduce language specific file for model generator code.
2022-03-14 13:40:40 +01:00
jorgectf
a0bf68f7cd
Generally extend TaintTracking::AdditionalTaintStep
2022-03-14 13:39:20 +01:00
Michael Nebel
a1c642685a
Java: Re-arrange code in ModelGeneratorUtils.
2022-03-14 13:35:56 +01:00
Erik Krogh Kristensen
689f3c0478
update some references to deprecated module names
2022-03-14 13:28:34 +01:00
Erik Krogh Kristensen
7c4f9f92fb
Merge pull request #8422 from erik-krogh/depMore
...
JS: Address some code that weren't affecting any query result
2022-03-14 13:24:08 +01:00
Chris Smowton
f83ea25ead
Add change note
2022-03-14 12:14:37 +00:00
Erik Krogh Kristensen
548e50c676
QL: add quick-eval predicate to detect unqueryable code
2022-03-14 13:04:22 +01:00
Erik Krogh Kristensen
2250ebc5e2
remove leftover comments
2022-03-14 13:04:22 +01:00
Erik Krogh Kristensen
3bf5e06d53
delete all dead code
2022-03-14 13:03:31 +01:00
Mathias Vorreiter Pedersen
7c411b4bad
C++: Respond to review comments
2022-03-14 11:57:28 +00:00
Erik Krogh Kristensen
27d41cba7e
QL: add ql/dead-code query
2022-03-14 12:57:02 +01:00
Chris Smowton
aada8d3af9
Merge pull request #8405 from smowton/smowton/fix/range-analysis-use-ranked-phi-nodes
...
C#/Java: Range analysis: use ranked phi nodes
2022-03-14 11:55:55 +00:00
Erik Krogh Kristensen
a4525bbb29
add change-note
2022-03-14 12:22:39 +01:00
Erik Krogh Kristensen
ad2ab5602e
PY: rename remaining private python modules
2022-03-14 12:22:33 +01:00
Mathias Vorreiter Pedersen
0da5d91955
Merge branch 'main' into use-taint-configuration-in-three-more-queries
2022-03-14 11:12:23 +00:00
Jeroen Ketema
4c2081b7fc
Merge pull request #8401 from jketema/taint-flow
...
Extend taint tracking interface with flow states
2022-03-14 12:06:10 +01:00
Mathias Vorreiter Pedersen
31b1e4079f
C++: Prevent join-on-enclosing-callable in 'cpp/return-stack-allocated-memory'.
2022-03-14 11:01:07 +00:00
Rasmus Wriedt Larsen
2f4a22c86c
Merge pull request #6112 from jorgectf/jorgectf/python/deserialization
...
Python: Port and extend XXE modeling
2022-03-14 11:59:28 +01:00
Erik Krogh Kristensen
8515a70fe6
JS: fix all ql/no-upper-case-variables
2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
02127b40cd
PY: fix all ql/no-upper-case-variables
2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
83f26eb833
rename all upper-case variables to start with a lower-case letter
2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
4f0d4ecf6e
QL: add no-uppercase-variables query
2022-03-14 11:50:48 +01:00
Erik Krogh Kristensen
7d6700a943
Merge branch 'main' into depMore
2022-03-14 11:49:18 +01:00
Erik Krogh Kristensen
c06336480c
add change note
2022-03-14 11:41:53 +01:00
Erik Krogh Kristensen
bbb2847ec1
Merge pull request #8323 from erik-krogh/acronyms
...
Enforcing consistent casing of acronyms
2022-03-14 11:38:25 +01:00
Jeroen Ketema
c832b21fbe
Add change notes for changes to the taint tracking library
2022-03-14 10:38:48 +01:00
Erik Krogh Kristensen
6d66ea4253
also deprecate the definitionReaches predicate, it was only used in a test
2022-03-14 10:14:15 +01:00
Erik Krogh Kristensen
54760081dc
add pointers to the qldoc of deprecated predicates
2022-03-14 10:10:38 +01:00
Alex Ford
6eca036b44
Ruby: Add qldoc for Cryptography module (from python version)
2022-03-14 08:57:13 +00:00
Tony Torralba
1f4f4207b5
Add missing security-severity scores
2022-03-14 09:50:14 +01:00
Tom Hvitved
06b8f74644
C#: Avoid combinatorial explosion in structural comparison library
...
In cases where the target of a call/access has multiple values (which is a DB
inconsistency), the GVN construction underlying the structural comparision library
may run into a combinatorial explosion. This change excludes such expressions from
the GVN construction.
2022-03-14 09:07:45 +01:00
ihsinme
62381d0762
Update test.cpp
2022-03-14 09:36:28 +03:00
ihsinme
de92356c88
Update InsecureTemporaryFile.expected
2022-03-14 09:35:03 +03:00
ihsinme
1db759cc4d
Update InsecureTemporaryFile.ql
2022-03-14 09:33:08 +03:00
4B5F5F4B
597603a3a6
Create cve-2017-5123.ql
...
Add query to detect CVE-2017-5123
2022-03-14 09:44:30 +08:00
4B5F5F4B
4030561eb7
Delete CVE
2022-03-14 09:43:04 +08:00
4B5F5F4B
880c12bd34
Create CVE
2022-03-14 09:42:40 +08:00
Erik Krogh Kristensen
8f86b067e7
deprecate the unused localTaintStep and stringStep predicates
2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
cc231fef4c
deprecate some unused predicate in DefUse.qll
2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
c0a63beec1
deprecate unused document predicates in DOM.qll
2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
5e52a71091
remove test .qll files that weren't imported
2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
4fc85a791d
deprecate DefiningIdentifier, it was not used in any query
2022-03-13 23:54:53 +01:00
Erik Krogh Kristensen
9cf0a94e4d
use some Sanitizer classes that were unused in the query code
2022-03-13 23:54:53 +01:00
Alex Ford
fc232ce55f
Ruby: changenote for rb/weak-cryptographic-algorithm
2022-03-13 21:25:28 +00:00
Alex Ford
94d5f3bb1f
Ruby: Add rb/weak-cryptographic-algorithm query
2022-03-13 21:25:28 +00:00
Alex Ford
40b87e6df7
Ruby: tests for rb/weak-cryptographic-algorithm
2022-03-13 21:25:24 +00:00
Alex Ford
446141ada3
Ruby: qhelp for rb/weak-cryptographic-algorithm
2022-03-13 21:25:12 +00:00
Alex Ford
4234cfeeec
Ruby: model CipherOperations for OpenSSL
2022-03-13 21:21:52 +00:00
Alex Ford
489391eb4c
Ruby: add CryptographicOperation concept
2022-03-13 21:21:52 +00:00
Dave Bartolomeo
afa3399e27
Zero diffs between Java AST and Semantic range analysis
2022-03-13 13:38:21 -04:00
jorgectf
ded9663f2b
Finish taint steps
2022-03-13 13:59:03 +01:00
Dave Bartolomeo
8b4d6a26ef
Performance improvements for semantic layer construction
2022-03-12 11:28:12 -05:00
p0wn4j
ee67d27b56
Java: Add JDBC connection SSRF sinks
2022-03-12 16:35:32 +04:00
Arthur Baars
f59f36b863
Use RUNNER_TEMP instead of runner.temp
2022-03-11 21:13:41 +01:00
Joe Farebrother
b924de631f
Add change note, minor docs improvement
2022-03-11 17:58:52 +00:00
Ahmed Farid
3c9de6f488
Update Zip.qll
2022-03-11 18:50:37 +01:00
Joe Farebrother
594d51e84d
Exclude constants
2022-03-11 17:45:42 +00:00
Joe Farebrother
06f2c03828
Add tests
2022-03-11 17:44:52 +00:00
Arthur Baars
7da0889813
Update check-qldoc.yml
2022-03-11 17:45:23 +01:00
Arthur Baars
e1f9eca272
Update check-qldoc.yml
2022-03-11 17:44:55 +01:00
Jonathan Leitschuh
50ff2c2c68
Code cleanup from code review
2022-03-11 11:44:15 -05:00
Robert Marsh
5c04516179
Merge pull request #8390 from redsun82/remove-unique-from-uuid
...
C++: Remove uniqueness constraint from uuid
2022-03-11 11:08:34 -05:00
Alex Ford
808cc9cf35
Merge pull request #8396 from alexrford/ruby/charpred-only-field
...
Ruby: resolve `ql/field-only-used-in-charpred` alerts
2022-03-11 15:48:05 +00:00
Erik Krogh Kristensen
fa37ece593
Merge pull request #8408 from erik-krogh/pathProblem
...
QL: make a query checking for `edges` relation in a path-problem query
2022-03-11 16:27:46 +01:00
Erik Krogh Kristensen
14e0d387e7
add a ql/path-problem-query query
2022-03-11 16:06:27 +01:00
Alex Ford
757aa294aa
Update ruby/ql/lib/codeql/ruby/ast/internal/Scope.qll
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-03-11 14:53:02 +00:00
Tony Torralba
c49d19eb0f
Merge pull request #8407 from smowton/smowton/admin/revert-8325
...
Java: Revert #8325 , Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
2022-03-11 14:55:10 +01:00
Arthur Baars
cf4b834536
Address comments
2022-03-11 14:25:34 +01:00
Ahmed Farid
f092cd8d80
Update Zip.qll
2022-03-11 14:15:05 +01:00
Ahmed Farid
eb71cdf7a2
Update ZipSlip.ql
2022-03-11 14:13:28 +01:00
Ahmed Farid
0de1cef26e
Update ZipSlip.qll
2022-03-11 14:03:17 +01:00
Chris Smowton
58d4513d84
Change note
2022-03-11 12:51:13 +00:00
Chris Smowton
496cae7742
Revert 8325, Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
...
As pointed out in 8325's thread, this breaks the corner case of char-literal addition and the convention that getStringValue only applies to String-typed constants.
2022-03-11 12:45:53 +00:00
Chris Smowton
579b57cf67
Range analysis: use ranked phi nodes
...
This borrows a technique (and the implementing code) off Modulus analysis.
2022-03-11 12:32:12 +00:00
Erik Krogh Kristensen
1e365611fc
fix all other implicit-this warnings introduced by the acronym patch
2022-03-11 13:22:07 +01:00
github-actions[bot]
7ac7657ffc
JS: Bump patch version of ML-powered library and query packs post-release
2022-03-11 12:17:13 +00:00
Erik Krogh Kristensen
2e2970128e
fix typo in change-note
2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
a5a82a0b58
JS: remove accidential copy-pasted change-note
2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
b63b675169
RB: add explicit-this
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-03-11 13:16:10 +01:00
github-actions[bot]
2f6886642c
JS: Bump minor version of ML-powered library and query packs
2022-03-11 12:13:03 +00:00
Jeroen Ketema
a8b2805aeb
Merge pull request #8246 from ihsinme/ihsinme-patch-82
...
CPP: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf
2022-03-11 12:54:49 +01:00
Chris Smowton
b1a42816bd
Merge pull request #8402 from smowton/smowton/admin/revert-8360
...
Java: Revert #8360 , "Add CompileTimeConstantExpr.getStringified method"
2022-03-11 11:54:24 +00:00
Erik Krogh Kristensen
e625d17978
Merge pull request #8374 from erik-krogh/nonDocBlock
...
QL: add query detecting block comments in a position where a QLDoc should be
2022-03-11 12:24:44 +01:00
Jeroen Ketema
93a0da75b6
Fix taint tracking configurations that broke due to interface change
2022-03-11 12:18:04 +01:00
Chris Smowton
46cd85c70b
Revert #8360 , "Add CompileTimeConstantExpr.getStringified method"
2022-03-11 11:13:21 +00:00
Jeroen Ketema
cd28f09ae0
Extend taint tracking interface with flow states
2022-03-11 11:50:35 +01:00
Jeroen Ketema
80c6253a57
C++: Remove private imports unused after deprecated cleanup
2022-03-11 11:47:44 +01:00
Chris Smowton
f006cd0e37
Merge pull request #8360 from JLLeitschuh/feat/JLL/compile_time_constant_getStringified
...
[Java] Add CompileTimeConstantExpr.getStringified method
2022-03-11 10:34:52 +00:00
Erik Krogh Kristensen
4f8f7cd57d
JS: update expected output of test
2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
1a275a32f7
add change-notes
2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
c2787ee18b
RB: add missing QLDoc
2022-03-11 11:18:09 +01:00
Erik Krogh Kristensen
8f08b4ccc8
JS: add missing QLDoc
2022-03-11 11:18:01 +01:00
Erik Krogh Kristensen
25690759fd
JS: update expected test output
2022-03-11 11:17:41 +01:00
Erik Krogh Kristensen
bb32c79f0c
Java: add missing qldoc
2022-03-11 11:17:38 +01:00
Erik Krogh Kristensen
cc43a94385
Java: remove duplicated class
2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
b568bb91ef
JS: remove duplicated predicate
2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
ed54d7b74b
fixup getAPrimaryQlClass
2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
23191b1f2c
C#: rename XmlComment to XmlCommentLine to avoid naming conflict
2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
69353bb014
patch upper-case acronyms to be PascalCase
2022-03-11 11:10:33 +01:00
Erik Krogh Kristensen
e3a15792fa
QL: add query detecting upper-case acronyms
2022-03-11 11:05:45 +01:00
Erik Krogh Kristensen
122ab6e6d8
C#: fix some ql/non-doc-block warnings
2022-03-11 11:02:58 +01:00
Erik Krogh Kristensen
ddf93b555e
PY: fix some ql/non-doc-block warnings
2022-03-11 11:02:58 +01:00
Erik Krogh Kristensen
8db51b49f3
QL: fix ql/non-doc-block in QL-for-QL
2022-03-11 11:02:58 +01:00
Erik Krogh Kristensen
8483b9fd65
QL: add query detecting block comments in a position where a QLDoc should be
2022-03-11 11:02:56 +01:00
Tony Torralba
c99bad4047
Recover old change note
2022-03-11 10:35:04 +01:00
Mathias Vorreiter Pedersen
3c17d90e3b
C++: Accept test changes.
2022-03-11 09:30:44 +00:00
Mathias Vorreiter Pedersen
272e096190
Merge branch 'main' into use-taint-configuration-in-three-more-queries
2022-03-11 09:24:03 +00:00
github-actions[bot]
3a5ebbb861
Post-release preparation for codeql-cli-2.8.3
2022-03-11 09:23:34 +00:00
github-actions[bot]
4bd2553a7f
Post-release preparation for codeql-cli-2.8.3
2022-03-11 09:23:25 +00:00
Erik Krogh Kristensen
df9533f46e
Merge pull request #8347 from erik-krogh/depBeGone
...
remove all deprecations that are over a year old
2022-03-11 10:01:07 +01:00
Arthur Baars
42ca3f319b
Merge pull request #8397 from github/release-prep/2.8.3
...
Release preparation for version 2.8.3
2022-03-11 08:08:01 +01:00
Arthur Baars
77b879f480
Merge pull request #701 from github/release-prep/2.8.3
...
Release preparation for version 2.8.3
2022-03-11 08:07:57 +01:00
Jonathan Leitschuh
1c9864286d
Remove SystemProperty from FlowSources
2022-03-10 18:29:29 -05:00
Jeroen Ketema
007e33ad46
Fix C++ changelog heading and itemization
2022-03-10 23:11:07 +01:00
Robert Marsh
1e2cc4fca8
C++: change note for template implicit copy ops
2022-03-10 15:26:24 -05:00
Erik Krogh Kristensen
d316ad198e
Merge pull request #8380 from erik-krogh/chainedCalls
...
JS: support that the base is not a method-call in getAChainedMethodCall
2022-03-10 21:13:42 +01:00
github-actions[bot]
6b194bc55f
Release preparation for version 2.8.3
2022-03-10 19:43:58 +00:00
github-actions[bot]
e7cf172119
Release preparation for version 2.8.3
2022-03-10 19:43:52 +00:00
Alex Ford
305a51754c
Run python config/sync-files.py
2022-03-10 18:34:16 +00:00
Alex Ford
506989ff91
Ruby: simplify some charpreds
2022-03-10 18:27:43 +00:00
Alex Ford
25416babe0
Ruby: resolve ql/field-only-used-in-charpred alerts
2022-03-10 18:27:43 +00:00
Alex Ford
0f0a51e2e0
Ruby: update test output
2022-03-10 18:27:06 +00:00
ihsinme
ac8adeabf5
Update ImproperCheckReturnValueScanf.expected
2022-03-10 21:12:23 +03:00
ihsinme
623f3fbe21
Update test.cpp
2022-03-10 21:10:41 +03:00
Erik Krogh Kristensen
9466043169
CPP: remove remaining ObjectiveC references
2022-03-10 19:00:49 +01:00
Alex Ford
2b25765156
Format QL
2022-03-10 17:55:42 +00:00
Alex Ford
43fb759dfa
Ruby: add a few more rb/clear-text-storage-sensitive-data test cases
2022-03-10 17:52:50 +00:00
Alex Ford
37c0702cdd
Ruby: update test output
2022-03-10 17:50:29 +00:00
Alex Ford
0b73088ed4
Ruby: link to sink in rb/clear-text-storage-sensitive-data message
2022-03-10 17:38:52 +00:00
Alex Ford
0f3cf47ca9
Ruby/JS/Py: Add "random" to the notSensitiveRegexp() heuristic
2022-03-10 17:38:52 +00:00
Alex Ford
532fc080a1
Ruby: Fix inconsistencies in checking for sensitive names in CleartextSources
2022-03-10 17:38:52 +00:00
Alex Ford
8be1be388e
Ruby: update CleartextStorage test output for source locations
2022-03-10 17:38:52 +00:00
Alex Ford
fda2b56e20
Ruby: move rb/clear-text-storage-sensitive-data location from sink to source
2022-03-10 17:38:52 +00:00
Alex Ford
4618000567
Ruby: move an import into CleartextStorage.ql
2022-03-10 17:38:52 +00:00
Alex Ford
853fbe8911
Ruby: Fix CleartextStorageCustomizations to use PersistentWriteAccess
2022-03-10 17:38:52 +00:00
Alex Ford
a1a7c31661
Ruby: drop an outdated TODO
2022-03-10 17:38:52 +00:00
Alex Ford
9fe7d6e143
Ruby: fix typo
...
Co-authored-by: Harry Maclean <hmac@github.com >
2022-03-10 17:38:52 +00:00
Alex Ford
0e2709f809
Ruby: changenote for rb/clear-text-storage-sensitive-data
2022-03-10 17:38:52 +00:00
Alex Ford
ef29a372a4
Ruby: Cleartext storage tests
2022-03-10 17:38:52 +00:00
Alex Ford
0070e30377
Ruby: Add rb/clear-text-storage-sensitive-data query
2022-03-10 17:38:52 +00:00
Alex Ford
7084718b07
Ruby: factor out common parts of CleartextLoggingCustomizations into CleartextSources
2022-03-10 17:38:52 +00:00
Alex Ford
19c7f7be46
Merge pull request #8271 from github/alexrford/ruby/orm-write-access
...
Ruby: Add `OrmWriteAccess` concept to model writes to a DB using an ORM
2022-03-10 17:35:02 +00:00
Jonathan Leitschuh
ecb8911756
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-03-10 11:48:16 -05:00
ihsinme
a094e6f63b
Update test.cpp
2022-03-10 17:56:34 +03:00
ihsinme
fa3ce61369
Update test.cpp
2022-03-10 17:54:03 +03:00
Tom Hvitved
d4808a7b4a
Merge pull request #8389 from hvitved/ruby/regex-unique-get-value
...
Ruby: Avoid multiple `RegExpEscape::getValue` results
2022-03-10 15:53:28 +01:00
Joe Farebrother
4bf6c10896
Split configs into Query.qll library
2022-03-10 13:23:40 +00:00
Erik Krogh Kristensen
41778328c2
Update javascript/ql/lib/semmle/javascript/dataflow/Sources.qll
...
Co-authored-by: Stephan Brandauer <kaeluka@github.com >
2022-03-10 14:16:28 +01:00
Taus
4ee4bba4d1
Merge branch 'main' into ZipSlip
2022-03-10 13:30:51 +01:00
Mathias Vorreiter Pedersen
bff10e8ea1
C++: Add change note.
2022-03-10 10:59:04 +00:00
Mathias Vorreiter Pedersen
0d3e47bcae
C++: Pick the offset expression as the sink in 'cpp/unclear-array-index-validation' (and not the array expression).
2022-03-10 10:57:51 +00:00
Mathias Vorreiter Pedersen
5de2e24e9a
Merge pull request #8358 from geoffw0/cwe497c
...
C++: Upgrade cpp/system-data-exposure to high precision
2022-03-10 10:49:19 +00:00
Erik Krogh Kristensen
c2743177af
JS: delete the TrackedNodes.qll, it had no public interface left
2022-03-10 11:34:17 +01:00
Mathias Vorreiter Pedersen
693eca2179
C++: Give 'cpp/unclear-array-index-validation' precision low.
2022-03-10 10:17:08 +00:00
Chris Smowton
3113b27606
Fix style
2022-03-10 10:03:14 +00:00
Tom Hvitved
208851cb91
Merge pull request #7084 from hvitved/ruby/self-flow
...
Ruby: Cleanup flow through `self`
2022-03-10 10:50:24 +01:00
Tom Hvitved
5b974582e3
Merge pull request #8322 from hvitved/csharp/remove-odasa-legacy
...
C#: Remove legacy `odasa` support
2022-03-10 10:34:33 +01:00
Paolo Tranquilli
34829e92b1
C++: Remove uniqueness constraint from uuid
...
Different class definitions can have the same uuid. This happens for
example when using `#import <msxml6.dll>` there will be several C++
classes generated in `msxml6.tlh` which will share uuids with
`extern "C"` struct declarations in the system header `msxml.h`.
Notice that as far as the standard cpp QL library and queries go, we
expose `getUuid()` on `UserType` and we never try to invert it, so we
only rely on uniqueness of the `id` column in the `usertype_uuid` table,
not the `uuid` column.
Closes github/codeql-c-team#893
2022-03-10 10:33:37 +01:00
Tom Hvitved
76663f80f0
Ruby: Avoid multiple RegExpEscape::getValue results
2022-03-10 10:32:24 +01:00
Tom Hvitved
0d71f0ab40
Ruby: Add regex unicode test
2022-03-10 10:30:17 +01:00
Erik Krogh Kristensen
fa766126e5
CPP: remove import of deleted deprecation
2022-03-10 10:25:03 +01:00
Erik Krogh Kristensen
a96223c9c1
PY: remove leftover comments
2022-03-10 10:25:03 +01:00
Erik Krogh Kristensen
e6b0552114
JS: delete leftover comment
2022-03-10 10:25:02 +01:00
Erik Krogh Kristensen
53d557c037
CPP: delete file that that had been deprecated for over a year
2022-03-10 10:24:57 +01:00
Tom Hvitved
37f5db5baa
Ruby: Reduce captureFlow(In|Out)
...
When there is flow in/out of a block through a captured variable, we can restrict
the calls that give rise to the flow to the method calls to which the blocks
belong.
2022-03-10 10:21:51 +01:00
Geoffrey White
9e3156dd1c
Merge branch 'main' into cwe497c
2022-03-10 09:05:58 +00:00
Erik Krogh Kristensen
b9b65005d6
C#: delete leftover comment
2022-03-10 10:02:36 +01:00
ihsinme
4b451cfee6
Update ImproperCheckReturnValueScanf.expected
2022-03-10 10:13:04 +03:00
ihsinme
5e23615be7
Update test.cpp
2022-03-10 10:12:29 +03:00
Alex Ford
edf8a3f810
Ruby: update test output
2022-03-10 00:17:29 +00:00
Alex Ford
ace60df619
Ruby: add missing qldoc
2022-03-10 00:00:02 +00:00
Dave Bartolomeo
00ae5de780
Make semantic modulus analysismatch Java results
2022-03-09 18:06:43 -05:00
Alex Ford
8abee165a5
Ruby: test cases for PersistentWriteAccess in rails model class
2022-03-09 22:35:40 +00:00
Alex Ford
a040b67434
Ruby: drop some redundant extends classes
2022-03-09 19:13:58 +00:00
Alex Ford
d85424d0e0
Ruby: Drop ActiveRecord::Persistence.ModifyAndSaveCall
2022-03-09 19:10:53 +00:00
Alex Ford
19c413d5fb
Ruby: Drop setsKeyValuePair/2 predicate from ActiveRecord::Persistence.ModifyAndSaveCall
2022-03-09 19:09:18 +00:00
Alex Ford
ee433637f8
Ruby: replace OrmWriteAccess with PersistentWriteAccess concept
2022-03-09 18:59:16 +00:00
Erik Krogh Kristensen
34c7bcadde
CPP: delete LocalScopeVariableReachability.qll
2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
9c4fcf4c6d
fix typo in change-note
...
Co-authored-by: Stephan Brandauer <kaeluka@github.com >
2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
b45d06df9a
PY: remove leftover comment
2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
755b0bbcb9
PY: update tests to not use deleted deprecations
2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
61e282da84
PY: delete test that mostly used deleted deprecated features
2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
6a28ddd9ec
JS: un-deprecate deleted deprecated class that defined taint-steps
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
e140548547
C++: reintroduce deprecated predicates that affect an internal test
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
309e376c6d
PY: convert test to not use deleted deprecations
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
59db0e7a0f
JS: delete unused predicate
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
c48a5a1294
JS: update tests to not use deleted deprecations
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
9e46239928
CPP: remove 13 month old deprecation that override an even older deprecation
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
417def8c8b
only mark deprecations as old after 14 months
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
d5a76e8c98
Python: delete test that only used deprecated classes
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
91af2f14b1
CPP: update expected output after deleting deprecated things
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
a1769f8036
Python: add default implementation of getName() and deprecate it
2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
e721094182
Python: remove old deprecation that was recently updated by an automated patch of mine
2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
b8d632810e
Python: remove deprecation that were recently updated from an automated patch of mine
2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
5312e4a8b5
add change note that all old deprecations were deleted
2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
f924d69dbd
Java: remove deprecations that were recently updated from an automated patch of mine
2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
6dd3f7f113
CPP: remove old deprecated predicate that was recently updated by an automated patch of mine
2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
1e445856e7
CPP: remove leftover line comment
2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
a86f0afb3c
delete all deprecations that are over 14 months old
2022-03-09 18:28:07 +01:00
Erik Krogh Kristensen
ef07aaa998
add script for detecting deprecations that are over a year old
2022-03-09 18:25:07 +01:00
Mathias Vorreiter Pedersen
dfb20f7721
Merge pull request #8368 from MathiasVP/add-must-flow-lib
...
C++: Factor must-flow predicates out of two queries
2022-03-09 17:07:23 +00:00
Jonathan Leitschuh
2a6c4e9350
Add localFlowPlusInitializers
2022-03-09 11:06:26 -05:00
Jonathan Leitschuh
363fff2358
Cleanup from code review feedback
2022-03-09 10:48:06 -05:00
Taus
7b877fb317
Merge pull request #8336 from tausbn/python-fix-a-bunch-of-ql-warnings
...
Python: Fix a bunch of QL warnings
2022-03-09 16:31:28 +01:00
Jonathan Leitschuh
65457cc2e2
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-03-09 10:25:05 -05:00
Mathias Vorreiter Pedersen
17cec52af8
Merge pull request #8385 from erik-krogh/orderByConst
...
QL: add query detecting ordering by a constant
2022-03-09 14:18:35 +00:00
Mathias Vorreiter Pedersen
f2676968f0
C++: Actally convert 'cpp/overflow-destination' to a path-problem query.
2022-03-09 13:49:52 +00:00
Michael Nebel
fbe8f75903
Merge pull request #8038 from michaelnebel/csharp/gvn-cfecomparison
...
C#: Refactor Structural Comparison for Control Flow Elements.
2022-03-09 13:36:42 +01:00
Tom Hvitved
aa1284aa03
Ruby: Cache two more data flow predicates
2022-03-09 13:17:14 +01:00
Tom Hvitved
1e1b2e284d
Ruby: Cleanup flow through self
2022-03-09 13:17:11 +01:00
Mathias Vorreiter Pedersen
8a8fb692a3
C++: Use a 'TaintTracking::Configuration' for 'cpp/uncontrolled-allocation-size'.
2022-03-09 12:09:32 +00:00
Mathias Vorreiter Pedersen
2328898b19
C++: Use a 'TaintTracking::Configuration' for 'cpp/unclear-array-index-validation'.
2022-03-09 12:09:27 +00:00
Mathias Vorreiter Pedersen
d7652f9742
C++: Use a 'TaintTracking::Configuration' for 'cpp/overflow-destination'.
2022-03-09 12:07:25 +00:00
Michael Nebel
d0cb984f9e
Merge pull request #6 from hvitved/csharp/gvn-cfecomparison
...
C#: Code review suggestions
2022-03-09 12:11:23 +01:00
Arthur Baars
747c7f6b5e
JS/Ruby: share implementation of IncompleteUrlSubstringSanitization query
2022-03-09 12:11:14 +01:00
Erik Krogh Kristensen
cebd24156c
support that the base is not a method-call in getAChainedMethodCall
2022-03-09 11:12:04 +01:00
Rasmus Wriedt Larsen
0e9da4aadb
Python: Resolve name conflict over XML module
...
Not the prettiest solution... but it works ¯\_(ツ)_/¯
2022-03-09 11:02:28 +01:00
Tom Hvitved
c51ddd0d35
C#: Code review suggestions
2022-03-09 10:50:53 +01:00
Tom Hvitved
275902d558
Merge pull request #8373 from hvitved/ruby/regex-multiples-parse-fix
...
Ruby: Fix incorrect parsing of ranges
2022-03-09 10:30:01 +01:00
Tom Hvitved
7f0fa15fbc
Address review comment
2022-03-09 09:19:37 +01:00
Tom Hvitved
e4247e4ef6
C#: Add change note
2022-03-09 09:19:37 +01:00
Tom Hvitved
c463dc9d1a
C#: Remove legacy odasa support
...
The following environment variables are no longer supported:
```
ODASA_BUILD_ERROR_DIR
ODASA_CSHARP_LAYOUT
ODASA_SNAPSHOT
SEMMLE_DIST
SEMMLE_EXTRACTOR_OPTIONS
SEMMLE_PLATFORM_TOOLS
SEMMLE_PRESERVE_SYMLINKS
SOURCE_ARCHIVE
TRAP_FOLDER
```
2022-03-09 09:19:37 +01:00
Owen Mansel-Chan
807ef2e5ef
Merge pull request #700 from smowton/smowton/fix/filepath-clean
...
Treat path.Clean and filepath.Clean alike re: tainted path sanitization
2022-03-09 06:18:26 +00:00
Dave Bartolomeo
ec3e643120
Remove direct dependencies on import java
2022-03-09 00:06:17 -05:00
jorgectf
447636bf1c
Attempt to add MyBatis' sinks and taint steps to SQL and OGNL injection queries
2022-03-09 04:21:26 +01:00
jorgectf
e000163614
Properly model AbstractSQL sinks and taint steps
2022-03-09 04:20:34 +01:00
Ahmed Farid
475cca0d7e
Update ZipSlip.qll
2022-03-09 00:00:52 +01:00
Ahmed Farid
27b9d6c752
Update ZipSlip.qll
2022-03-08 23:59:03 +01:00
Ahmed Farid
23bd53a325
Update zipslip_good.py
2022-03-08 23:55:17 +01:00
Dave Bartolomeo
09a5fded1c
Clean up SemanticCFG
2022-03-08 17:36:13 -05:00
Dave Bartolomeo
04fae43734
Minimize language-specific code for sign analysis
2022-03-08 17:13:06 -05:00
Tom Hvitved
f5fbf50d7d
Ruby: Fix incorrect parsing of ranges
2022-03-08 19:53:17 +01:00
Tom Hvitved
89c3d0535a
Ruby: Add regex test that outputs all RegExpTerms
2022-03-08 19:53:17 +01:00
Tom Hvitved
073302f196
Ruby: Add another regex consistency test
2022-03-08 19:53:17 +01:00
Tom Hvitved
a70ed71c01
Merge pull request #8370 from hvitved/ruby/regex-group-name-off-by-one
...
Ruby: Fix off-by-one error in `getGroupName`
2022-03-08 19:52:32 +01:00
Chris Smowton
e8084233b8
Treat path.Clean and filepath.Clean alike re: tainted path sanitization
2022-03-08 16:42:59 +00:00
Geoffrey White
9ebdb2ac1d
C++: QLDoc.
2022-03-08 16:12:58 +00:00
Tom Hvitved
5f48cc06bb
Ruby: Fix off-by-one error in getGroupName
2022-03-08 15:59:47 +01:00
Tom Hvitved
6dd126b6e3
Ruby: Add regex group tests
2022-03-08 15:59:28 +01:00
Mathias Vorreiter Pedersen
d8bad778ed
C++: Fix QLDoc
2022-03-08 14:38:39 +00:00
Tom Hvitved
86121164c5
Merge pull request #8364 from hvitved/ruby/fix-regex-parse
...
Ruby: Fix regex parsing of `/[|]/`
2022-03-08 15:26:29 +01:00
Taus
063a8bbc43
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-03-08 15:20:35 +01:00
Michael Nebel
ec75bbc748
Merge pull request #8203 from michaelnebel/csharp/extractor-option-buildless
...
C#: Refactoring - Move some of the standalone extractor code to the Standalone project.
2022-03-08 14:32:59 +01:00
Mathias Vorreiter Pedersen
69417e150a
C++: Address review comments.
2022-03-08 13:15:02 +00:00
Mathias Vorreiter Pedersen
1bf430529b
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-03-08 13:07:17 +00:00
Mathias Vorreiter Pedersen
edf629f5aa
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-03-08 13:07:09 +00:00
Mathias Vorreiter Pedersen
bfa0714577
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-03-08 13:06:53 +00:00
Mathias Vorreiter Pedersen
9e7b0925c6
Merge pull request #8366 from jketema/code-duplication-deprecated
...
C++: Mark everything in CodeDuplication.qll as deprecated
2022-03-08 12:47:50 +00:00
Jeroen Ketema
3877598c12
C++: Remove cpp/duplicated-lines-in-files which was deprecated over a year ago
2022-03-08 12:58:19 +01:00
Mathias Vorreiter Pedersen
7106fe35aa
C++: Accept test changes. This is just a change in the names of the path nodes. These names are actually better as they don't refer to the name of IR instructions.
2022-03-08 11:40:56 +00:00
Mathias Vorreiter Pedersen
8c5b3368e1
C++: Make the two must-flow queries use the new must-flow library
2022-03-08 11:40:56 +00:00
Mathias Vorreiter Pedersen
ee9c0dcb83
C++: Add library for must-flow.
2022-03-08 11:40:56 +00:00
Jeroen Ketema
b039b91fd8
C++: Add change note
2022-03-08 12:36:11 +01:00
Jeroen Ketema
df1e810f13
C++: Remove duplicate code queries that were deprecated over a year ago
2022-03-08 12:28:41 +01:00
Jeroen Ketema
d2e2866276
C++: Also deprecate TDuplicationOrSimilarity
2022-03-08 12:26:07 +01:00
Arthur Baars
6aacc75a49
CI: add QLdoc test
2022-03-08 12:07:20 +01:00
Jeroen Ketema
55351ce835
Update cpp/ql/src/external/CodeDuplication.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-08 11:57:05 +01:00
Jeroen Ketema
2e73e35747
Update cpp/ql/src/external/CodeDuplication.qll
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-08 11:56:55 +01:00
Jeroen Ketema
81783e828e
C++: Mark everything in CodeDuplication.qll as deprecated
...
Although we earlier added a comment to the classes in noting that
they are deprecated, we did not properly mark the classes as actually
being deprecated.
All predicates - except for 3 - depend on the classes being functional,
which they no longer are, so mark those a deprecated as well. The three
remaining predicates (`FunctionDeclarationEntry`, `numberOfSourceMethods`,
and `whitelistedLineForDuplication`) seem to be helpers, and are likely
not used when the library is not used, so mark those as deprecated as
well.
2022-03-08 11:38:01 +01:00
Erik Krogh Kristensen
4734f1916e
Merge pull request #7598 from erik-krogh/fieldOnlyUsedInCharPred
...
QL: field only used in charPred
2022-03-08 11:25:57 +01:00
Rasmus Wriedt Larsen
6b14c1d6b9
Merge branch 'main' into jorgectf/python/deserialization
2022-03-08 11:15:03 +01:00
Rasmus Wriedt Larsen
cbe3964a87
Merge pull request #8275 from haby0/py/add-ssrf-sinks
...
Python: Add Server-side Request Forgery sinks
2022-03-08 11:06:52 +01:00
Tom Hvitved
3bc8d0878f
Ruby: Add regex consistency queries
2022-03-08 10:10:14 +01:00
Tom Hvitved
6d4eecff14
Ruby: Fix regex parsing of /[|]/
2022-03-08 09:52:06 +01:00
Tom Hvitved
a7442b7a2b
Ruby: Add regex test case for /[|]/
2022-03-08 09:51:39 +01:00
ihsinme
8335778e20
Update ImproperCheckReturnValueScanf.qhelp
2022-03-08 07:45:07 +03:00
ihsinme
c0c7748c5e
Apply suggestions from code review
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-03-08 07:42:35 +03:00
Jonathan Leitschuh
2e8b5f743b
[Java] Add CompileTimeConstantExpr.getStringified method
...
Removes CharacterLiteral from CompileTimeConstantExpr.getStringValue
Resolves:
- https://github.com/github/codeql/pull/8325#issuecomment-1060470279
- https://github.com/github/codeql/pull/8325#issuecomment-1060587205
2022-03-07 20:11:38 -05:00
Jonathan Leitschuh
a21992ade9
Minor refactoring to improve tests and documentation
2022-03-07 18:40:53 -05:00
Jonathan Leitschuh
5b651f29d8
Fix insufficient tests and add documentation
2022-03-07 16:39:40 -05:00
Taus
5a8ba6a7af
Python: Fix use of singleton set
2022-03-07 18:59:49 +00:00
Taus
d2603884ca
Python: Fix a bunch of class QLDoc
2022-03-07 18:59:49 +00:00
Taus
af7f532212
Python: Fix up a bunch of function QLDoc
2022-03-07 18:59:49 +00:00
Geoffrey White
c793699562
C++: Change note.
2022-03-07 17:41:00 +00:00
Geoffrey White
fc6f42296a
C++: Upgrade cpp/system-data-exposure.
2022-03-07 17:39:04 +00:00
Arthur Baars
49b4fe77ad
Add missing QLdoc
2022-03-07 17:59:06 +01:00
Jonathan Leitschuh
b282c7f1b9
Apply suggestions from code review
...
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com >
Co-authored-by: Chris Smowton <smowton@github.com >
2022-03-07 11:31:32 -05:00
Tom Hvitved
6aad8d6897
Merge pull request #8302 from aibaars/type-tracking-smallstep
...
Ruby: TypeTracker: add smallstep for functions that return their arguments
2022-03-07 17:26:45 +01:00
Arthur Baars
a1873cc803
Ruby: IncompleteUrlSubstringSanitization.ql
2022-03-07 16:17:32 +01:00
Arthur Baars
c9fa1fb5bb
Ruby: copy JS version of IncompleteUrlSubstringSanitization.ql
2022-03-07 16:17:08 +01:00
Arthur Baars
ce50f35dda
Python: switch to shared implementation of IncompleteHostnameRegExp.ql
2022-03-07 16:10:08 +01:00
Arthur Baars
bb348116ab
JavaScript: update expected output
2022-03-07 16:10:08 +01:00
Arthur Baars
98f56f4d60
Js/Ruby: Share IncompleteHostnameRegExp.ql
2022-03-07 16:10:08 +01:00
Arthur Baars
097c661362
Ruby: drop results that cannot be found yet from IncompleteHostnameRegExp.expected
2022-03-07 16:10:08 +01:00
Arthur Baars
9e8930c192
Ruby: IncompleteHostnameRegExp.ql
2022-03-07 16:10:08 +01:00
Arthur Baars
832c9c4b0b
Ruby: copy IncompleteHostnameRegExp files from JavaScript
2022-03-07 16:10:07 +01:00
Arthur Baars
eeb9a1d270
JavaScript: fix typos in documentation
2022-03-07 16:09:13 +01:00
Arthur Baars
602538d1c1
Ruby: add RegExpPatterns module
2022-03-07 16:09:12 +01:00
Rasmus Lerchedahl Petersen
895ce755c1
python: correct file name
2022-03-07 13:03:04 +01:00
Geoffrey White
cb33ed4fc2
C++: Only look for sensitive strings in appropriate parameters.
2022-03-07 11:29:09 +00:00
Mathias Vorreiter Pedersen
c7d624d314
Merge pull request #8247 from ihsinme/ihsinme-patch-80
...
CPP: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation
2022-03-07 11:00:29 +00:00
Geoffrey White
e7dca435a9
Merge pull request #6950 from ihsinme/ihsinme-patch-078
...
CPP: Add query for CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
2022-03-07 10:55:29 +00:00
Arthur Baars
200a965fda
Update expected output
2022-03-07 11:51:54 +01:00
Arthur Baars
95027e746c
Ruby: TypeTracker: add smallstep for functions that return their arguments
2022-03-07 11:51:54 +01:00
Tom Hvitved
9c4c35141a
Ruby: Update type tracker test
2022-03-07 11:51:54 +01:00
Tom Hvitved
64b458b166
Merge pull request #8319 from hvitved/csharp/recursive-qltest-extraction-change-note
...
C#: Add change note about recursive `codeql test run` extraction
2022-03-07 11:43:11 +01:00
Tom Hvitved
c1db0a9429
Merge pull request #8317 from hvitved/typetracker/jump-step
...
Ruby/Python: Clear call contexts after jump steps in type tracking
2022-03-07 11:38:51 +01:00
Tom Bolton
173f45f316
Merge pull request #8334 from github/tombolton/add-mapping-query
...
JS: Add query that maps queries to sink type
2022-03-07 10:35:37 +00:00
Geoffrey White
f1d6234483
C++: Add more information about registry query parameters.
2022-03-07 09:45:31 +00:00
Mathias Vorreiter Pedersen
027c8247ae
Merge pull request #8310 from jketema/update-stats
...
C++: Update the DB scheme stats file
2022-03-07 09:11:53 +00:00
Ahmed Farid
3b8c7e8944
Update ZipSlip.expected
2022-03-07 10:11:34 +01:00
Ahmed Farid
8402d661df
Update zipslip_bad.py
2022-03-07 10:11:00 +01:00
Ahmed Farid
6685c6b4b3
Update ZipSlip.qll
2022-03-07 10:09:53 +01:00
Tony Torralba
08ce128d64
Merge pull request #8325 from JLLeitschuh/feat/JLL/improve_compile_time_constant
...
[Java] Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
2022-03-07 09:32:59 +01:00
haby0
7e6666bc63
Merge branch 'main' into py/add-ssrf-sinks
2022-03-07 12:09:14 +08:00
Ahmed Farid
35a1c80ceb
Update zipslip_bad.py
2022-03-07 00:24:45 +01:00
Ahmed Farid
0d9436892a
Update zipslip_bad.py
2022-03-07 00:24:25 +01:00
Ahmed Farid
6233309028
Update ZipSlip.expected
2022-03-07 00:23:48 +01:00
Ahmed Farid
ce7923c8b3
Update zipslip_bad.py
2022-03-07 00:23:19 +01:00
Ahmed Farid
e8449d8f40
Update zipslip_bad.py
2022-03-07 00:23:03 +01:00
Ahmed Farid
b7d4715c4e
Create ZipSlip.expected
2022-03-07 00:06:24 +01:00
Ahmed Farid
b9b52d4c7c
Update zipslip_bad.py
2022-03-07 00:02:50 +01:00
Ahmed Farid
d7dacfc6bd
Update zipslip_good.py
2022-03-07 00:01:55 +01:00
Ahmed Farid
908db6a05f
Update zipslip_bad.py
2022-03-07 00:01:09 +01:00
Ahmed Farid
7f2d242702
Update zipslip_good.py
2022-03-06 23:59:11 +01:00
Ahmed Farid
8649375be3
Update ZipSlip.qll
2022-03-06 23:56:02 +01:00
Ahmed Farid
91b5f2ad34
Update Zip.qll
2022-03-06 23:54:46 +01:00
Ahmed Farid
466f75bad8
Update Concepts.qll
2022-03-06 23:53:00 +01:00
Erik Krogh Kristensen
9c759a987e
QL: add query detecting ordering by a constant
2022-03-06 17:02:19 +01:00
Alex Ford
98dbe3aaf3
Ruby: make ActiveRecord Persistence::ModifyAndSaveCall private
2022-03-05 18:22:32 +00:00
Jonathan Leitschuh
523ddb79f3
Cleanup after code review feedback
2022-03-04 15:35:01 -05:00
Jonathan Leitschuh
5243fe3dbf
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-03-04 15:30:52 -05:00
Tiferet Gazit
bbc712fdb3
Merge pull request #8297 from erik-krogh/atmPerf
...
JS: Fix ATM timeout on NodeJS
2022-03-04 10:41:35 -08:00
Geoffrey White
4316026720
C++: VariableAccess -> Expr.
2022-03-04 18:00:54 +00:00
Alex Ford
8fed9f9aa0
Ruby: ActiveRecord - match OrmWriteAccesses for assignements to the assignment node rather than the setter call
2022-03-04 17:24:24 +00:00
Mathias Vorreiter Pedersen
624795cbbf
Merge pull request #8059 from rdmarsh2/rdmarsh2/cpp/insufficient-key-strength
...
C++: new query for insufficient key strength
2022-03-04 17:11:44 +00:00
Robert Marsh
280fdbfc1b
C++: accept test output from perf improvement
...
The last commit removed some source nodes from the dataflow graph, which
changed the test expectations slightly. No result changes occurred.
2022-03-04 11:39:10 -05:00
Jorge
5552834e0f
Merge pull request #9 from RasmusWL/WIP
...
Rasmus' rewrite of https://github.com/github/codeql/pull/6112
See https://github.com/github/codeql/pull/6112#pullrequestreview-898959413
2022-03-04 17:18:54 +01:00
Taus
b35718e0d5
Python: Remove uses of getAQlClass
2022-03-04 15:39:27 +00:00
Erik Krogh Kristensen
7691807713
delete the getLastParameter predicate from ApiGraphs
2022-03-04 16:24:54 +01:00
Jonathan Leitschuh
38897f2ec1
Fixup tests from code review changes
2022-03-04 09:33:51 -05:00
Jonathan Leitschuh
17b6e66814
Apply suggestions from code review
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
2022-03-04 09:29:57 -05:00
ihsinme
5c801392d1
Merge pull request #2 from geoffw0/fix_tests
...
Fix tests.
2022-03-04 15:41:41 +03:00
Arthur Baars
71e393c6e1
Merge pull request #8330 from aibaars/cache-regExpSource
...
Ruby: cache regExpSource/1 instead of isInterpretedAsRegExp
2022-03-04 13:38:11 +01:00
Taus
095f27f294
Python: Remove deprecated annotations
2022-03-04 12:30:26 +00:00
Geoffrey White
17cd4d86f1
Fix tests.
2022-03-04 12:27:48 +00:00
Taus
20710616c5
Python: Fix "use set literal" warnings
2022-03-04 12:26:36 +00:00
Geoffrey White
1cb104418f
Update ExposureSensitiveInformationUnauthorizedActor.expected
...
Fix test.
2022-03-04 12:25:22 +00:00
Geoffrey White
a34a61c16f
Update ExposureSensitiveInformationUnauthorizedActor.expected
...
Fix test.
2022-03-04 12:25:05 +00:00
Taus
821de636af
Python: Remove redundant inline casts
...
These are all implied by the return type of the other side of the
equality.
2022-03-04 12:21:31 +00:00
Taus
74f0bdfc79
Python: Fix "unused disjunct" warnings
...
For the most part, these boil down to "some global property holds, and
so this relation contains all instances of class `X`". The fix is to
explicitly build the cartesian product (which we were already building
implicitly anyway) by adding `and exists(var)` to the disjunct that did
not mention `var`.
Note that these cartesian products are always with singletons on one
side, and so should be unproblematic.
2022-03-04 12:14:57 +00:00
Mathias Vorreiter Pedersen
9a91e66714
Merge pull request #8321 from MathiasVP/improve-using-expired-address-query
...
C++: More TPs from `cpp/using-expired-stack-address`
2022-03-04 12:07:55 +00:00
Rasmus Lerchedahl Petersen
93750fe17f
python: minimal CSRF implementation
...
- currectly only looks for custom django middleware
2022-03-04 12:47:23 +01:00
tombolton
2ffa6771ff
replace endpoint type name with encoding in mapping query
2022-03-04 11:00:31 +00:00
Rasmus Wriedt Larsen
3f48916e95
Merge pull request #7915 from yoff/python/promote-xpath-injection
...
Python: promote XPath injection query
2022-03-04 11:59:39 +01:00
Rasmus Wriedt Larsen
f620e2599d
Merge branch 'main' into py/add-ssrf-sinks
2022-03-04 11:50:12 +01:00
Rasmus Wriedt Larsen
e47f726e74
Python: Add change-note
2022-03-04 11:48:17 +01:00
Rasmus Wriedt Larsen
d86284bf32
Python: Update frameworks.rst
2022-03-04 11:48:06 +01:00
Rasmus Wriedt Larsen
75bc532d10
Python: Avoid toString usage :O
2022-03-04 11:41:22 +01:00
Rasmus Wriedt Larsen
866e615689
Python: Add PyPI links in qldocs
2022-03-04 11:40:03 +01:00
Joe Farebrother
6c05f7a81a
remove url from sensitive info regex
2022-03-04 10:37:05 +00:00
Rasmus Wriedt Larsen
02a97b08bb
Python: Move urllib and urllib2 to be part of stdlib modeling
2022-03-04 11:31:47 +01:00
Rasmus Wriedt Larsen
c65839bb77
Python: improve urllib3 modeling
2022-03-04 11:25:14 +01:00
Rasmus Wriedt Larsen
7d6d8be179
Python: Fix httpx modeling
2022-03-04 11:07:51 +01:00
Rasmus Wriedt Larsen
56901ea841
Python: Make new SSRF sink modules private
2022-03-04 11:04:18 +01:00
Rasmus Wriedt Larsen
40feb1fb8d
Python: SPURIOUS results for httpx
2022-03-04 11:03:32 +01:00
yoff
d0a393e8d1
Update python/ql/test/library-tests/frameworks/stdlib/XPathExecution.py
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-03-04 10:56:53 +01:00
yoff
c514282d4a
Merge pull request #8255 from tausbn/python-nomagic-pattern-getcase
...
Python: Prevent magic/inlining in `getCase`
2022-03-04 10:53:20 +01:00
Tom Hvitved
c49ed559d6
Update csharp/ql/lib/change-notes/2022-03-03-recursive-qltest-extraction.md
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-03-04 10:49:42 +01:00
Rasmus Wriedt Larsen
ef045a6789
Python: Fix typo in set_default_parser
2022-03-04 10:18:30 +01:00
Rasmus Wriedt Larsen
1a9620a87a
Python: Add conditional assignment check for sax parser
2022-03-04 10:16:28 +01:00
Rasmus Wriedt Larsen
f0131afc54
Python: Fix huge_tree modeling
2022-03-04 10:16:28 +01:00
Rasmus Wriedt Larsen
d6cbfec434
Python: huge_tree tests were wrong
...
Nice spotted @jorgectf!
2022-03-04 10:16:28 +01:00
Rasmus Wriedt Larsen
3cd165d5b7
Python: Apply suggestions from code review
...
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com >
2022-03-04 10:15:50 +01:00
Arthur Baars
cd5c71e85e
Ruby: cache regExpSource/1 instead of isInterpretedAsRegExp
2022-03-04 10:15:22 +01:00
Erik Krogh Kristensen
934e06ca3b
fix mistake in argumentPassing. The type-tracking was not required to be in an end state
2022-03-04 09:49:42 +01:00
Jonathan Leitschuh
7ab193dde2
Add System.getProperties().getProperty support
2022-03-03 20:08:38 -05:00
Jorge
683c2fa825
Apply suggestions from code review
2022-03-04 01:02:56 +01:00
Ahmed Farid
be7c619ca8
Update zipslip_bad.py
2022-03-04 00:48:45 +01:00
Dave Bartolomeo
952e495ef5
New SemanticExpr implementation
...
Cleans up SignAnalysis to reduce need for language-specific enhancements
2022-03-03 18:18:58 -05:00
Jonathan Leitschuh
04cd0dbfe9
[Java] Add CharacterLiteral to CompileTimeConstantExpr.getStringValue
2022-03-03 18:08:17 -05:00
Jonathan Leitschuh
31527a67e5
Refactor OS Checks & SystemProperty logic from review feedback
2022-03-03 17:15:35 -05:00
Jonathan Leitschuh
103c770ce7
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-03-03 16:39:45 -05:00
Rasmus Wriedt Larsen
3f6c55e8ae
Python: Rename vulnerable predicate => vulnerableTo
2022-03-03 22:09:31 +01:00
Rasmus Wriedt Larsen
0d69dc854c
Python: Minor qldoc improvement
2022-03-03 22:06:26 +01:00
Rasmus Wriedt Larsen
837daaae3b
Python: Remove XMLParser concept
2022-03-03 22:04:48 +01:00
Rasmus Wriedt Larsen
df8e0fce68
Python: Minor fixup of qldoc
2022-03-03 22:02:48 +01:00
ihsinme
467136c173
Create ExposureSensitiveInformationUnauthorizedActor.expected
2022-03-04 00:02:44 +03:00
ihsinme
77bc26681d
Create ExposureSensitiveInformationUnauthorizedActor.expected
2022-03-04 00:02:26 +03:00
Rasmus Wriedt Larsen
c0a6f9f3fd
Python: Restructure lxml modeling
...
and handle parser being passed as positional argument
2022-03-03 22:00:55 +01:00
Rasmus Wriedt Larsen
c0a2c25f5a
Python: Restructure modeling of xml.etree parsers
2022-03-03 21:59:34 +01:00
Rasmus Wriedt Larsen
a033b71eaf
Python: Align QLdocs of XML modeling
2022-03-03 21:34:46 +01:00
Rasmus Wriedt Larsen
de0e67f327
Python: Restructure overall XML modeling
2022-03-03 21:31:15 +01:00
Rasmus Wriedt Larsen
46238d5ea0
Python: Add test for XMLPullParser
...
But handling this in a nice way will require some restructuring
2022-03-03 21:28:46 +01:00
Rasmus Wriedt Larsen
33ebcdf437
Python: Support feed method of lxml/xml.etree Parsers
2022-03-03 21:26:24 +01:00
Rasmus Wriedt Larsen
f72f673e7e
Python: Update XmlEntityInjection.expected
...
I had forgotten about this, but better late than never... also added a
small representative test
2022-03-03 21:18:18 +01:00
Rasmus Wriedt Larsen
3278793972
Python: Handle more functions and kw-args
2022-03-03 21:18:18 +01:00
Rasmus Wriedt Larsen
2451123c67
Python: Move XML PoC to new test dir
2022-03-03 21:18:18 +01:00
Rasmus Wriedt Larsen
c739ae40b6
Python: Port xmltodict tests
2022-03-03 21:18:18 +01:00
Rasmus Wriedt Larsen
0b12d91817
Python: Port xml.sax tests
2022-03-03 21:18:18 +01:00
Harry Maclean
1181779c10
Merge pull request #7920 from github/hmac/string-flow-summaries
...
Ruby: Add String flow summaries
2022-03-04 09:09:19 +13:00
Rasmus Wriedt Larsen
5fb4c4d152
Python: Port xml.etree tests
2022-03-03 20:51:02 +01:00
Robert Marsh
60532e631e
C++: fix missing paren
2022-03-03 14:45:43 -05:00
Rasmus Wriedt Larsen
a7134cac2e
Python: Port xml.dom tests
2022-03-03 20:39:56 +01:00
Rasmus Wriedt Larsen
faebaee141
Python: Use concept tests for XML Parsing
...
I was loosing my mind from looking through those .expected files
Just going to take it one file at time, to make reviewing easier
2022-03-03 20:36:51 +01:00
Rasmus Wriedt Larsen
4b03f5c724
Python: Rename xml.sax test for consistency
2022-03-03 19:39:32 +01:00
Rasmus Wriedt Larsen
7cda901da2
Python: Add separate query for SimpleXMLRPCServer
...
This was a rough quick-n-dirty query, and should get some qhelp as well at some point.
2022-03-03 19:35:33 +01:00
ihsinme
5d1dee24d4
Create ExposureSensitiveInformationUnauthorizedActor.qlref
2022-03-03 20:04:54 +03:00
ihsinme
7b3546ea30
Create ExposureSensitiveInformationUnauthorizedActor.qlref
2022-03-03 20:04:17 +03:00
ihsinme
625f74e9be
Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test2.cpp to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test3/test.cpp
2022-03-03 20:01:24 +03:00
ihsinme
8eec20644f
Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test1.cpp to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test2/test.cpp
2022-03-03 20:00:54 +03:00
ihsinme
6e951f74ed
Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/test.cpp to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test1/test.cpp
2022-03-03 20:00:18 +03:00
ihsinme
9c04bd12f5
Update and rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.expected to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test1/ExposureSensitiveInformationUnauthorizedActor.expected
2022-03-03 19:59:36 +03:00
ihsinme
e1c1f80f28
Rename cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/semmle/tests/ExposureSensitiveInformationUnauthorizedActor.qlref to cpp/ql/test/experimental/query-tests/Security/CWE/CWE-200/test1/ExposureSensitiveInformationUnauthorizedActor.qlref
2022-03-03 19:58:16 +03:00
ihsinme
b32be69e0a
Update DangerousUseOfTransformationAfterOperation.expected
2022-03-03 19:55:30 +03:00
Rasmus Wriedt Larsen
9406a972cd
Python: Fix vuln detection for xml.minidom with parser arg
2022-03-03 17:52:11 +01:00
Rasmus Wriedt Larsen
5a652480b1
Python: Annotate xml.dom tests
2022-03-03 17:37:25 +01:00
Arthur Baars
b79d08523c
Merge pull request #8293 from aibaars/regex-pattern-source
...
Ruby: parse more string literals as regular expressions
2022-03-03 17:35:40 +01:00
Rasmus Wriedt Larsen
c4d08db62a
Python: Expand XML PoC with minidom/pulldom/expat
2022-03-03 17:30:16 +01:00
Arthur Baars
22b0697371
Update ruby/ql/lib/codeql/ruby/security/performance/ParseRegExp.qll
...
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com >
2022-03-03 17:13:19 +01:00
Ahmed Farid
5e14d89714
Update ZipSlip.qll
2022-03-03 17:12:06 +01:00
tombolton
bd9e845aea
update column names and remove encoding value
2022-03-03 15:59:10 +00:00
tombolton
f1f1526237
add query-sink mapping query
2022-03-03 15:20:06 +00:00
Rasmus Wriedt Larsen
3affa6cf3a
Python: Annotate xmltodict tests
2022-03-03 15:08:56 +01:00
Rasmus Wriedt Larsen
61291936bf
Python: Properly model xml.etree
2022-03-03 15:06:55 +01:00
Mathias Vorreiter Pedersen
bf10456bf5
C++: Add a path explanation to the 'cpp/using-expired-stack-address' query.
2022-03-03 13:55:00 +00:00
Mathias Vorreiter Pedersen
9df923a7c8
C++: Catch more true positives by stepping into calls in the 'cpp/using-expired-stack-address' query.
2022-03-03 13:53:09 +00:00
Rasmus Wriedt Larsen
703e3e8a0f
Python: Handle DTD retrieval vuln in lxml
2022-03-03 14:46:48 +01:00
Rasmus Wriedt Larsen
e295399f70
Python: Properly handle huge_tree in lxml
2022-03-03 14:43:37 +01:00
Rasmus Wriedt Larsen
124c03c15c
Python: Expand lxml tests
...
And add annotations, see PoC.py for reference
Some of these needs fixing though
2022-03-03 14:40:45 +01:00
Tom Hvitved
0c2551079a
C#: Add change note about recursive codeql test run extraction
2022-03-03 14:32:55 +01:00
Tom Hvitved
9d6d479fba
Add missing QL doc
2022-03-03 14:17:41 +01:00
Geoffrey White
6848b6095b
C++: Autoformat.
2022-03-03 12:51:54 +00:00
Rasmus Wriedt Larsen
3c321dd98d
Python: Model lxml.etree.get_default_parser in own class
2022-03-03 13:49:17 +01:00
Rasmus Wriedt Larsen
52891cb476
Python: Add PoC for XML vulns
2022-03-03 13:48:46 +01:00
Joe Farebrother
4ad402f33f
Move from experimental to main
2022-03-03 12:13:14 +00:00
Tom Hvitved
ba6ff88d05
Sync files
2022-03-03 12:30:50 +01:00
Tom Hvitved
b23ab8089a
Ruby: Clear call contexts after jump steps in type tracking
2022-03-03 12:29:47 +01:00
Geoffrey White
5c6923c099
C++: Improve and differentiate the qhelp.
2022-03-03 11:04:55 +00:00
Geoffrey White
88b7a085b0
C++: Make the bulk of test cases in tests.cpp more relevant.
2022-03-03 10:40:17 +00:00
Geoffrey White
07b4bf7023
C++: Use the same trick as in ExposedSystemData to catch a few more results.
2022-03-03 10:33:39 +00:00
Geoffrey White
6e5729c924
C++: Fix typo and adjust violation message wording.
2022-03-03 10:28:53 +00:00
Geoffrey White
9e193f624c
C++: Change note.
2022-03-03 09:55:02 +00:00
Rasmus Wriedt Larsen
661d8bf553
Python: Better handling of resolve_entities arg in lxml
2022-03-03 10:05:57 +01:00
Rasmus Wriedt Larsen
515b824b3c
Python: Add lxml positive test
2022-03-03 09:42:19 +01:00
Jeroen Ketema
f80372b837
C++: Update the DB scheme stats file
2022-03-03 09:02:37 +01:00
Jeroen Ketema
3fc2f2f3dc
Merge pull request #8309 from jketema/taint-join-order
...
C++: Fix join order in the IR dataflow library
2022-03-03 09:00:42 +01:00
ihsinme
01f9114a80
Update test.cpp
2022-03-03 10:57:11 +03:00
ihsinme
bec4170bdf
Update ImproperCheckReturnValueScanf.expected
2022-03-03 10:39:19 +03:00
ihsinme
8e0c0ad200
Update test.cpp
2022-03-03 10:37:31 +03:00
ihsinme
25b3aba823
Update test.cpp
2022-03-03 10:21:38 +03:00
ihsinme
2dc85e183c
Update test.cpp
2022-03-03 10:20:41 +03:00
ihsinme
547342cd61
Update test.cpp
2022-03-03 10:16:00 +03:00
ihsinme
1a30b8d467
Apply suggestions from code review
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-03-03 10:14:22 +03:00
Jeroen Ketema
2fd950caad
C++: Fix join order in the IR dataflow library
...
Not having this fixed caused problems when updating the database
scheme stats file.
2022-03-03 07:42:52 +01:00
Jonathan Leitschuh
fea50065f5
Fix duplicated comment
2022-03-02 19:54:04 -05:00
Jonathan Leitschuh
85de9f305e
Fix naming of OSCheck method
2022-03-02 19:41:46 -05:00
Jonathan Leitschuh
a7adbb7291
Refactor more system property access logic
2022-03-02 19:33:05 -05:00
Harry Maclean
4a43731b83
Ruby: Use SimpleSummarizedCallable
...
This simplifies some String flow summaries.
2022-03-03 10:49:44 +13:00
Robert Marsh
9fb94d85b4
C++: performance tweaks for InsufficientKeySize
2022-03-02 15:59:42 -05:00
Arthur Baars
692fc4cb02
Update ruby/ql/lib/change-notes/2022-02-28-regex-string-literals.md
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2022-03-02 21:13:23 +01:00
Jonathan Leitschuh
3c53a05e16
Add OS Checks based upon separator or path separator
2022-03-02 14:15:56 -05:00
Geoffrey White
2a14a4f14e
C++: Fill in metadata.
2022-03-02 18:52:52 +00:00
Geoffrey White
66b9356eb9
C++: There is no overlap between OutputWrite and RemoteFlowSinkFunction.
2022-03-02 18:16:39 +00:00
Geoffrey White
a1ace7122d
C++: Move SystemData class into a library.
2022-03-02 18:01:06 +00:00
Geoffrey White
70e4a409fd
C++: Add the new query to tests.
2022-03-02 17:56:53 +00:00
Geoffrey White
d95b56fca0
C++: Create prototype query.
2022-03-02 17:56:49 +00:00
Jonathan Leitschuh
82d3cd8924
Improve system property lookup
2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
dad9a02fbd
Update TempDirInfoDisclosure with new OS Guards
2022-03-02 12:51:15 -05:00
Jonathan Leitschuh
5913c9acad
Refactor OS Guard Checks
2022-03-02 12:51:14 -05:00
Jonathan Leitschuh
fd63107edf
Update OS Check from Review Feedback
2022-03-02 12:51:12 -05:00
Jonathan Leitschuh
9f5022ee95
Review fixup and add test for apache SystemUtils
2022-03-02 12:50:38 -05:00
Jonathan Leitschuh
49513443f2
Update java/ql/lib/semmle/code/java/os/OSCheck.qll
...
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com >
2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
3cdfc00542
Cleanup from review feedback
2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
39828fd596
Apply OS guard checks to TempDirLocalInformationDisclosure
2022-03-02 12:50:37 -05:00
Jonathan Leitschuh
cd073a2173
Java: Add Guard Classes for checking OS
2022-03-02 12:50:35 -05:00
Geoffrey White
67aa1449ce
C++: Add some more test cases (moved from the private repo).
2022-03-02 17:23:07 +00:00
Ahmed Farid
c45b67c316
Create zipslip_good.py
2022-03-02 18:10:24 +01:00
Ahmed Farid
aef1df122b
Create zipslip_bad.py
2022-03-02 18:09:45 +01:00
Ahmed Farid
c8f73ec845
Create ZipSlip.qlref
2022-03-02 18:08:32 +01:00
Rasmus Lerchedahl Petersen
6946ae931a
python: missed a spot..
2022-03-02 17:12:48 +01:00
Geoffrey White
19718fa280
C++: Add a couple of new test cases.
2022-03-02 15:18:04 +00:00
Geoffrey White
da740cfa05
C++: Test layout.
2022-03-02 15:18:04 +00:00
Michael Nebel
b39f383d45
Merge pull request #8230 from michaelnebel/csharp/autobuilder-buildless
...
C#: Buildless extractor option.
2022-03-02 15:53:02 +01:00
Rasmus Wriedt Larsen
7f7758b83d
Python: rewrite xml sax modeling
2022-03-02 15:22:11 +01:00
Rasmus Wriedt Larsen
6dd776b2de
Python: Only produce one alert per vulnerable XML sink
...
This made it much easier to debug the current alerts on tests at least.
Notice that it's important that we have `strictconcat` and not just
`concat`, since `concat` will also allow flow to sinks that are not
vulnerable to any kind of XML vulnerability :|
2022-03-02 15:22:11 +01:00
Michael Nebel
938902dc89
C#: Include example fragment in the release note on, how to invoke the extractor with the optional parameter.
2022-03-02 14:28:25 +01:00
Michael Nebel
fc89888c74
C#: Add pattern that only accepts 'true' and 'false' as the buildless option.
2022-03-02 14:28:21 +01:00
Michael Nebel
c5ddf6110f
C#: Address review comments (change description to use true/false instead of yes/no).
2022-03-02 14:27:45 +01:00
Rasmus Wriedt Larsen
16e482bf6f
Python: Improve QLDoc for XML parsing/parsers
2022-03-02 14:25:12 +01:00
Rasmus Wriedt Larsen
aaf55b21c4
Python: Add XMLVulnerabilityKind
...
This gives some freedom in changing the name presented, and not worrying about whether you have made a typo that makes everything break :|
2022-03-02 14:25:12 +01:00
Rasmus Wriedt Larsen
ee23c05489
Python: XML: Expose vuln kind on sink
2022-03-02 14:25:12 +01:00
Michael Nebel
8d9999a8c4
C#: Change note describing the buildless extractor option.
2022-03-02 14:25:11 +01:00
Michael Nebel
3859b62554
C#: Autobuilder should use standalone in case buildless options is provided.
2022-03-02 14:25:11 +01:00
Michael Nebel
c973693bee
C#: Introduce buildless extractor option.
2022-03-02 14:25:06 +01:00
Rasmus Wriedt Larsen
500e0aced6
Python: Rewrite sax XML tests
...
The tests for type-trackers were not that interesting, since they did
not have XML input in both cases, which is the problem we were trying
hard to solve.
I did keep the test-case of not-user-supplied url alive as well though
👍
I added OK/NOT OK annotations.
Notice that we report all 4 kinds of vulnerabilities on line 93
2022-03-02 14:24:46 +01:00
Michael Nebel
fff42501fc
Merge pull request #8167 from michaelnebel/csharp/extractor-option-compress
...
C# Extractor Option for specifying compression.
2022-03-02 14:22:52 +01:00
Michael Nebel
23fbfbc3b7
C#: Performance optimization of the GVN implementation.
2022-03-02 13:48:33 +01:00
Michael Nebel
a0a2cde6fa
C#: Update relase note to include example fragment on, how to invoke the extractor with the optional parameter.
2022-03-02 13:17:20 +01:00
Rasmus Lerchedahl Petersen
143e9ee954
Merge branch 'main' of github.com:github/codeql into python/promote-xpath-injection
2022-03-02 13:14:08 +01:00
Rasmus Lerchedahl Petersen
ee45e79948
python: Create XML modulein Concepts
...
to prepare for XXE and other XML related modelling
2022-03-02 13:10:23 +01:00
Rasmus Lerchedahl Petersen
80be767a7a
python: implement stdlib xpath support
2022-03-02 12:59:34 +01:00
Rasmus Lerchedahl Petersen
06e0f140c5
python: add tests for stdlib xpath
2022-03-02 12:58:37 +01:00
Erik Krogh Kristensen
62f2614f72
move hasDominatingWrite to the TypeTracking stage
2022-03-02 11:30:05 +01:00
Erik Krogh Kristensen
1db6a644a5
only block flow for dominated reads when the property name is known
2022-03-02 11:30:05 +01:00
Erik Krogh Kristensen
a9062cc047
merge hasDominatingWrite and hasDominatingAssignment
2022-03-02 11:30:05 +01:00
Mathias Vorreiter Pedersen
3681a1b736
Merge pull request #7933 from geoffw0/cwe497
...
C++: Improve cpp/system-data-exposure
2022-03-02 10:18:01 +00:00
Mathias Vorreiter Pedersen
71cd507f89
Merge pull request #8298 from MathiasVP/filter-bad-conversions-in-cpp-gvn
...
C++: Fix `GVN` performance on more invalid IR
2022-03-02 10:14:19 +00:00
Michael Nebel
53b2eac8c5
C#: Remove (symmetric) duplicates from the test output.
2022-03-02 09:44:51 +01:00
Michael Nebel
38f04e5585
C#: Flatten the the Gvn type.
2022-03-02 09:44:51 +01:00
Michael Nebel
6b4dea780f
C#: Introduce caching of the Gvn related types and the toGvn predicate.
2022-03-02 09:44:51 +01:00
Michael Nebel
796a18043b
C#: Add testcase for GVN printing.
2022-03-02 09:44:51 +01:00
Michael Nebel
7e25b141ca
C#: Add test cases for finding structurally equivalent control flow elements.
2022-03-02 09:44:51 +01:00
Michael Nebel
52952e98bf
C#: Example source code with structurally same expressions and statements.
2022-03-02 09:44:51 +01:00
Michael Nebel
4499551ca4
C#: Add a verbatim copy of the structural comparison for internal use only.
2022-03-02 09:44:51 +01:00
Michael Nebel
16270cf57f
C#: Add configuration class to allow defining a candidate pairs of control flow predicates, where we want to look for structural equality.
2022-03-02 09:44:51 +01:00
Michael Nebel
87cb92a434
C#: Add predicates for restricting the Gvn type and the relation between control flow elements and global value numbers.
2022-03-02 09:44:51 +01:00
Michael Nebel
8bd12b23e2
C#: Add type(s) for representing global value numbers.
2022-03-02 09:44:51 +01:00
Michael Nebel
cc5d56547c
C#: Add type Global value number kinds for control flow elements.
2022-03-02 09:44:51 +01:00
Michael Nebel
8179e247bf
C#: Delete the existing structural comparison implementation.
2022-03-02 09:44:51 +01:00
ihsinme
9e76260f1d
Update DangerousUseOfTransformationAfterOperation.ql
2022-03-02 10:38:57 +03:00
ihsinme
f5267ba8c6
Update DangerousUseOfTransformationAfterOperation.qhelp
2022-03-02 10:24:40 +03:00
Harry Maclean
37dac186a8
Ruby: String.try_convert isn't value-preserving
...
`String.try_convert` can convert arbitrary objects to strings, which
obviously isn't value-preserving.
2022-03-02 13:31:59 +13:00
Arthur Baars
169f65526e
Merge pull request #8292 from aibaars/api-graphs-private
...
Ruby: ApiGraphs: use private imports
2022-03-02 00:35:46 +01:00
Taus
8460ab4f31
Merge pull request #7549 from hvitved/python/points-to-perf
2022-03-01 23:05:10 +01:00
Mathias Vorreiter Pedersen
155502cfdb
C#/C++: Sync identical files.
2022-03-01 16:56:49 +00:00
Mathias Vorreiter Pedersen
4acae4a2d1
C++: Remove redundant conjunct.
2022-03-01 16:56:25 +00:00
Geoffrey White
2962b125af
Merge branch 'main' into cwe497
2022-03-01 16:19:28 +00:00
Paolo Tranquilli
c81f2661a3
Merge pull request #8300 from redsun82/check-qhelp
...
check-qhelp: call super init in IncludeHandler
2022-03-01 17:07:28 +01:00
Paolo Tranquilli
ef4d1de9c3
check-qhelp: call super init in IncludeHandler
...
`xml.sax.ContentHandler` has a non-trivial `__init__`. While this is
probably harmless, it does not hurt to fix this.
2022-03-01 16:50:55 +01:00
Rasmus Wriedt Larsen
518e2aeebf
Merge branch 'main' into jorgectf/python/deserialization
2022-03-01 16:47:13 +01:00
Rasmus Wriedt Larsen
2309f67e9b
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-03-01 15:50:21 +01:00
Rasmus Wriedt Larsen
27d5349a74
Python: ORM: Remove imports from test code
...
These are no longer needed, as data-flow now has this import by default
2022-03-01 15:39:52 +01:00
Rasmus Wriedt Larsen
a1c7ec8c6d
Python: Accept .exepcted changes from importing frameworks from data-flow
...
Since `python.qll` has `private import
semmle.python.dataflow.new.DataFlow`, that means that all tests now
implicitly imports the frameworks modeling, and therefore any python
class is part of the DjangoViewClassHelper ql class.
de8ecb214f/python/ql/lib/python.qll (L44)
2022-03-01 15:37:16 +01:00
Rasmus Lerchedahl Petersen
f55d7d627e
python: model XPathEvaluator
2022-03-01 14:40:13 +01:00
Rasmus Lerchedahl Petersen
3bb17be389
python: add concept and library tests
2022-03-01 14:39:28 +01:00
ihsinme
a6654fce4a
Update ImproperCheckReturnValueScanf.ql
2022-03-01 16:37:29 +03:00
ihsinme
e9fefab9b1
Update test.cpp
2022-03-01 16:36:24 +03:00
ihsinme
bfec3c5e6e
Update ImproperCheckReturnValueScanf.expected
2022-03-01 16:35:31 +03:00
Tom Hvitved
92fa0071bd
Update python/ql/lib/semmle/python/pointsto/MRO.qll
...
Co-authored-by: Taus <tausbn@github.com >
2022-03-01 14:16:49 +01:00
Asger Feldthaus
df379809df
Ruby: support CSV rows of form ;any;Method[foo]
2022-03-01 14:08:21 +01:00
Asger Feldthaus
05ea33033b
Ruby: add test for API::EntryPoint
2022-03-01 14:08:21 +01:00
Asger Feldthaus
bf83400bd2
Ruby: port API::EntryPoint from JS
2022-03-01 14:08:21 +01:00
Asger Feldthaus
e10e3b9466
Ruby: convert ActiveStorage::Filename model to MaD
2022-03-01 14:08:21 +01:00
Asger Feldthaus
e6a3747656
Ruby: add test for ActiveStorage.Filename.new
2022-03-01 14:08:21 +01:00
Asger Feldthaus
70c083fa64
Ruby: convert Regexp.escape model to MaD
2022-03-01 14:08:21 +01:00
Asger Feldthaus
cbd044a768
Ruby: add a code injection test for flwo through Regexp.escape
2022-03-01 14:08:21 +01:00
Asger Feldthaus
63e7c16d6b
Ruby: add test with sinks and type-defs
2022-03-01 14:08:20 +01:00
Asger Feldthaus
388949f12e
Ruby: support WithBlock and WithoutBlock
2022-03-01 14:08:20 +01:00
Asger Feldthaus
d6bc9c259e
Ruby: add simple test case
2022-03-01 14:08:20 +01:00
Asger Feldthaus
d808bdc028
JS: Sync ApiGraphModels.qll
2022-03-01 14:08:20 +01:00
Asger Feldthaus
a33e89279d
Ruby: instantiate ApiGraphModels library in Ruby
2022-03-01 14:08:20 +01:00
Arthur Baars
ea8187c771
Ruby: .github/workflows/ruby-qltest.yml: turn off fail-fast
2022-03-01 13:30:56 +01:00
Arthur Baars
b2745d44f2
Ruby: update ReDoS.expected
2022-03-01 13:30:56 +01:00
Arthur Baars
61fa3ba314
Add change note
2022-03-01 13:30:56 +01:00
Arthur Baars
a51f17e0ed
Ruby: introduce RegExpPatternSource
2022-03-01 13:30:51 +01:00
Arthur Baars
1240c11c4b
Ruby: parse some string literals as regex
...
In addition to regex literals, also parse normal string literals
as regular expressions if they somehow "flow" into a method call
that is known to interpret string values as regular expressions.
2022-03-01 13:26:51 +01:00
Geoffrey White
5402b02fd7
Merge branch 'main' into cwe497
2022-03-01 11:58:24 +00:00
Mathias Vorreiter Pedersen
52dbf2c787
C#/C++: Sync identical files.
2022-03-01 11:50:50 +00:00
Mathias Vorreiter Pedersen
b6faa207a4
C++: Remove redundant cast.
2022-03-01 11:50:44 +00:00
Mathias Vorreiter Pedersen
93bd380838
C#/C++: Sync identical files.
2022-03-01 11:37:19 +00:00
Mathias Vorreiter Pedersen
6b324fb781
C++: Filter out InheritanceConversionInstructions with multiple base or derived classes when doing global value numbering.
2022-03-01 11:34:41 +00:00
Rasmus Wriedt Larsen
cd58c12bbe
Merge branch 'main' into orm
2022-03-01 12:01:54 +01:00
Michael Nebel
8312fc6895
C#: Use groups and rename to trap.compression instead. Various changes to description to align with Ruby.
2022-03-01 12:01:44 +01:00
Tamás Vajk
94cb5c2be4
Merge pull request #8296 from github/post-release-prep/codeql-cli-2.8.2
...
Post-release preparation for codeql-cli-2.8.2
2022-03-01 11:57:36 +01:00
Rasmus Wriedt Larsen
98c60a706e
Python: Autoformat
...
Oops
2022-03-01 11:54:09 +01:00
Tamás Vajk
30c80622ed
Merge pull request #699 from github/post-release-prep/codeql-cli-2.8.2
...
Post-release preparation for codeql-cli-2.8.2
2022-03-01 11:44:45 +01:00
Rasmus Wriedt Larsen
e32f8d98b0
Python: Always import ORM steps for data-flow
...
For C#, see
fdd787b89c/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll (L16)
that import EntityFramework, which is ORM library.
2022-03-01 11:32:36 +01:00
Rasmus Wriedt Larsen
eece2222ba
Merge pull request #8252 from github/RasmusWL/debugging-dataflow-improvements
...
Docs: Mention `hasPartialFlowRev` and performance problem
2022-03-01 11:27:57 +01:00
Erik Krogh Kristensen
dfc74d728b
fix duplicate words in qldoc
2022-03-01 11:22:58 +01:00
Erik Krogh Kristensen
1b5c7392f0
restrict the size of the getASubexpressionWithinQuery predicate, and remove double-recursion
2022-03-01 11:18:42 +01:00
Erik Krogh Kristensen
bdd07de7ed
improve performance of getTestFile by finding possible test files first
2022-03-01 11:18:22 +01:00
Erik Krogh Kristensen
51482e4fcf
Merge pull request #8295 from erik-krogh/ts46
...
JS: Add support for TypeScript 4.6
2022-03-01 11:09:02 +01:00
Michael Nebel
7522a2d248
Merge pull request #7832 from aschackmull/java/modelgen
...
Java: Simplify model generator query using flow state.
2022-03-01 10:57:07 +01:00
Rasmus Lerchedahl Petersen
ce3ee65f47
python: remove getTree for now
2022-03-01 10:49:21 +01:00
Rasmus Wriedt Larsen
f3f2c3183e
Docs: Apply suggestions from code review
...
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com >
2022-03-01 10:45:24 +01:00
Mathias Vorreiter Pedersen
1f01d8014e
Merge pull request #8225 from jketema/ir-structured-bindings-translation
...
C++: Update the IR translation for structured bindings
2022-03-01 09:43:35 +00:00
yoff
853857bd7e
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-03-01 10:26:29 +01:00
ihsinme
be11e4fc2d
Apply suggestions from code review
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-03-01 12:25:57 +03:00
github-actions[bot]
980f822983
Post-release preparation for codeql-cli-2.8.2
2022-03-01 09:24:30 +00:00
Arthur Baars
7e6ef7ac74
Ruby: ApiGraphs: use private imports
2022-03-01 10:24:19 +01:00
github-actions[bot]
dd3fc2d477
Post-release preparation for codeql-cli-2.8.2
2022-03-01 09:24:17 +00:00
Erik Krogh Kristensen
4c58f9781b
add support for TypeScript 4.6
2022-03-01 09:56:21 +01:00
Mathias Vorreiter Pedersen
3719353338
Merge pull request #8172 from github/redsun82/pre-commit
...
add pre-commit configuration
2022-03-01 08:54:54 +00:00
Erik Krogh Kristensen
2b7c819135
fix extension of change-note
2022-03-01 09:54:19 +01:00
Michael Nebel
7bde1cbfb3
Java: Add case for Synthetic Fields in isRelevantTaintStep.
2022-03-01 09:15:01 +01:00
ihsinme
d772ea0efe
Apply suggestions from code review
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-03-01 10:49:36 +03:00
ihsinme
bc22b9b208
Update test.cpp
2022-03-01 09:43:15 +03:00
ihsinme
c6083a6f95
Apply suggestions from code review
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-03-01 09:37:57 +03:00
Ahmed Farid
70c0c7e461
Update zipslip_bad.py
2022-03-01 00:24:33 +01:00
Ahmed Farid
85bcaa96ce
Update Concepts.qll
2022-03-01 00:23:06 +01:00
Ahmed Farid
c22b032bbe
Update Zip.qll
2022-03-01 00:11:33 +01:00
Ahmed Farid
67d3498891
Update ZipSlip.ql
2022-03-01 00:07:37 +01:00
Ahmed Farid
b29936716d
Update Frameworks.qll
2022-03-01 00:06:22 +01:00
Ahmed Farid
76bd3317eb
Create Zip.qll
2022-03-01 00:05:30 +01:00
Ahmed Farid
abe25da3df
Create ZipSlip.qll
2022-03-01 00:04:02 +01:00
Ahmed Farid
3eae13161f
Delete ZipSlipCheckLib.ql
2022-03-01 00:01:34 +01:00
Ahmed Farid
21f6ad5190
Update and rename ZipSlipCheck.ql to ZipSlip.ql
2022-03-01 00:01:06 +01:00
Tamas Vajk
1538e89bd9
Use generate-report.py from base SHA
2022-02-28 20:36:23 +01:00
Tamas Vajk
bd30c63aa1
Fix expected file comparer to handle missing files better in MaD workflows
2022-02-28 20:16:20 +01:00
Tamas Vajk
714659c706
Change cp to mv in CSV coverage PR job
2022-02-28 20:07:23 +01:00
Jeroen Ketema
0c2cfa1307
C++: Add comment on the existence of reference types
2022-02-28 19:14:54 +01:00
Arthur Baars
5ce6b847d1
Merge pull request #8166 from aibaars/regex-char-sequence-1
...
Ruby/Python: regex parser: group sequences of 'normal' characters
2022-02-28 17:47:53 +01:00
Tamás Vajk
d3e36038a0
Merge pull request #8152 from tamasvajk/fix/useless-dynamic-cast
...
C# Exclude dynamic casts from useless casts check
2022-02-28 17:00:28 +01:00
Michael Nebel
24640c3670
Java: Make a testcase for wrappers of sources.
2022-02-28 16:57:36 +01:00
Michael Nebel
66fe0e74b5
Java: Don't require that the source is directly within the TargetApi itself (in that case wrappers get excluded).
2022-02-28 16:48:23 +01:00
Michael Nebel
4a0b2b64b3
Java: Explicitly tie ReturnNode to TargetApi before calling returnNodeAsOutput.
2022-02-28 16:48:23 +01:00
Tom Hvitved
44949b6353
Java: Add bindingset to returnNodeAsOutput
2022-02-28 16:48:23 +01:00
Anders Schack-Mulligen
908cc40c9f
Java: Fix bug in model flow sanitizer.
2022-02-28 16:48:23 +01:00
Anders Schack-Mulligen
16a5ccddea
Java: Simplify model generator query using flow state.
2022-02-28 16:48:23 +01:00
Rasmus Wriedt Larsen
8afd560c64
Python: ORM: Handle load of PolymorphicModels
2022-02-28 16:38:41 +01:00
Rasmus Wriedt Larsen
48fba87273
Python: ORM: add flow to base-class
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
6b9dd49499
Python: ORM: Model polymorphic.models.PolymorphicModel as Django ORM class
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
e1191cf63c
Python: ORM: Add tests for inheritance
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
092cfceb18
Python: Add dataflow consistency checks to ORM tests
...
Luckily they passed :phew:
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
d7ff00e615
Python: Add change-note
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ed36ff1570
Python: ORM: Handle <Model>.objects.[<QuerySet>].update()
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
fea46b642d
Python: ORM: Handle <Model>.objects.create and friends
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
9b458b54aa
Python: ORM: Add flow to collection/dict queries
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
9cff4cbd1c
Python: ORM: Add a few more tests
...
There were a few methods I had overlooked
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ae057c74cc
Python: ORM: Store step for constructor
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
f8a51bb994
Python: ORM: Add data-flow steps for Django ORM
...
Added dummy-whitespace to `orm_security_tests.py` so it would be
possible to see what the reflected XSS results are in the diff
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ef39968a56
Python: ORM: Add data-flow plumbing for ORM modeling
...
The idea is that we will do `save ==> synthetic`
and `synthetic ==> load`, so we don't need to do CP between save/load.
This setup with synthetic node in the middle, also allows for a limited
amount of the field-flow we can do with real flow-summary support.
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
d3f07cdc10
Python: ORM: Add qltests
...
Which shows that there is no flow yet, which is not really a surprise :D
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
c78fed6594
Python: ORM: Add raw python test files
...
no ql test files yet though, will come in next commit.
2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
f89fb50eb5
Python: ORM: Add boilerplate django project
...
By doing
```
django-admin startproject testproj
django-admin startapp testapp
```
2022-02-28 16:38:40 +01:00
yoff
d953382df9
Merge pull request #7807 from RasmusWL/dataflow-improvements
...
Python: Dataflow improvements
2022-02-28 16:24:00 +01:00
Jeroen Ketema
497991b6b1
C++: Improve change note
2022-02-28 16:08:23 +01:00
Erik Krogh Kristensen
5130929358
remove comment suggesting that the receiver is parameter -1
2022-02-28 15:25:34 +01:00
Erik Krogh Kristensen
843ed8fca5
rename pw to aw
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-02-28 15:25:25 +01:00
Tom Hvitved
5cba505514
Merge pull request #8284 from hvitved/csharp/move-csharp9-standalone-tests
...
C#: Move C# 9 standalone tests
2022-02-28 15:15:47 +01:00
Tamas Vajk
efb876192f
Add change note
2022-02-28 14:58:59 +01:00
Tamas Vajk
4748d2c6e2
C# Exclude dynamic casts from useless casts check
2022-02-28 14:58:59 +01:00
Ian Lynagh
1e62b485a5
Merge pull request #8241 from igfoo/igfoo/stats4
...
Java: Update stats and make some performance tweaks
2022-02-28 12:58:06 +00:00
Tom Hvitved
4ecd843c05
C#: Move C# 9 standalone tests
2022-02-28 13:43:20 +01:00
haby0
be40b54b9f
add test
2022-02-28 20:34:58 +08:00
Geoffrey White
2b0d473072
C++: Remove this query from exclude-slow-queries.yml.
2022-02-28 12:18:11 +00:00
Rasmus Wriedt Larsen
0e0f159891
Python: Use Python 3 for investigation tests
...
Apparently there are minor differences with `test-6-max-import-depth-2`
where under Python 2 `isfile_no_problem.py` still works as before
2022-02-28 11:33:31 +01:00
Rasmus Wriedt Larsen
01d426dc58
Python: Replace rest of from testlib import *
...
I think we should write our tests in a way that puts points-to in the
best condition to resolve calls. Although this specific change did not
change much, it should help set us up for success in the future 👍
2022-02-28 10:58:44 +01:00
Rasmus Wriedt Larsen
ead0b658d2
Python: Fix fieldflow tests by increasing max-import-depth
2022-02-28 10:58:44 +01:00
Rasmus Wriedt Larsen
a0d1cea490
Python: Add investigation of field-flow problem
...
TL;DR; we used a too low value for `--max-import-depth` :(
2022-02-28 10:58:44 +01:00
haby0
b23e28a1e6
add Server-side Request Forgery sinks
2022-02-28 15:24:02 +08:00
Alex Ford
6ddacce27a
Ruby: Add OrmWriteAccess concept changenote
2022-02-28 01:18:39 +00:00
Alex Ford
63ef9a75c9
Ruby: model OrmWriteAccesses for ActiveRecord
2022-02-28 01:18:39 +00:00
Alex Ford
b1fd321b65
Ruby: update Rails framework test output for existing tests
2022-02-28 01:13:26 +00:00
Alex Ford
283a48c76d
Ruby: tests for OrmWriteAccess
2022-02-28 01:12:49 +00:00
Alex Ford
8c6c680a28
Ruby: Add OrmWriteAccess concept
2022-02-28 01:11:40 +00:00
Jeroen Ketema
e40c51cc83
C++: Add documentation for TranslatedStructuredBindingVariableAccess
2022-02-27 21:13:48 +01:00
Jeroen Ketema
0a4d8132e6
C++: Consistently use getUnspecifiedType in structured binding IR translation
2022-02-27 21:13:48 +01:00
Jeroen Ketema
4ffbc2d148
C++: Ensure we use lvalue reference types for structured bindings
...
This also adds a test for rvalue reference uses in the tuple
structured binding case.
2022-02-27 21:13:48 +01:00
Jeroen Ketema
074577b539
C++: Refactor IR structured binding tuple test
2022-02-27 21:13:48 +01:00
Jeroen Ketema
edaabf8fdf
C++: Add structured bindings IR change note
2022-02-27 21:13:48 +01:00
Jeroen Ketema
6515e77c0e
C++: Generate additional loads for non-reference structured bindings
2022-02-27 21:13:48 +01:00
Jeroen Ketema
eebfbc12a0
C++: Add structured bindings struct as data member test case
2022-02-27 21:13:48 +01:00
Jeroen Ketema
5814349fd8
C++: Give names in structured binding declarations correct IR types
2022-02-27 21:13:48 +01:00
Jeroen Ketema
73f0366dc6
C++: Add typedef'ed reference structured binding test
2022-02-27 21:13:48 +01:00
Jeroen Ketema
91659af4d4
C++: Add array data member structured binding test
2022-02-27 21:13:48 +01:00
Jeroen Ketema
ec05942693
C++: Use unnamed_local_variable in array structured binding test
2022-02-27 21:13:48 +01:00
Jeroen Ketema
437a85dec7
C++: Add pointer related structured binding tests
2022-02-27 21:13:48 +01:00
Ahmed Farid
c207294dfc
Update zipslip_good.py
2022-02-26 18:31:22 +01:00
Ahmed Farid
d0d14be693
Update ZipSlip.qhelp
2022-02-26 18:25:13 +01:00
luchua-bc
88d9694628
Query to detect insecure WebResourceResponse implementation
2022-02-26 02:03:35 +00:00
Chris Smowton
958fd9b3ea
Merge pull request #7867 from ahmed532009/timing-attacks
...
Java: Timing attacks while comparing the headers value
2022-02-25 21:55:13 +00:00
Chris Smowton
f981fee37d
Adjust test expectation
2022-02-25 20:05:06 +00:00
Chris Smowton
ff5d680837
Add missing substitution description
2022-02-25 19:12:25 +00:00
Ian Lynagh
0bf1370cd5
Java: Autoformat QL
2022-02-25 19:08:08 +00:00
Alexander Eyers-Taylor
d38cd4a0d7
Merge pull request #8156 from alexet/alexet/expression-pragma-doc
...
QLSpeciifcation: Add documentation for expression pragmas
2022-02-25 18:59:49 +00:00
Arthur Baars
0c23f5815f
Add change note
2022-02-25 18:43:43 +01:00
Arthur Baars
5044f89105
Ruby/Python re-introduce normalCharacterSequence
2022-02-25 18:43:43 +01:00
Chris Smowton
8fbd8c52dd
Fix test expectations
2022-02-25 17:35:52 +00:00
Chris Smowton
ff303db034
Autoformat and fix qhelp
2022-02-25 17:33:08 +00:00
Chris Smowton
303927c9c9
Fix qhelp
2022-02-25 17:33:08 +00:00
Chris Smowton
e02a3d0ddd
Rename qlref file
2022-02-25 17:33:08 +00:00
Ahmed Farid
3a2d514b18
Create ComparingValueOfSensetiveHeader.qlref
2022-02-25 17:33:08 +00:00
Ahmed Farid
0d278f6d61
Create Test.java
2022-02-25 17:33:08 +00:00
Ahmed Farid
1bc5fe13eb
Update and rename java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstHeader.expected to java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstHeader/TimingAttackAgainstHeader.expected
2022-02-25 17:33:08 +00:00
Ahmed Farid
63133f7e8b
Update TimingAttackAgainstHeader.expected
2022-02-25 17:33:08 +00:00
Ahmed Farid
f2457dafb5
Create TimingAttackAgainstHeader.expected
2022-02-25 17:33:08 +00:00
Ahmed Farid
35abc3f9a3
Update and rename ComparingValueOfSensetiveHeader.java to Test.java
2022-02-25 17:33:08 +00:00
Chris Smowton
091227982c
Delete unnecessary test files
2022-02-25 17:33:08 +00:00
Ahmed Farid
899b8d03b2
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
308f86f66f
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
2eee6b4f69
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
7859288040
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
d83444cb18
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
e79c0eaa71
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
36cf1010f8
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
8e6f76d47a
Update TimingAttackAgainstHeader.qhelp
2022-02-25 17:33:07 +00:00
Ahmed Farid
fa8af6bf70
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:07 +00:00
Ahmed Farid
19d0e1f4a7
Create ComparingValueOfSensetiveHeader.qlref
2022-02-25 17:33:07 +00:00
Ahmed Farid
f96e47db09
Update ComparingValueOfSensetiveHeader.java
2022-02-25 17:33:07 +00:00
Ahmed Farid
09e054ace6
Update ComparingValueOfSensetiveHeader.java
2022-02-25 17:33:07 +00:00
Ahmed Farid
f758ed0d85
Update ComparingValueOfSensetiveHeader.java
2022-02-25 17:33:07 +00:00
ahmed532009
4a9ee5826d
Update TimingAttackAgainstHeader.qhelp
2022-02-25 17:33:07 +00:00
ahmed532009
6da9bc593f
Rename csrfComparison.java to ComparingValueOfSensetiveHeader.java
2022-02-25 17:33:07 +00:00
ahmed532009
a0a1c587e5
Create ComparingValueOfSensetiveHeader.java
2022-02-25 17:33:07 +00:00
ahmed532009
aa488e532f
Update csrfComparison.java
2022-02-25 17:33:07 +00:00
Chris Smowton
333130b2a4
Abbreviate isSink
2022-02-25 17:33:07 +00:00
Chris Smowton
80a2b388bf
Update TimingAttackAgainstHeader.qhelp
2022-02-25 17:33:07 +00:00
ahmed532009
fa81f43694
Update TimingAttackAgainstHeader.qhelp
2022-02-25 17:33:06 +00:00
ahmed532009
39e07cbc9c
Update and rename UnsafecsrfComparison.java to csrfComparison.java
2022-02-25 17:33:06 +00:00
ahmed532009
c6c67b907b
Update TimingAttackAgainstHeader.qhelp
2022-02-25 17:33:06 +00:00
ahmed532009
98b06d35af
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:06 +00:00
ahmed532009
bf95e59b24
Update TimingAttackAgainstHeader.qhelp
2022-02-25 17:33:06 +00:00
ahmed532009
ab6a7bb3d8
Update TimingAttackAgainstHeader.ql
2022-02-25 17:33:06 +00:00
root
49feeb1c36
Timing attacks while comparing the headers value
2022-02-25 17:33:06 +00:00
Erik Krogh Kristensen
4fba5e4dfb
step through parentheses in barrier functions
2022-02-25 17:47:12 +01:00
Alexander Eyers-Taylor
6b9ccd6e91
QLSpec: Apply suggestions from code review
...
Co-authored-by: Jonas Jensen <jbj@github.com >
2022-02-25 15:34:43 +00:00
Rasmus Wriedt Larsen
f988e1f0d8
Python: Improve field-flow by removing import *
...
Since that apparently impacts call graph resolution with points-to :O
Also interesting that global flow was only not working for those cases
because of the tricky ifs... still need to 100% figure out how those ifs
are messing up the analysis :|
2022-02-25 16:01:08 +01:00
Rasmus Wriedt Larsen
999af15bd5
Python: Show unresolved calls for field-flow tests
2022-02-25 15:58:07 +01:00
Taus
622b32692b
Python: Prevent magic/inlining in getCase
...
This is a simplified version of
https://github.com/github/codeql/pull/8028
consisting of just the `nomagic` fix.
2022-02-25 14:32:59 +00:00
yoff
8b926f6859
Merge pull request #7873 from RasmusWL/fix-attribute-taint
...
Python: Fix attribute taint
2022-02-25 15:02:24 +01:00
Rasmus Wriedt Larsen
2d0034c40d
Python: Replicate global field-flow failures
2022-02-25 14:14:00 +01:00
Asger F
a8bfebaeb6
Merge pull request #8149 from asgerf/shared/use-shared-access-path-syntax
...
Shared: use shared access path syntax to parse arguments in CSV rows
2022-02-25 14:04:18 +01:00
CodeQL CI
0f125d1e8a
Merge pull request #8234 from asgerf/ruby/meta-queries
...
Approved by nickrolfe
2022-02-25 12:46:15 +00:00
Rasmus Wriedt Larsen
faaa63a73c
Python: Ensure no cross-talk in global tests
...
By giving all variables unique names
I also added a comment with the function name from the normal tests, so
its' easily visible what these tests are testing
2022-02-25 13:41:51 +01:00
Rasmus Wriedt Larsen
0642610ee9
Python: Global flow works when in own file???
...
This is very suspicious
2022-02-25 13:36:00 +01:00
Rasmus Wriedt Larsen
d83a9ef8d3
Python: Fix global field-flow for validTest.py
2022-02-25 13:35:43 +01:00
yoff
e1c2f46092
Merge pull request #8200 from RasmusWL/debug-partial-flow-snippet
...
Python: Add `debug partial flow` snippet
2022-02-25 12:41:12 +01:00
Arthur Baars
9d9abaf1f9
Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-02-25 12:27:20 +01:00
Pierre
f047707ef3
Merge pull request #8251 from github/turbo-java-17-python-310
...
Update supported Java and Python versions
2022-02-25 12:19:01 +01:00
Chris Smowton
011248e686
Merge pull request #7774 from smowton/smowton/admin/test-annotation-inheritence
...
Add test checking that inheritence is noticed even with annotations present
2022-02-25 11:15:21 +00:00
Rasmus Wriedt Larsen
49dbb8cae7
Docs: Mention hasPartialFlowRev and performance problem
...
The things that I mentioned in https://github.com/github/codeql/pull/6502#issuecomment-901087620 that never got into the document 😳
2022-02-25 11:22:20 +01:00
Pierre
9e27675554
Update supported Java and Python versions
2022-02-25 11:12:01 +01:00
Mathias Vorreiter Pedersen
dfd30e46b0
Merge pull request #8227 from geoffw0/319improve
...
C++: Promote cpp/non-https-url
2022-02-25 08:48:44 +00:00
ihsinme
ffdca61f9a
Add files via upload
2022-02-25 11:20:23 +03:00
ihsinme
74f8145970
Add files via upload
2022-02-25 11:18:38 +03:00
ihsinme
0c8a07218c
Add files via upload
2022-02-25 11:16:05 +03:00
ihsinme
bddb5fd9f9
Add files via upload
2022-02-25 11:14:20 +03:00
ihsinme
a9a2ca3850
Add files via upload
2022-02-25 11:09:25 +03:00
ihsinme
025701170e
Add files via upload
2022-02-25 11:07:48 +03:00
ihsinme
3d1f4d5499
Merge pull request #1 from github/main
...
up to head
2022-02-25 11:04:55 +03:00
Robert Marsh
a60fe9f4b8
C++: exclude 0 earlier in InsufficientKeySize
2022-02-24 14:26:37 -05:00
Tamás Vajk
3125f49853
Merge pull request #698 from github/release-prep/2.8.2
...
Release preparation for version 2.8.2
2022-02-24 20:08:04 +01:00
Tamás Vajk
17fbbdba34
Merge pull request #8233 from github/release-prep/2.8.2
...
Release preparation for version 2.8.2
2022-02-24 20:07:55 +01:00
Chris Smowton
b1c98ae3c2
Add further test directly examining signature of method with problematic parameter types
2022-02-24 17:39:11 +00:00
Chris Smowton
379f2438a6
Add test checking that inheritence is noticed even with annotations present
2022-02-24 17:39:11 +00:00
Geoffrey White
899ae90ba4
C++: Add GVN.
2022-02-24 17:22:37 +00:00
Mathias Vorreiter Pedersen
ab3cad749c
Merge pull request #8173 from MathiasVP/add-using-expired-stack-address-query
...
C++: Add another `CWE-825` query
2022-02-24 17:18:35 +00:00
Geoffrey White
0bb9a95563
C++: Extend tests.
2022-02-24 17:15:29 +00:00
Tom Bolton
8dfc0d25d1
Merge pull request #8232 from github/tombolton/use-updated-counting-query
...
Add new xss queries to result counting query
2022-02-24 16:38:53 +00:00
Jeroen Ketema
0c788d7352
C++: Remove redundant empty line
2022-02-24 17:31:10 +01:00
Jeroen Ketema
b933a58215
C++: Replace Deprecated Queries by Deprecated Classes
...
This is more accurate for the only change in the list.
2022-02-24 16:48:23 +01:00
Michael Nebel
3e898a1b09
C#: Use generic TryParse method instead.
2022-02-24 16:18:42 +01:00
Tamas Vajk
8d329c55ab
Fix typo in change logs
2022-02-24 16:10:44 +01:00
Tamas Vajk
0d16a7e38d
Fix formatting of C# change logs
2022-02-24 16:06:54 +01:00
github-actions[bot]
20fe22c8c8
Release preparation for version 2.8.2
2022-02-24 14:57:08 +00:00
github-actions[bot]
3840ce8444
Release preparation for version 2.8.2
2022-02-24 14:56:57 +00:00
Rasmus Wriedt Larsen
abe4d8da62
Python: Accept global field-flow inconsistencies
...
Yikes
2022-02-24 15:07:18 +01:00
Rasmus Wriedt Larsen
94d23f3817
Python: Also do all field-flow tests in global scope
...
Notice that these tests don't pass, to show how they differ in the next
commit!
2022-02-24 15:06:40 +01:00
Erik Krogh Kristensen
844815a032
Merge pull request #8231 from erik-krogh/fix-ql-for-ql-in-ql-for-ql
...
QL: fix ql-for-ql errors inside ql-for-ql
2022-02-24 15:01:45 +01:00
Erik Krogh Kristensen
ea1503ce2c
fix ql-for-ql errors inside ql-for-ql
2022-02-24 14:41:27 +01:00
tombolton
d80ef6566d
add new xss queries to result counting query
2022-02-24 13:31:40 +00:00
Paolo Tranquilli
d2ed5c47f9
fix typo
2022-02-24 14:28:21 +01:00
Tamás Vajk
83aaeca751
Merge pull request #8228 from tamasvajk/fix/change-notes-0.0.9
...
Fix 0.0.9 change note to match concatenated change log
2022-02-24 14:04:31 +01:00
Michael Nebel
62dc23f6a5
C#: Move the StandaloneAnalyser to the Standalone project.
2022-02-24 13:51:43 +01:00
Michael Nebel
efab3bfa89
C#: Make an extractor class in the standalone project with some of the specifics for the standalone extractor.
2022-02-24 13:51:43 +01:00
Michael Nebel
d2c872079b
C#: Move ExitCode enum out of Extractor class.
2022-02-24 13:51:42 +01:00
Michael Nebel
b0c62c8a10
C#: Refactor functionality to run standalone extractor into own method.
2022-02-24 13:51:42 +01:00
Michael Nebel
d947861690
C#: Minor refactoring.
2022-02-24 13:51:42 +01:00
Chris Smowton
b1cdde6913
Merge pull request #697 from github/smowton/admin/move-change-note
...
Move new-query change note to src pack
2022-02-24 12:43:48 +00:00
Chris Smowton
4973224de7
Merge pull request #8216 from github/smowton/fix/creating-codeql-databases-docs-typo
...
Fix typo
2022-02-24 12:24:32 +00:00
Rasmus Wriedt Larsen
2da4b39844
Python: Add global field-flow tests
...
I thought it was interesting that it did not propagate flow to the uses
inside the functions :O
2022-02-24 13:15:48 +01:00
Geoffrey White
6c40cda68d
C++: Pragmatic solution to include more sinks (plus autoformat changes).
2022-02-24 12:10:34 +00:00
Tamas Vajk
a8c2d87897
Fix 0.0.9 change note to match concatenated change log
2022-02-24 12:51:10 +01:00
Mathias Vorreiter Pedersen
e4af34253a
C++: Actually fix incorrect annotation
2022-02-24 11:06:57 +00:00
Chris Smowton
60bd4648a1
Re-add change note to src pack
2022-02-24 11:06:00 +00:00
Chris Smowton
28c3c0090e
Move new query change note to src pack
2022-02-24 11:00:11 +00:00
Paolo Tranquilli
01a37e5165
fix check-qhelp.py again
2022-02-24 11:56:47 +01:00
Geoffrey White
e3493e32e0
C++: Change note.
2022-02-24 10:54:09 +00:00
Geoffrey White
fc8ebdaeb2
C++: Increase the query to precision high.
2022-02-24 10:54:09 +00:00
Geoffrey White
c16302be13
C++: Fix the FP.
2022-02-24 10:54:08 +00:00
Paolo Tranquilli
11c1b6a8a3
fix typo in .pre-commit-config.yaml
2022-02-24 11:46:19 +01:00
Paolo Tranquilli
4020464c2d
fix check-qhelp.py
...
It turns out checking changes on `.inc.qhelp` files is a bit trickier,
as we need to first find which `qhelp` files use them. The previous
iteration of this script was working under the assumption that
`.inc.qhelp` files were only included from the current or a parent
path, but this turns out to be wrong.
This time around, if we are asked to check one or more `.inc.qhelp`
files we build an include map from all `qhelp` files and run the help
generator on the `qhelp` files actually including them.
2022-02-24 11:40:46 +01:00
Paolo Tranquilli
9667315d49
pre-commit: add qhelp check
...
Also the instructions on customizing `pre-commit`'s behaviour have been
updated to use the `--config` option.
2022-02-24 10:55:53 +01:00
Mathias Vorreiter Pedersen
ef5f16ddd3
Merge branch 'main' into add-using-expired-stack-address-query
2022-02-24 08:41:27 +00:00
Harry Maclean
fc351fbd64
Ruby: Remove value-flow for name-matched summaries
...
String summaries that are identified by name only should not specify
value-preserving flow as this can cause spurious flow in cases where
they are applied to different but identically-named methods.
2022-02-24 16:15:15 +13:00
Harry Maclean
07369916b0
Ruby: Remove bad flow to/from block arguments
...
In these cases there is no block argument to the method call.
2022-02-24 14:44:59 +13:00
Erik Krogh Kristensen
ad3399733b
recognize more module exports from the factory pattern
2022-02-23 21:29:45 +01:00
Erik Krogh Kristensen
e13b2df86f
Merge pull request #8185 from erik-krogh/amdImp
...
JS: recognize modules imported by AMD imports as library inputs
2022-02-23 20:21:45 +01:00
Geoffrey White
326dfa5bc2
C++: Add test cases.
2022-02-23 18:37:58 +00:00
Chris Smowton
3167a67e65
Fix typo
2022-02-23 18:19:11 +00:00
Chris Smowton
01db73bfc7
Merge pull request #5935 from porcupineyhairs/javaSstiNew
...
Java : Add SSTI query
2022-02-23 17:30:02 +00:00
Dave Bartolomeo
02bf008610
Fix formatting
2022-02-23 12:18:27 -05:00
Mathias Vorreiter Pedersen
8900f6c043
C++: Add comment about ir re-evaluation.
2022-02-23 17:12:05 +00:00
Mathias Vorreiter Pedersen
033edc24f4
C++: Respond to review comments.
2022-02-23 16:23:49 +00:00
Mathias Vorreiter Pedersen
fd83f3a999
Merge pull request #8209 from jketema/ir-structured-bindings-tests
...
C++: Add IR structured binding tests
2022-02-23 16:09:40 +00:00
Chris Smowton
7b425a80bc
Note path query expectations
2022-02-23 16:02:54 +00:00
Rasmus Wriedt Larsen
aeba497832
Merge pull request #7735 from yoff/python/promote-log-injection
...
Python: promote log injection
2022-02-23 16:21:12 +01:00
Jeroen Ketema
99dd049c1b
Add IR test for tuple structured bindings
2022-02-23 16:15:19 +01:00
Jeroen Ketema
caf0f28547
Add IR test for data member structured bindings
2022-02-23 15:55:19 +01:00
Taus
3ce7d47b5b
Merge pull request #7452 from jorgectf/python_jwt
...
Python: Add Python_JWT to JWT security query
2022-02-23 15:23:20 +01:00
Jeroen Ketema
ec2567b64b
Add IR test for array structured bindings
2022-02-23 15:10:10 +01:00
Chris Smowton
a8fe10f353
Java template injection query: import pathgraph
2022-02-23 13:47:24 +00:00
Asger Feldthaus
f1bfb31403
Shared: fix typo in a comment
2022-02-23 14:13:41 +01:00
Asger Feldthaus
bb9348d77f
Ruby: reject ArrayElement[-n] instead of interpreting it as ArrayElement[?]
2022-02-23 14:13:41 +01:00
Asger Feldthaus
a11c6f0f8e
Ruby: use AccessPathSyntax library
2022-02-23 14:13:40 +01:00
Asger Feldthaus
efec348eb3
Java: use AccessPathSyntax library
2022-02-23 14:13:40 +01:00
Asger Feldthaus
9cff065dca
C#: use AccessPathSyntax library
2022-02-23 14:13:40 +01:00
Asger Feldthaus
5cab737ef1
Shared: sync AccessPathSyntax.qll
2022-02-23 14:13:40 +01:00
Asger Feldthaus
abd4933d6c
Shared: move numeric parsing into AccessPathSyntax.qll
2022-02-23 14:13:37 +01:00
Mathias Vorreiter Pedersen
4b03778938
Update cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-02-23 13:10:29 +00:00
Rasmus Wriedt Larsen
b17c769257
Python: Remove accidental "foo" snippet
2022-02-23 13:30:56 +01:00
Rasmus Wriedt Larsen
5626427ea5
Python: Add "debug partial flow" snippet
2022-02-23 13:30:56 +01:00
CodeQL CI
7d55771092
Merge pull request #8150 from asgerf/js/prep-sharing-api-graph-mad
...
Approved by erik-krogh
2022-02-23 11:59:31 +00:00
CodeQL CI
62ee8fce3a
Merge pull request #8186 from asgerf/js/request-forgery-docs-followup
...
Approved by esbena, hubwriter
2022-02-23 11:46:37 +00:00
Stephan Brandauer
a664e02d04
Merge pull request #8014 from kaeluka/js/functionality-from-untrusted-source
...
JS: Functionality from untrusted sources query (CWE-830)
2022-02-23 12:45:31 +01:00
Chris Smowton
50d9945625
Autoformat
2022-02-23 11:41:23 +00:00
Mathias Vorreiter Pedersen
53299d61eb
C++: Add more tests.
2022-02-23 11:38:01 +00:00
Mathias Vorreiter Pedersen
c8f940124f
C++: Respond to review comments.
2022-02-23 11:17:12 +00:00
Chris Smowton
476997a599
Replace more non-breaking spaces
2022-02-23 11:02:17 +00:00
Stephan Brandauer
1ed71e15f3
apply docreview feedback
2022-02-23 11:21:22 +01:00
Michael Nebel
20f71110ef
C#: Add change note for compression extractor option.
2022-02-23 11:02:28 +01:00
Tony Torralba
f011bbc92c
Merge pull request #8055 from luchua-bc/java/unsafe-url-forward-with-shared-lib
...
CWE-552: Switch to the shared PathSanitizer library
2022-02-23 11:00:23 +01:00
Stephan Brandauer
517d6969e1
Merge pull request #8171 from kaeluka/js/update-atm-query-docs-for-nosql-sql-injection
...
update ATM NosqlInjection and SqlInjection query docs
2022-02-23 10:54:37 +01:00
Asger Feldthaus
22ba43fff6
JS: Minor fixup in the client-side request forgery qhelp
2022-02-23 10:54:26 +01:00
Erik Krogh Kristensen
203212657e
recognize modules imported by AMD imports as library inputs
2022-02-23 10:39:45 +01:00
Mathias Vorreiter Pedersen
8b7214621b
Update cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.qhelp
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-02-23 09:38:30 +00:00
Mathias Vorreiter Pedersen
8e0f354c2c
Update cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.cpp
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-02-23 09:38:06 +00:00
Mathias Vorreiter Pedersen
862ebefbad
Update cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-02-23 09:33:58 +00:00
Mathias Vorreiter Pedersen
dda85bf234
Update cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql
...
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com >
2022-02-23 09:33:52 +00:00
Stephan Brandauer
c17d8b145a
Merge pull request #8054 from asgerf/js/split-request-forgery
...
JS: split request forgery query into server-side and client-side variants
2022-02-23 10:27:16 +01:00
Michael Nebel
837b91b31e
C#: Make TrapCompression setter private.
2022-02-23 10:12:56 +01:00
Michael Nebel
68b85900b7
C#: Remove old way of providing compression parameter.
2022-02-23 09:39:13 +01:00
Michael Nebel
a04aa1f05d
C#: Add unit test(s).
2022-02-23 09:39:13 +01:00
Michael Nebel
6176b64907
C#: Add support to the extractor for getting the compression extractor option.
2022-02-23 09:39:13 +01:00
Michael Nebel
bca479c2f3
C#: Add extractor option 'compression'.
2022-02-23 09:39:13 +01:00
Mathias Vorreiter Pedersen
31a204a5d9
Merge pull request #8174 from jketema/hinding-cleanup
...
C++: Simplify `cpp/declaration-hides-variable`
2022-02-23 08:27:59 +00:00
Esben Sparre Andreasen
58e0d54744
Merge pull request #8168 from github/esbena/hapi-reflected-xss
...
JS: model hapi handler returns as reflected-xss sinks
2022-02-23 08:53:15 +01:00
jorgectf
4aa1c0a11e
Update .expected
2022-02-23 00:55:39 +01:00
Dave Bartolomeo
b11c55ff23
Fix mismatched results between semantic and AST range analysis
2022-02-22 18:19:38 -05:00
Jeroen Ketema
423d325204
C++: Simplify cpp/declaration-hides-variable
...
The check for `(unnamed local variable)` is no longer needed, because these
variables are now identified as being compiler generated.
2022-02-22 23:04:48 +01:00
Robert Marsh
a37f746dff
C++: fix FP and add paths in InsufficientKeySize
2022-02-22 15:38:50 -05:00
Erik Krogh Kristensen
73f2e89f3e
Merge pull request #8165 from erik-krogh/protoWrite
...
JS: support more property writes in js/prototype-pollution-utility
2022-02-22 21:30:22 +01:00
jorgectf
7c108c7892
Polish test
2022-02-22 20:57:20 +01:00
Jorge
0216798cb9
Apply suggestions from code review
...
Co-authored-by: Taus <tausbn@github.com >
2022-02-22 20:55:51 +01:00
Mathias Vorreiter Pedersen
ea35f56212
C++: Add a query for detecting uses of expired stack pointers that escaped through global variables.
2022-02-22 19:12:08 +00:00
Porcupiney Hairs
c81d85f321
Include suggestions from review
2022-02-22 23:07:34 +05:30
Erik Krogh Kristensen
b6b93065ff
Merge pull request #8157 from erik-krogh/lodash-clone
...
JS: add lodash.{clone, cloneDeep} as a clone step
2022-02-22 18:12:10 +01:00
Erik Krogh Kristensen
c487bb73a7
Merge pull request #8143 from erik-krogh/pred-ql-style
...
QL: add ql-for-ql query for detecting bad predicate qldoc
2022-02-22 17:49:12 +01:00
Paolo Tranquilli
e15c1f7c45
fix typo in docs/pre-commit-hook-setup.md
2022-02-22 17:47:35 +01:00
Paolo Tranquilli
33cce2b5ac
add pre-commit configuration
...
This enables use of the `pre-commit` framework to run quick pre-commit
checks. In particular this allows to automatically fix:
* trailing white spaces
* absence or multiple newlines at the end of files
* QL code formatting
* file sync
More could be added in the future: anything that can be checked fast
can be added in the configuration (for example well-formedness of
`qldoc` files).
This is a purely opt-in feature. Instructions for enabling it and
possibly configuring its behaviour are in `pre-commit-hook-setup.md`.
2022-02-22 17:40:07 +01:00
Jeroen Ketema
aecc17c49b
Merge pull request #7928 from jketema/structured-bindings-db-scheme
...
C++: Add table that identifies C++ structured bindings
2022-02-22 17:34:26 +01:00
Stephan Brandauer
6a9186cdef
update ATM NosqlInjection and SqlInjection query docs
2022-02-22 16:56:18 +01:00
Chris Smowton
106ee5b8a2
Merge pull request #696 from asgerf/asgerf/dot-separated-access-paths
...
Go: Switch to dot-separated access paths in summary specs
2022-02-22 15:34:27 +00:00
Arthur Baars
69ed121ecb
Ruby/Python: regex parser: group sequences of 'normal' characters
2022-02-22 16:15:33 +01:00
Geoffrey White
31d214d5ee
Merge pull request #8170 from geoffw0/typos
...
C++: Fix Spelling Typos.
2022-02-22 15:09:50 +00:00
Mathias Vorreiter Pedersen
894992d403
Merge pull request #8169 from MathiasVP/fix-spelling-in-post-dominance-frontier
...
C++/C#: Fix spelling of 'postDominanceFrontier'
2022-02-22 14:54:39 +00:00
Geoffrey White
4908eaf5ec
C++: Typos.
2022-02-22 14:33:11 +00:00
Ian Lynagh
691473bd6e
Java: Add a changenote
2022-02-22 14:07:31 +00:00
Mathias Vorreiter Pedersen
b6740ed4a1
C++/C#: Fix spelling of 'postDominanceFrontier'.
2022-02-22 13:48:13 +00:00
Asger Feldthaus
5390faeb8a
Ruby: add query for measuring call graph
2022-02-22 14:42:05 +01:00
Asger Feldthaus
c7c97d5bbb
Ruby: add queries for measuring taint sources and sinks
2022-02-22 14:29:47 +01:00
Esben Sparre Andreasen
2c527f7b35
model hapi handler returns as reflected-xss sinks
2022-02-22 14:12:01 +01:00
Owen Mansel-Chan
980c27423a
Merge pull request #681 from owen-mc/new-query/wrapped-error-always-nil
...
Add query "Wrapped error always nil"
2022-02-22 12:42:16 +00:00
Erik Krogh Kristensen
517e17d422
support more property writes in js/prototype-pollution-utility, and generalize ObjectDefinePropertyAsPropWrite
2022-02-22 13:23:34 +01:00
Pierre
5ee96121fc
Merge pull request #8162 from github/turbo-no-glibc-no
...
Docs: Add note about muslc incompatibility
2022-02-22 13:06:28 +01:00
Henry Mercer
4f7604f0dd
Merge pull request #8151 from github/henrymercer/separate-atm-model-pack
2022-02-22 11:47:35 +00:00
Pierre
1d81f90260
Update docs/codeql/codeql-cli/getting-started-with-the-codeql-cli.rst
...
Co-authored-by: hubwriter <hubwriter@github.com >
2022-02-22 12:47:31 +01:00
Erik Krogh Kristensen
08c703f605
exclude private predicates
2022-02-22 12:34:16 +01:00
Owen Mansel-Chan
0cd5e520aa
Update expected alert message
2022-02-22 11:14:19 +00:00
Stephan Brandauer
2278e7f6e6
CWE 830 polish error messages
2022-02-22 11:41:54 +01:00
Stephan Brandauer
82330391c3
CWE-830 add support for setting attributes via setAttribute method
2022-02-22 11:41:54 +01:00
Stephan Brandauer
d80cd1aeb5
CWE 830 test where both branches in a ternary are unsafe
2022-02-22 11:41:53 +01:00
Stephan Brandauer
2934aa1a3a
rewrite docs, improve error messages, etc
2022-02-22 11:41:53 +01:00
Stephan Brandauer
d2335b65d5
stylistic improvements after review
2022-02-22 11:41:53 +01:00
Stephan Brandauer
9aec4437e2
polish qhelp for CWE-830 and add test file
2022-02-22 11:41:53 +01:00
Stephan Brandauer
44d86569ac
remove illegal chars from comments
2022-02-22 11:41:53 +01:00
Stephan Brandauer
fd77e27ed9
replace taint tracking by type tracking and merge remaining queries for CWE-830
2022-02-22 11:41:53 +01:00
Stephan Brandauer
8cafa6d562
improve error message in CWE-830
2022-02-22 11:41:53 +01:00
Stephan Brandauer
780fa97869
always require integrity checking for certain CDNs
2022-02-22 11:41:53 +01:00
Stephan Brandauer
83764df4f5
rename tests for CW-830 to clarify responsibilities
2022-02-22 11:41:52 +01:00
Stephan Brandauer
8d397fea09
JS: query to find dynamic creations of DOM elements that use untrusted sources
2022-02-22 11:41:52 +01:00
Stephan Brandauer
b35c70994f
permit http urls to 127.0.0.1 and others
2022-02-22 11:41:52 +01:00
Stephan Brandauer
dd2b779a3c
add CWE 830 link to references
2022-02-22 11:41:52 +01:00
Stephan Brandauer
b170422c22
add changenotes for functionality from untrusted source query
2022-02-22 11:41:52 +01:00
Stephan Brandauer
6722c17bb0
JS: Functionality from untrusted sources query (CWE-830)
2022-02-22 11:41:52 +01:00
Erik Krogh Kristensen
8ff2992b56
have each case on a separate line
2022-02-22 11:40:26 +01:00
Erik Krogh Kristensen
addb27c80e
deduplicate "%"
...
Co-authored-by: Stephan Brandauer <kaeluka@github.com >
2022-02-22 11:34:59 +01:00
Pierre
8b7f899883
Update getting-started-with-the-codeql-cli.rst
2022-02-22 11:34:49 +01:00
Pierre
6f936942fa
Add note about non-glibc systems
2022-02-22 11:29:51 +01:00
Porcuiney Hairs
e536628a66
Java : Add SSTI query
2022-02-22 15:57:53 +05:30
Asger Feldthaus
1be47db2e6
JS: Factor out more JS-specific code
2022-02-22 09:51:56 +01:00
Asger Feldthaus
2d509eb345
JS: Make Impl.qll determine the location of AccessPathSyntax.qll
2022-02-22 09:51:52 +01:00
Asger Feldthaus
42a3d8c689
JS: Treat Member[x] as a language-specific token
...
In Ruby it is ambiguous whether Member[foo] means x.foo or x::foo
2022-02-22 09:51:52 +01:00
Asger Feldthaus
acf95d6178
JS: Move summary resolution into JS-specific code
2022-02-22 09:51:52 +01:00
Asger Feldthaus
ab1642dd3f
JS: Rename {Shared,Impl} -> ApiGraphModels{,Specific}
2022-02-22 09:51:48 +01:00
Harry Maclean
07c70adde5
Ruby: Update CleartextLogging fixture
...
The flow summary for `String#sub` leads to two new results in this test.
They are duplicates of existing results, because the query is quite
liberal in what it considers a source.
```ruby
password = "abc"
password_masked = password.sub(/./, "x")
Logger.new(STDOUT).info password_masked
```
In the example above, the query considers lines 1 and 2 to both be
sources, with a sink at line 3. Previously there was no flow from line 1
to line 3 because of the missing flow summary for `String#sub`, and
therefore there was just one result. Now we have the flow summary, there
are two results.
Line 2 is considered a source because it is an assignment to a variable
that contains the term "password". I'm not sure how to adjust the query
to avoid these duplicates, so I'm leaving them in for now.
2022-02-22 16:58:41 +13:00
Harry Maclean
340288e0d4
Ruby: Update summary access paths for dot syntax
2022-02-22 16:41:16 +13:00
Harry Maclean
d180a55b3a
Ruby: Fix value/taint flow in String summaries
2022-02-22 16:41:16 +13:00
Harry Maclean
f07ae35b87
Ruby: Fix bug with String flow summaries
...
Split summaries for methods with optional block parmaters into separate
classes. Also model the `exclusive` argument to `String#upto`.
2022-02-22 16:41:16 +13:00
Harry Maclean
379de5581d
Ruby: Disable summaries that clash with Array
...
Some String methods are named identically to Array methods, and this
leads to overlapping flow summaries. These adversely affect the original
Array flow summaries.
2022-02-22 16:41:15 +13:00
Harry Maclean
fef46e1ee4
Ruby: Add flow summaries for String methods
2022-02-22 16:41:15 +13:00
Erik Krogh Kristensen
e8df6a14ca
add lodash.{clone, cloneDeep} as a clone step
2022-02-21 22:27:29 +01:00
alexet
7ea8577e23
QLSpec: Fix underline length
2022-02-21 19:25:44 +00:00
alexet
121b3f6fbf
QLSpec:Allow setliterals withing inrange terms
2022-02-21 18:57:29 +00:00
alexet
5473162f23
QLSpec: Add documentation for expression pragmas
2022-02-21 18:55:56 +00:00
alexet
e2bc03c147
QLSpec: Consistency in primary expression order.
2022-02-21 18:53:53 +00:00
Henry Mercer
e42f759f6b
Merge pull request #8153 from github/henrymercer/atm-add-cwe-tags
...
JS: Add CWE tags for ML-powered queries
2022-02-21 17:24:02 +00:00
Ian Lynagh
7ce9b160d0
Java: Performance tweaks
2022-02-21 17:05:00 +00:00
Henry Mercer
5a3daa9e3f
JS: Add CWE tags for ML-powered queries
...
- Cross-site scripting: CWE-79
- Path injection: CWE-22, CWE-23, CWE-36, CWE-73, CWE-99
- NoSQL injection: CWE-943
- SQL injection: CWE-89
2022-02-21 16:18:33 +00:00
Henry Mercer
02cce623a6
JS: Install pack dependencies in ML CI jobs
2022-02-21 16:10:15 +00:00
Henry Mercer
a89882c14e
JS: Update lockfiles for ML-powered queries packs
2022-02-21 16:03:05 +00:00
Asger Feldthaus
8194c041cc
JS: Merge sources to one class
2022-02-21 16:26:02 +01:00
Asger F
00ed72ed83
Apply suggestions from code review
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-02-21 16:24:50 +01:00
Tamas Vajk
422c2d5ccb
C#: Add dynamic casts to useless upcast test
2022-02-21 16:10:00 +01:00
Henry Mercer
25f6ac3ec4
JS: Remove ML model pack from default workspace
...
We only want to put the checked out version of the model pack to test a
custom model.
Given that the repo doesn't contain any models by default, most users
won't want the local checkout of the model pack to override the one
downloaded from the package registry.
2022-02-21 15:06:30 +00:00
Henry Mercer
6fb9895367
JS: Separate the ML-powered queries model into its own pack
...
This allows users to more easily get started with development. Running
`codeql pack install` from the `-queries` pack will now install the ML
model.
2022-02-21 15:05:57 +00:00
Tom Bolton
0108642464
Merge pull request #8148 from github/tombolton/modify-counting-query
...
Update counting query to match end-to-end results
2022-02-21 15:02:43 +00:00
tombolton
e02319be9f
add end to end predicate to result counting query
2022-02-21 14:35:58 +00:00
Erik Krogh Kristensen
cd4685c4c5
cache RegExpCreationNode::getAReference
2022-02-21 15:04:00 +01:00
Erik Krogh Kristensen
1407b49a8f
fix some instances of ql/pred-doc-style for JS
2022-02-21 15:02:21 +01:00
Erik Krogh Kristensen
11bbd872f3
add ql-for-ql query for detecting bad predicate qldoc
2022-02-21 15:02:15 +01:00
Asger Feldthaus
cb38df5980
Go: rewrite access paths to dot-style
2022-02-21 14:56:54 +01:00
Asger Feldthaus
846a876c44
Go: update to use new API exposed by FlowSummaryImpl.qll
2022-02-21 14:53:05 +01:00
Rasmus Wriedt Larsen
d2cd77aefb
Merge branch 'main' into dataflow-improvements
2022-02-21 14:49:40 +01:00
Asger Feldthaus
da52cb24f6
Go: sync FlowSummaryImpl and AccessPathSyntax.qll
2022-02-21 14:40:23 +01:00
Owen Mansel-Chan
e8c2ab745e
Apply suggestions from code review from docs team
...
Co-authored-by: hubwriter <hubwriter@github.com >
2022-02-21 13:19:47 +00:00
Asger F
02c4966109
Merge pull request #7878 from asgerf/dot-separated-access-paths
...
Shared: Switch to dot-separated access paths in summary specs
2022-02-21 13:29:09 +01:00
Alex Ford
9196b64d6e
Merge pull request #8138 from github/ruby/file-write
...
Ruby: Implement `FileSystemWriteAccess` concept
2022-02-21 10:13:27 +00:00
Alex Ford
746290d903
Merge pull request #7713 from github/ruby/clear-text-logging
...
Ruby: Add `rb/clear-text-logging-sensitive-data` query
2022-02-21 10:12:33 +00:00
Jeroen Ketema
fc91c82777
Add change note
2022-02-21 10:48:46 +01:00
Jeroen Ketema
e05af1e1d1
Use underlyingElement in isStructuredBinding
...
Accodring to the documentation in `Element.qll`, `underlyingElement` is
supposed to be used here and not `unresolveElement`.
2022-02-21 10:46:29 +01:00
Esben Sparre Andreasen
1d437dd722
Merge pull request #8043 from github/esbena/sharpen-hardcoded-credentials
...
JS: Sharpen hardcoded credentials
2022-02-21 10:02:58 +01:00
Rasmus Wriedt Larsen
b59ab7f5f3
Merge branch 'main' into python/promote-log-injection
2022-02-21 09:59:31 +01:00
Erik Krogh Kristensen
5f9bd7a4a1
Merge pull request #7984 from erik-krogh/fix-ql-for-ql-js
...
JS: fix most ql-for-ql warnings
2022-02-21 09:15:06 +01:00
Asger Feldthaus
7848fcec80
Shared: sync AccessPathSyntax.qll
2022-02-21 08:21:53 +01:00
Asger Feldthaus
d7f07167ac
Shared: Remove getLastToken again
2022-02-21 08:21:53 +01:00
Asger Feldthaus
2c2a82a070
Shared: allow spaces between arguments in a token
2022-02-21 08:21:53 +01:00
Asger Feldthaus
55ac5cb012
Shared: auto format
2022-02-21 08:21:53 +01:00
Asger Feldthaus
4985fbb526
Shared: update getSummaryCsv and related test output
2022-02-21 08:21:53 +01:00
Asger Feldthaus
dcc523a2b7
Shared: auto format
2022-02-21 08:21:53 +01:00
Asger Feldthaus
7fcbdbeada
Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll
2022-02-21 08:21:52 +01:00
Asger Feldthaus
d911e0abf8
Shared: use getToken instead of getLastToken
2022-02-21 08:21:52 +01:00
Asger Feldthaus
c4304a980d
Shared: add explicit this
2022-02-21 08:21:52 +01:00
Asger Feldthaus
dc6a13242b
Shared: update comment in AccessPathSyntax.qll
2022-02-21 08:21:52 +01:00
Asger Feldthaus
2907d53e17
Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll
2022-02-21 08:21:52 +01:00
Asger Feldthaus
be63cf7049
Shared: fix qldoc and move getRawToken to top-level
2022-02-21 08:21:52 +01:00
Asger Feldthaus
c189df2341
Revert "JS: Add support for " of " syntax to help during transition"
...
This reverts commit 9bf522b3048c3b11f7e6d734ed797a613614a095.
2022-02-21 08:21:51 +01:00
Asger Feldthaus
57bf0b1432
Ruby: remove support for legacy syntax
2022-02-21 08:21:51 +01:00
Asger Feldthaus
e3605eed44
Ruby: update CSV rows to dot-separated syntax
2022-02-21 08:21:50 +01:00
Asger Feldthaus
7005d53a67
Ruby: manually rewrite DigSummary access path
2022-02-21 08:16:55 +01:00
Asger Feldthaus
6dbeb81f36
Ruby: use AccessPathSyntax.qll to parse input/output summary specs
2022-02-21 08:16:55 +01:00
Asger Feldthaus
0af9e8aa58
C#: remove support for legacy syntax
2022-02-21 08:16:55 +01:00
Asger Feldthaus
6bb15dcc27
C#: update CSV rows to dot-separated syntax
2022-02-21 08:16:55 +01:00
Asger Feldthaus
dffa1d1558
C#: use AccessPathSyntax.qll to parse input/output summary specs
2022-02-21 08:16:55 +01:00
Asger Feldthaus
affdbe9955
Java: remove support for legacy syntax
2022-02-21 08:16:55 +01:00
Asger Feldthaus
a121b73181
Java: update CSV rows to dot-separated syntax
2022-02-21 08:16:55 +01:00
Asger Feldthaus
7f808710ec
Java: update model generator
2022-02-21 08:16:54 +01:00
Asger Feldthaus
753c557dbe
Java: use AccessPathSyntax.qll to parse input/output summary specs
2022-02-21 08:16:54 +01:00
Asger Feldthaus
53935db6c6
JS: Add support for " of " syntax to help during transition
2022-02-21 08:16:54 +01:00
Asger Feldthaus
30254686d8
JS: Move ".."-parsing trick into AccessPathSyntax.qll
2022-02-21 08:16:54 +01:00
Asger Feldthaus
7c2cff3227
JS: Factor out AccessPathSyntax.qll
2022-02-21 08:16:54 +01:00
Asger Feldthaus
e2cbf47b16
JS: Fix accidental recursion
2022-02-21 08:16:53 +01:00
Harry Maclean
e4f801bea8
Merge pull request #7886 from github/hmac/split-ruby-std-library
...
Ruby: split standard library models into multiple files
2022-02-21 13:39:43 +13:00
Harry Maclean
9a60c7e4ac
Ruby: Update filename in test fixture
2022-02-21 09:43:36 +13:00
Alex Ford
6b8537c4e0
Ruby: FileSystemWriteAccess changenote
2022-02-20 20:14:01 +00:00
Alex Ford
baabe66551
Ruby: update Files.ql tests for write accesses
2022-02-20 19:28:12 +00:00
Alex Ford
12ce3d4784
Ruby: Implement FileSystemWriteAccess for IO/File API
2022-02-20 19:27:11 +00:00
Alex Ford
4f0174e89a
Ruby: add FileSystemWriteAccess concept
2022-02-20 19:26:54 +00:00
jorgectf
c5f30d99d5
Create an extendable AdditionalTaintStep class in customizations
2022-02-20 17:34:12 +01:00
Dave Bartolomeo
ac9e2d0c6d
Parallel semantic modulus analysis
2022-02-18 17:43:27 -05:00
Dave Bartolomeo
e2e2c0e540
Fix a few bugs to make results of semantic sign analysis match the original AST analysis
2022-02-18 17:03:10 -05:00
Dave Bartolomeo
99f24e5a9e
Fix up sign analysis and create diff query
2022-02-18 13:03:26 -05:00
Dave Bartolomeo
5bd5f39ad8
Try parallel versions of sign analysis, AST vs. semantic
2022-02-18 12:28:36 -05:00
Rasmus Wriedt Larsen
9d81fd3b95
Python: Improve sanitizer/guards tests
...
Based on review conversation
2022-02-18 14:12:41 +01:00
Rasmus Wriedt Larsen
7aa559f4aa
Python: Restore dataflow consistency queries
2022-02-18 13:47:29 +01:00
Rasmus Wriedt Larsen
c5b6fb37b7
Python: Clean up NormalDataflowTest.qll
2022-02-18 13:47:29 +01:00
Rasmus Wriedt Larsen
67ca14876a
Python: Apply suggestions from code review
...
Co-authored-by: yoff <lerchedahl@gmail.com >
2022-02-18 13:47:07 +01:00
Alex Ford
dd383f942f
Merge remote-tracking branch 'origin/main' into ruby/clear-text-logging
2022-02-17 15:32:31 +00:00
Alex Ford
33f4fffe16
Ruby: Simplify sub!/gsub! sanitizers for cleartext logging query
2022-02-17 13:10:44 +00:00
Jeroen Ketema
d4832b48c6
C++: Update DB scheme stats
2022-02-17 11:48:42 +01:00
Jeroen Ketema
e2bc4c88e4
C++: Expose is_structured_binding as a member of Variable
2022-02-17 11:44:08 +01:00
Jeroen Ketema
f875d722b0
C++: Add DB upgrade and downgrade scripts
2022-02-17 11:44:08 +01:00
Jeroen Ketema
f358f8f265
C++: Add DB relation identifying structured bindings
2022-02-17 11:44:08 +01:00
Asger Feldthaus
69995d5750
Shared: rephrase request forgery name and description
2022-02-17 09:07:08 +01:00
Asger Feldthaus
51442ddf47
JS: Add change note
2022-02-17 09:07:08 +01:00
Asger Feldthaus
3496ae131b
JS: Factor out <recommendation> part of qhelp
2022-02-17 09:07:08 +01:00
Harry Maclean
bfd2c14555
Ruby: Add shim StandardLibrary.qll
...
This file re-exports everything it used to define, marking each as
deprecated to warn users that they should import `Core` or `Stdlib`
instead.
2022-02-17 20:44:04 +13:00
Harry Maclean
459f949c24
Ruby: fix old import in ActiveSupport
...
codeql.ruby.frameworks.StandardLibrary is deprecated
2022-02-17 20:44:04 +13:00
Harry Maclean
9fff2cfcff
Ruby: Add missing documentation
2022-02-17 20:44:04 +13:00
Harry Maclean
546bfcb8ea
Ruby: split tests to match stdlib changes
2022-02-17 20:44:04 +13:00
Harry Maclean
eb4f333c25
Ruby: Move UnknownMethodCall to ast/Call.qll
2022-02-17 20:44:04 +13:00
Harry Maclean
a397c65d36
Ruby: Split standard library modeling
...
Split the classes modeling various standard library concepts into a
structured group of multiple files.
Things that are part of the core language live in framworks/core and
standard libraries (that aren't part of core) live in frameworks/stdlib.
This mirrors the structure followed by the Ruby docs
(https://docs.ruby-lang.org/en/3.1/ ).
Tests are split in a followup commit.
2022-02-17 20:44:04 +13:00
Robert Marsh
103796dfa8
C++: respond to PR comments on InsufficientKeySize
2022-02-16 14:58:29 -05:00
Robert Marsh
cfd9c9d137
C++: Update doc for `getMinimumKeySize
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2022-02-16 14:53:09 -05:00
Ian Lynagh
a448db11b5
Merge pull request #8052 from igfoo/igfoo/descendent
...
Spelling: Use "descendant" rather than "descendent" for consistency
2022-02-16 18:03:52 +00:00
Robert Marsh
3637078a26
C++: change note for insufficient key size
2022-02-16 12:43:39 -05:00
Asger Feldthaus
8ac0ec8dfc
JS: Write help for ClientSideRequestForgery
2022-02-16 18:33:31 +01:00
Robert Marsh
d3665f935e
C++: add sample code for InsufficientKeySize.qhelp
2022-02-16 12:30:41 -05:00
luchua-bc
f136ea0f6f
Switch to the shared PathSanitizer library
2022-02-16 16:06:28 +00:00
Nick Rolfe
26e7f3273b
Merge pull request #8044 from github/nickrolfe/db_upgrade_script
...
Language-agnostic document on db up-/downgrades
2022-02-16 15:02:04 +00:00
Nick Rolfe
6d02ea7870
doc: remove unneeded --search-path flag
2022-02-16 14:51:12 +00:00
Ian Lynagh
b16e4c0247
Spelling: Use "descendant" rather than "descendent" for consistency
...
$ git grep -i descendant | wc -l
170
2022-02-16 14:26:02 +00:00
Nick Rolfe
54b56c44e6
doc: avoid using Posix-specific search-path separator
2022-02-16 12:42:58 +00:00
Asger Feldthaus
91c64152d2
JS: Rephrase the qhelp for SSRF query
2022-02-16 13:35:01 +01:00
Asger Feldthaus
cf66d01e80
JS: Add consistency test
2022-02-16 13:35:01 +01:00
Asger Feldthaus
3103cfd925
JS: Rename to tests to clientSide.js and serverSide.js
2022-02-16 13:35:01 +01:00
Asger Feldthaus
3fbc3a4d70
JS: Add ClientSideRequestForgery to RequestForgery test
2022-02-16 13:35:01 +01:00
Asger Feldthaus
260638c68b
JS: Add ClientSideRequestForgery and split request-forgery results between the two
2022-02-16 13:35:01 +01:00
Esben Sparre Andreasen
f08a140505
update tests for password patterns
2022-02-16 13:22:19 +01:00
Nick Rolfe
17450a5b27
Python/Ruby: rm old prepare-db-upgrade.sh files
2022-02-16 12:21:52 +00:00
Ian Lynagh
83bba47fdb
Java: Update stats
2022-02-16 12:06:18 +00:00
Nick Rolfe
549436fc86
doc: typo
2022-02-16 12:00:35 +00:00
Nick Rolfe
26b2012024
Move Ruby doc on db upgrades to common docs dir
...
And explain downgrades
2022-02-16 11:35:52 +00:00
Nick Rolfe
ee5068d843
Python/Ruby: forward to generic prepare-db-upgrade.sh
2022-02-16 11:03:28 +00:00
Tony Torralba
111aabb707
Merge pull request #7712 from luchua-bc/java/file-path-injection
...
Java: CWE-073 File path injection with the JFinal framework
2022-02-16 12:01:34 +01:00
Jeroen Ketema
3170670f67
Merge pull request #8041 from jketema/prepare-db-upgrade-script
...
Add version of `prepare-db-upgrade.sh` supporting multiple languages
2022-02-16 11:45:34 +01:00
Jeroen Ketema
671528b483
Find qldir by using the location of prepare-db-upgrade.sh
2022-02-16 11:35:15 +01:00
Jeroen Ketema
8ad0d8ea69
Factor out creating upgrade.properties into a function
2022-02-16 10:54:12 +01:00
Jeroen Ketema
b27dd6ca72
Simplify check_hash_valid
2022-02-16 10:53:39 +01:00
Jeroen Ketema
f558ac5b07
Make --lang a required script argument
2022-02-16 10:18:55 +01:00
Esben Sparre Andreasen
816d79692b
ignore deliberately hardcoded password strings
2022-02-16 09:47:01 +01:00
Esben Sparre Andreasen
78744a0182
add additional tests
2022-02-16 09:44:56 +01:00
Esben Sparre Andreasen
e67c09f9ab
change example passwords in test
2022-02-16 08:56:00 +01:00
Arthur Baars
ebb87c4b36
Merge pull request #7975 from github/post-release-prep/codeql-cli-2.8.1
...
Post-release preparation for codeql-cli-2.8.1
2022-02-15 20:17:35 +01:00
Arthur Baars
0f15d71cd8
Merge pull request #694 from github/post-release-prep/codeql-cli-2.8.1
...
Post-release preparation for codeql-cli-2.8.1
2022-02-15 20:16:09 +01:00
Geoffrey White
703f18b82f
C++: Better deduplication.
2022-02-15 17:52:27 +00:00
Jeroen Ketema
1209bbd9b4
Add version of prepare-db-upgrade.sh supporting multiple languages
2022-02-15 18:39:21 +01:00
luchua-bc
40bf093d34
Move shared code to the lib folder and update qldoc
2022-02-15 17:28:13 +00:00
Tony Torralba
5f0ab522f3
Merge pull request #7988 from Marcono1234/marcono1234/sealed-types-predicates
...
Java: Add predicates for sealed classes
2022-02-15 15:11:56 +01:00
yo-h
cfcb06cad9
Merge pull request #8035 from tamasvajk/feature/hardcoded-cred-medium-prec
...
C#: Downgrade hardcoded credentials queries to medium precision
2022-02-15 08:09:27 -05:00
Chris Smowton
2f82a46528
Elaborate change note
2022-02-15 12:56:57 +00:00
luchua-bc
fd533f2ba8
Remove the same callable constraint
2022-02-15 12:44:23 +00:00
Mathias Vorreiter Pedersen
c48e49650a
Merge pull request #8039 from jketema/downgrades
...
C++: Add initial DB scheme and qlpack file to downgrades directory
2022-02-15 11:30:33 +00:00
Jeroen Ketema
d59422be41
Add qlpack file to downgrades directory
2022-02-15 12:18:46 +01:00
Jeroen Ketema
0bcb5cb380
Add initial cpp DB scheme to downgrades directory
2022-02-15 11:59:46 +01:00
Mathias Vorreiter Pedersen
38e44924e7
Merge pull request #8036 from jketema/remove-legacy-relations-2
...
C++: Remove some unused legacy relations from the DB scheme - Take 2
2022-02-15 10:56:25 +00:00
Jeroen Ketema
3b2584a5d1
Add change note
2022-02-15 11:18:44 +01:00
Jeroen Ketema
9d7784e12d
C++: Add DB downgrade script
2022-02-15 11:18:44 +01:00
Jeroen Ketema
f791c63780
C++: Add DB upgrade script
2022-02-15 11:18:44 +01:00
Jeroen Ketema
68fd953d9b
C++: Mark classes depending on removed relations as deprecated
...
Also ensure they no longer depend on the removed relations.
2022-02-15 11:18:36 +01:00
Rasmus Wriedt Larsen
62d4bb50a5
Python: Autoformat
...
Trailing whitespace is a bit too easy with the ```suggestions through
the UI :|
2022-02-15 10:38:52 +01:00
Tony Torralba
bfa14fa066
Merge pull request #7823 from JLLeitschuh/improve/JLL/combined_http_headers
...
Java: Add HTTP Request Splitting to Netty Query
2022-02-15 10:24:36 +01:00
Rasmus Wriedt Larsen
5a90214ece
Merge pull request #7783 from yoff/python/promote-ldap-injection
...
Python: promote LDAP injection query
2022-02-15 10:24:18 +01:00
Jeroen Ketema
bf6ca7a7be
C++: Remove some unused legacy relations from the DB scheme
2022-02-15 10:16:35 +01:00
Tamas Vajk
0c667fa544
Move change note from lib to src folder
2022-02-15 09:58:12 +01:00
Tamas Vajk
c386ab5e51
Add change note
2022-02-15 09:55:18 +01:00
CodeQL CI
8f8621f82c
Merge pull request #8022 from asgerf/js/url-parse-qs
...
Approved by esbena
2022-02-15 09:34:21 +01:00
Tamas Vajk
e8bf94faf9
C#: Downgrade hardcoded credentials queries to medium precision
2022-02-15 09:34:20 +01:00
Marcono1234
a496b1d1a1
Java: Add predicates for sealed classes
2022-02-14 21:04:38 +01:00
Robert Marsh
0e50c4b186
C++: Add openssl low-level API
2022-02-14 14:47:55 -05:00
Chris Smowton
0bf6c83ef2
Merge pull request #4388 from JLLeitschuh/feat/JLL/java/CWE-200_temp_directory_local_information_disclosure
...
Java: CWE-200: Temp directory local information disclosure vulnerability
2022-02-14 18:58:44 +00:00
Chris Smowton
fd4dc95d84
Merge pull request #6443 from artem-smotrakov/ignored-hostname-verifier
...
Java: An experimental query for ignored hostname verification
2022-02-14 18:56:27 +00:00
yoff
de5b3a272d
Merge pull request #7660 from RasmusWL/deprecate-old-modeling
...
Python: Deprecate old points-to based modeling
2022-02-14 19:48:03 +01:00
Chris Smowton
f2bc5849ce
format
2022-02-14 17:00:14 +00:00
Nick Rolfe
9c79a171ae
Merge pull request #8017 from github/nickrolfe/csharp_externalData
...
C#: add externalData back to dbscheme
2022-02-14 16:54:32 +00:00
Jonathan Leitschuh
2048aed0a9
Review feedback and improve temp dir vulnerable/safe code sugestion
2022-02-14 11:29:16 -05:00
Chris Smowton
a62eae5a1e
Remove redundant conditions from HostnameVerificationCall.isIgnored
2022-02-14 16:26:41 +00:00
Jonathan Leitschuh
76964d58f2
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-02-14 11:04:31 -05:00
Jonathan Leitschuh
bb580ddbab
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-02-14 11:02:05 -05:00
Jonathan Leitschuh
7dee22a130
Fix implicit 'this' usage
2022-02-14 11:00:41 -05:00
luchua-bc
2b5982fd9d
Remove specified value step from additional taint step
2022-02-14 15:42:54 +00:00
yoff
3a995ec1b1
Update python/ql/lib/semmle/python/security/dataflow/LogInjectionCustomizations.qll
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-14 16:08:44 +01:00
yoff
62598c0fd1
Update python/ql/lib/semmle/python/security/dataflow/LogInjectionCustomizations.qll
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-14 16:07:40 +01:00
yoff
86786d3368
Update docs/codeql/support/reusables/frameworks.rst
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-14 16:05:59 +01:00
Asger Feldthaus
8b55a24e7c
JS: Add url-parse.qs as an alias for the querystringify library
2022-02-14 15:29:50 +01:00
luchua-bc
35a924292b
Model value passing between a setter and a getter call as a value step
2022-02-14 14:08:55 +00:00
Asger Feldthaus
f7108506f2
JS: Raise precision tag of js/request-forgery
2022-02-14 14:20:41 +01:00
Nick Rolfe
2633f9d02e
C#: delete externalData.rel in downgrade script
2022-02-14 12:25:32 +00:00
Nick Rolfe
6e7f5f8c12
C#: add DB upgrade and downgrade scripts
2022-02-14 12:16:39 +00:00
Nick Rolfe
d43a62a09f
C#: add externalData back to dbscheme
...
That table is still used, and is populated by the CSV extractor.
2022-02-14 12:09:00 +00:00
Rasmus Lerchedahl Petersen
d1200d0cd5
python: fix change-note formatting
2022-02-14 12:22:29 +01:00
Rasmus Lerchedahl Petersen
84447e4710
python: more detailed alert message
2022-02-14 11:55:07 +01:00
Rasmus Lerchedahl Petersen
bd14adefa0
python: add apologetic comment
2022-02-14 11:37:46 +01:00
Mathias Vorreiter Pedersen
9b8d85903c
Merge pull request #8011 from MathiasVP/revert-remove-legacy-tables
...
Revert "Merge pull request #7982 from jketema/remove-legacy-relations"
2022-02-14 10:32:01 +00:00
Mathias Vorreiter Pedersen
bc24b03d31
Merge pull request #8012 from erik-krogh/db-in-upgrade
...
QL: allow raw db types in upgrade/downgrade scripts
2022-02-14 10:24:55 +00:00
Erik Krogh Kristensen
8c7bf69a87
allow raw db types in upgrade/downgrade scripts without adding a warning for it
2022-02-14 10:40:07 +01:00
Mathias Vorreiter Pedersen
ab7850c581
Revert "Merge pull request #7982 from jketema/remove-legacy-relations"
...
This reverts commit 2b6d57d85b , reversing
changes made to 9b4dbb9dd8 .
2022-02-14 09:11:56 +00:00
Mathias Vorreiter Pedersen
2b6d57d85b
Merge pull request #7982 from jketema/remove-legacy-relations
2022-02-14 07:59:19 +00:00
root
5ed5e0b105
Add query to detect ZipSlip
2022-02-13 16:44:27 -05:00
Artem Smotrakov
48604cd7b3
Better HostnameVerificationCall.isIgnored()
2022-02-12 15:52:16 +00:00
Artem Smotrakov
36e565d673
Use classes from semmle.code.java.security.Encryption
2022-02-12 15:31:35 +00:00
Artem Smotrakov
651e43dee6
Clarify what verifier is
2022-02-12 12:24:48 +00:00
luchua-bc
78630f25dd
Match attribute name to reduce FP
2022-02-11 23:53:31 +00:00
Chuan-kai Lin
9b4dbb9dd8
Merge pull request #7895 from github/cklin/upgrades-initial-dbscheme
...
Upgrade scripts testing: set initial dbschemes
2022-02-11 11:06:12 -08:00
Andrew Eisenberg
0f3d780935
Merge pull request #7946 from github/aeisenberg/check-change-not
...
Workflows: Augment workflow to ensure failure with invalid change notes
2022-02-11 09:25:14 -08:00
Jeroen Ketema
7f4913d61f
Add change notes
2022-02-11 18:15:33 +01:00
Jeroen Ketema
9d7aa176f3
C++: Mark classes depending on removed relations as deprecated
...
Also ensure they no longer depend on the removed relations.
2022-02-11 18:04:17 +01:00
Nick Rolfe
b3048eed21
Merge pull request #7979 from github/nickrolfe/charp
...
C#: fix misspellings of 'csharp'
2022-02-11 16:57:59 +00:00
Erik Krogh Kristensen
a1c5724be7
fix most ql-for-ql warnings in JS
2022-02-11 17:57:37 +01:00
Andrew Eisenberg
5092493160
Update .github/workflows/validate-change-notes.yml
2022-02-11 08:41:20 -08:00
Geoffrey White
c4d9c1d9e7
C++: Reduce result duplication.
2022-02-11 16:03:38 +00:00
Jeroen Ketema
5205db9e17
C++: Add DB downgrade script
2022-02-11 16:36:21 +01:00
Jeroen Ketema
3033f3f89c
C++: Add DB upgrade script
2022-02-11 16:35:51 +01:00
Jeroen Ketema
94d3d63704
C++: Remove some unused legacy relations from the DB scheme
2022-02-11 16:35:08 +01:00
Erik Krogh Kristensen
360cf0ff17
Merge pull request #7981 from erik-krogh/erik-krogh/key-on-qlpacks
...
QL: add qlpack.yml to the cache key for QL-for-QL query build
2022-02-11 16:19:38 +01:00
Erik Krogh Kristensen
6639bdaf1e
add qlpack.yml to the cache key for QL-for-QL query build
2022-02-11 16:04:39 +01:00
Nick Rolfe
dc2f653496
Merge remote-tracking branch 'origin/main' into nickrolfe/charp
2022-02-11 14:56:15 +00:00
Erik Krogh Kristensen
25f6880809
Merge pull request #7980 from erik-krogh/fix-ql-pack
...
QL: fix pack name for ql-for-ql
2022-02-11 15:53:02 +01:00
Erik Krogh Kristensen
1fa5265a2e
fix pack name for ql-for-ql
2022-02-11 15:44:14 +01:00
Nick Rolfe
164cce7417
C#: fix misspellings of 'csharp'
2022-02-11 14:08:47 +00:00
Erik Krogh Kristensen
25d64a7901
Merge pull request #7930 from erik-krogh/rbApiIpa
...
RB: convert the ruby ApiGraphs to use IPA labels
2022-02-11 14:35:39 +01:00
Geoffrey White
00ba76b7e4
C++: Convert to IR taint tracking.
2022-02-11 13:00:42 +00:00
luchua-bc
e3d0e9f083
Update normalized path node
2022-02-11 12:38:05 +00:00
Arthur Baars
678645ba57
Merge pull request #7883 from github/aibaars/ruby-cross
...
Ruby: add configuration for 'cross'
2022-02-11 13:15:34 +01:00
Arthur Baars
525c685584
Ruby: add configuration for 'cross'
2022-02-11 12:50:33 +01:00
Taus
d7f30de5b0
Merge pull request #7874 from RasmusWL/set-store-step
...
Python: Fix setStoreStep to use `SetElementContent`
2022-02-11 12:50:02 +01:00
Arthur Baars
a85b2093d6
Merge pull request #7969 from github/doc-remove-filter-queries
...
Docs: remove mention of 'filter queries'
2022-02-11 12:48:34 +01:00
github-actions[bot]
21bf29353f
Post-release preparation for codeql-cli-2.8.1
2022-02-11 11:07:31 +00:00
github-actions[bot]
a89ae0b65e
Post-release preparation for codeql-cli-2.8.1
2022-02-11 11:07:13 +00:00
Taus
327e0dad72
Merge pull request #7674 from erik-krogh/dbTypeInNonLib
...
QL: Use of db-type outside language core.
2022-02-11 12:00:14 +01:00
Owen Mansel-Chan
fbd73a3ed5
Merge pull request #690 from asgerf/asgerf/sync-flow-summary-impl
...
Go: sync FlowSummaryImpl.qll
2022-02-11 10:50:37 +00:00
Arthur Baars
47eb96d223
Docs: remove mention of 'filter queries'
2022-02-11 11:45:34 +01:00
Erik Krogh Kristensen
5a39708cf7
move TLabel to the Impl module and cache it
2022-02-11 10:54:45 +01:00
Erik Krogh Kristensen
36e02ae9ac
Merge pull request #7912 from erik-krogh/moarApi
...
JS: convert more type-trackers to API-graphs
2022-02-11 10:32:45 +01:00
Erik Krogh Kristensen
daa96cc218
change some docstrings based on review, and make fields private
2022-02-11 10:25:54 +01:00
Tom Hvitved
0f60401919
Merge pull request #2513 from hvitved/csharp/null-maybe-capture
...
C#: Remove FPs from `cs/dereferenced-value-may-be-null`
2022-02-11 10:21:15 +01:00
Erik Krogh Kristensen
6ae4652ce9
make the Impl module private again
2022-02-11 10:17:24 +01:00
Arthur Baars
74ed89409c
Merge pull request #7948 from github/release-prep/2.8.1
...
Release preparation for version 2.8.1
2022-02-11 10:13:34 +01:00
Erik Krogh Kristensen
3791b159fb
Merge pull request #7892 from erik-krogh/nanSan
...
JS: Add a `isNaN` sanitizer, and use it in queries that already had a typeof check
2022-02-11 10:13:06 +01:00
Erik Krogh Kristensen
2ffd79d451
Merge pull request #7921 from erik-krogh/snapdragon
...
JS: add model for the snapdragon library
2022-02-11 10:10:55 +01:00
Arthur Baars
58a2597c3a
C++: move change note lines to correct query pack
2022-02-11 09:52:36 +01:00
Asger Feldthaus
620bdf22c2
Go: add new sink to completetest.ql as well
2022-02-11 09:44:27 +01:00
Arthur Baars
6403a23af3
Merge pull request #693 from github/release-prep/2.8.1
...
Release preparation for version 2.8.1
2022-02-11 09:38:37 +01:00
Tom Hvitved
987b11c362
Merge pull request #7926 from hvitved/csharp/brotli
...
C#: Use Brotli instead of Gzip
2022-02-11 09:29:04 +01:00
Tamás Vajk
c5d917eb72
Improve formatting of 0.0.9 release notes
2022-02-11 09:19:43 +01:00
Asger Feldthaus
6bfc0a7a1c
Go: use parseConstantOrRange in parseReturn
2022-02-11 08:38:15 +01:00
Asger Feldthaus
66545dbe41
Go: fix parsing of n1..n2 in parseConstantOrRange
2022-02-11 08:35:18 +01:00
Asger Feldthaus
a26bfb0926
Go: add test with Argument[0..2] spec
2022-02-11 08:34:31 +01:00
Esben Sparre Andreasen
a4447ce372
Update javascript/ql/lib/semmle/javascript/frameworks/Snapdragon.qll
2022-02-11 08:20:02 +01:00
luchua-bc
12c53baba4
Simplify the query
2022-02-11 01:05:06 +00:00
Harry Maclean
017183e7f3
Merge pull request #7919 from github/hmac/open-uri
...
Ruby: recognise additional form for OpenURI
2022-02-11 14:03:26 +13:00
Andrew Eisenberg
cba9e0b267
Fix paths in check-change-note
...
Library pack changes were being ignored.
2022-02-10 14:36:23 -08:00
github-actions[bot]
f25fc70b7c
Release preparation for version 2.8.1
2022-02-10 22:08:24 +00:00
github-actions[bot]
6f0e1a284f
Release preparation for version 2.8.1
2022-02-10 22:08:16 +00:00
Andrew Eisenberg
9441ea940c
Workflows: Augment workflow to ensure failure with invalid change notes
2022-02-10 13:52:54 -08:00
Erik Krogh Kristensen
f41bc64e30
add change-note
2022-02-10 22:41:35 +01:00
Arthur Baars
c9f898745c
Merge pull request #7943 from github/aibaars/cpp-move-note
...
C++: move change note
2022-02-10 22:32:31 +01:00
Arthur Baars
6cba49abe3
C++: move change note
2022-02-10 22:13:54 +01:00
Arthur Baars
1fb3cbfeee
Merge pull request #7940 from github/aibaars/js-move-note
...
Javascript: move change note
2022-02-10 21:20:06 +01:00
Arthur Baars
61ba896343
Javascript: move change note
2022-02-10 20:58:49 +01:00
Robert Marsh
dbe4770c7d
C++: add initial insufficient key size query
2022-02-10 14:53:40 -05:00
Tom Hvitved
2b2196d638
Merge pull request #7927 from github/hvitved-patch-1
...
Add C# 10 and .NET 6 to `versions-compilers.rst`
2022-02-10 20:43:33 +01:00
Erik Krogh Kristensen
eb56a5aef3
support more patterns that recognize valid numbers
2022-02-10 19:50:35 +01:00
Artem Smotrakov
0ba229a64b
Apply suggestions from code review (typos/formatting)
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-10 18:37:12 +00:00
Alex Ford
d55ba2542a
Ruby: fix an alert
2022-02-10 18:35:22 +00:00
Geoffrey White
85d03fdbfd
C++: Change note.
2022-02-10 18:05:41 +00:00
Erik Krogh Kristensen
02ed1ca392
add missing qldoc
2022-02-10 18:06:53 +01:00
yoff
a2532a86ea
Merge pull request #7894 from tausbn/python-normalise-prefixes
...
Python: Normalise string prefixes
2022-02-10 17:57:11 +01:00
Erik Krogh Kristensen
9739929795
convert the ruby ApiGraphs to use IPA labels
2022-02-10 17:54:19 +01:00
Alex Ford
bc53570a25
Ruby: fewer mappings from dataflow nodes to ast nodes
2022-02-10 15:58:31 +00:00
Alex Ford
7c1bd9a533
Ruby: add a test case for cleartext logging that uses NonCleartextPasswordFlow
2022-02-10 15:50:56 +00:00
Alex Ford
83a3808bbe
Ruby: avoid marking mutator methods as being safe (i.e. not returning sensitive data)
2022-02-10 15:50:56 +00:00
Alex Ford
b46e4ccd71
Ruby: drop SanitizerIn from ClearTextLoggingQuery
2022-02-10 15:50:56 +00:00
Alex Ford
7b4af39315
Ruby: track masked variables potentially containing sensitive data more accurately
2022-02-10 15:50:56 +00:00
Alex Ford
59ab384825
Ruby: rb/clear-text-logging-sensitive-data - match on CFG nodes rather than AST nodes
2022-02-10 15:50:56 +00:00
Jonathan Leitschuh
eee521e6ce
Fix test failure for TempDirLocalInformationDisclosure
2022-02-10 10:40:40 -05:00
Tom Hvitved
a3d631f2df
Add C# 10 and .NET 6 to versions-compilers.rst
2022-02-10 15:45:00 +01:00
Tom Hvitved
1c66444a61
C#: Use Brotli instead of Gzip
2022-02-10 14:30:24 +01:00
Owen Mansel-Chan
317376583c
Minor changes to qhelp
2022-02-10 13:25:20 +00:00
Owen Mansel-Chan
a008bd4f25
Add a change note
2022-02-10 13:25:20 +00:00
Robin Neatherway
4ba4b5a811
Add query help for WrappedErrorAlwaysNil
2022-02-10 13:25:20 +00:00
Owen Mansel-Chan
98c60f31a6
Simplify comparison of DataFlow::Node and IR::Instruction
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-10 13:25:19 +00:00
Owen Mansel-Chan
9b61ed9578
Add query "Wrapped error always nil"
2022-02-10 13:25:19 +00:00
Felicity Chapman
efed21b99a
Merge pull request #7885 from Marcono1234/marcono1234/extractor-doc-improvements
...
Fix and improve Extractor options documentation formatting
2022-02-10 12:59:45 +00:00
CodeQL CI
9ebbd9efa1
Merge pull request #7591 from asgerf/js/mysql-sinks
...
Approved by esbena
2022-02-10 12:50:36 +00:00
Felicity Chapman
5ec1fc11f9
Apply suggestions from code review
2022-02-10 12:41:37 +00:00
CodeQL CI
a57ee019c2
Merge pull request #7819 from asgerf/asgerf/ruby-def-nodes
...
Approved by hvitved
2022-02-10 12:37:34 +00:00
Asger Feldthaus
6d4b4df717
Go: auto format
2022-02-10 13:27:46 +01:00
Asger Feldthaus
f66cad85be
Go: sync FlowSummaryImpl.qll
2022-02-10 13:08:54 +01:00
Taus Brock-Nannestad
be323bafaf
Merge remote-tracking branch 'upstream/main' into python-normalise-prefixes
2022-02-10 12:55:49 +01:00
CodeQL CI
1a91a79b5b
Merge pull request #5841 from erik-krogh/libCode
...
Approved by esbena, ethanpalm
2022-02-10 11:36:45 +00:00
Mathias Vorreiter Pedersen
d05dbb285c
Merge pull request #7841 from jketema/structured-bindings-fix
...
C++: Update C++ variable hiding test
2022-02-10 11:29:38 +00:00
Geoffrey White
b0c2a144cc
C++: Remove no longer relevant tests.
2022-02-10 11:11:31 +00:00
Geoffrey White
20ad92a82e
C++: Filter noisiest sources.
2022-02-10 11:11:30 +00:00
Geoffrey White
7b5b2fdcd1
C++: Modernize cpp/system-data-exposure as a path-problem using IR taint, RemoteFlowSinkFunction.
2022-02-10 11:11:26 +00:00
Geoffrey White
5490809bcf
C++: Expand tests.
2022-02-10 10:43:21 +00:00
Erik Krogh Kristensen
d55920ad27
add model for the snapdragon library
2022-02-10 11:32:59 +01:00
Jeroen Ketema
46821fe136
Update C++ variable hiding test
...
Structured bindings are now handled better, so the false negative
related to structured bindings is now a true positive.
2022-02-10 10:58:32 +01:00
Tom Hvitved
58d90c7f8d
Python: More points-to performance improvements
2022-02-10 10:29:30 +01:00
Tom Hvitved
7fd8d6dd30
Address review comments
2022-02-10 10:29:30 +01:00
Tom Hvitved
2de892bfd8
Python: Points-to performance improvements
2022-02-10 10:29:30 +01:00
Erik Krogh Kristensen
12d31d750a
convert more type-trackers to API-graphs
2022-02-10 09:54:52 +01:00
Stephan Brandauer
a73cdf3527
Merge pull request #7911 from kaeluka/javascript/add-getFlowLabel-to-PathNode
...
JS: add a getFlowLabel method to the PathNode class
2022-02-10 09:10:08 +01:00
Jonathan Leitschuh
bafcce17d4
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-09 22:14:17 -05:00
Harry Maclean
d966ca8466
Ruby: recognise additional form for OpenURI
2022-02-10 15:42:15 +13:00
luchua-bc
ce03aeb4d9
Fixed an issue related to normalized path
2022-02-09 23:19:40 +00:00
Rasmus Wriedt Larsen
94f9656e8e
Python: Solve deprecation warnings for old experimental queries
2022-02-10 00:09:43 +01:00
Harry Maclean
f30222256f
Merge pull request #7061 from github/hmac/actiondispatch
...
Ruby: Rails route resolution
2022-02-10 09:46:36 +13:00
Chris Smowton
b51b6069fc
Merge pull request #689 from github/codeql-cli-2.8.0-copy
...
Main merged into codeql-cli-2.8.0
2022-02-09 19:21:06 +00:00
Ethan Palm
2f7f9d9032
Move explanation of example above sample code
2022-02-09 10:45:24 -08:00
Jonathan Leitschuh
ded8d64301
Remove CAPC and add CWE-93
2022-02-09 12:31:53 -05:00
Jonathan Leitschuh
03fdee3767
Cleanup Netty Response Splitting Query
2022-02-09 12:28:11 -05:00
Jonathan Leitschuh
8ffe878722
Apply suggestions from code review
...
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com >
2022-02-09 12:28:11 -05:00
Jonathan Leitschuh
c732cb7759
Add HTTP Request Splitting to Netty Query
2022-02-09 12:28:10 -05:00
Tamas Vajk
29391a173a
Merge branch 'main' into codeql-cli-2.8.0-copy
2022-02-09 18:25:08 +01:00
Tamás Vajk
92862fa4b5
Merge pull request #684 from github/post-release-prep/codeql-cli-2.8.0
...
Post-release preparation for codeql-cli-2.8.0
2022-02-09 18:07:28 +01:00
Stephan Brandauer
3e88d46e0f
add a getFlowLabel method to the PathNode class
2022-02-09 17:28:25 +01:00
Jonathan Leitschuh
49a73673b6
Fix FP from mkdirs call on exact temp directory
2022-02-09 11:04:23 -05:00
Tamás Vajk
6483a92587
Merge pull request #7865 from github/post-release-prep/codeql-cli-2.8.0
...
Post-release preparation for codeql-cli-2.8.0
2022-02-09 16:42:38 +01:00
github-actions[bot]
b3d63aca33
Post-release preparation for codeql-cli-2.8.0
2022-02-09 16:41:28 +01:00
github-actions[bot]
9c12f1a5fa
Release preparation for version 2.8.0
2022-02-09 16:40:48 +01:00
Jonathan Leitschuh
787e3dac31
Update java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-09 10:07:56 -05:00
Tom Hvitved
c695388c29
Merge pull request #7891 from hvitved/ruby/dataflow/hide-ssa-nodes
...
Ruby: Hide more SSA nodes from data-flow path explanations
2022-02-09 15:56:15 +01:00
Tom Hvitved
0bd8411cb6
Ruby: Hide more SSA nodes from data-flow path explanations
2022-02-09 15:31:10 +01:00
Rasmus Lerchedahl Petersen
aa010e420b
python: update qhelp
2022-02-09 15:27:39 +01:00
Rasmus Lerchedahl Petersen
75a2f92ce4
pthon: add change note
2022-02-09 15:23:36 +01:00
Mathias Vorreiter Pedersen
336c25d929
Merge pull request #7913 from RasmusWL/ql-qlpacks
...
QL: Streamline qlpacks
2022-02-09 13:37:19 +00:00
Rasmus Lerchedahl Petersen
313f9f056c
python: switch to using concepts
2022-02-09 14:36:48 +01:00
Owen Mansel-Chan
85db49cd00
Merge pull request #685 from github/smowton/fix/windows-2019-ci
...
CI: Run on Windows 2019
2022-02-09 13:33:24 +00:00
Rasmus Lerchedahl Petersen
17aa2898f9
python: model (xpathEval from) libxml2
2022-02-09 14:25:43 +01:00
Rasmus Lerchedahl Petersen
e8649d8947
python: model (etree from) lxml
2022-02-09 14:15:17 +01:00
Rasmus Wriedt Larsen
1f50624cf4
QL: Streamline qlpacks
...
So they follow the same format as the other languages.
`git grep codeql-ql` in the ql/ subfolder does not yield any results
now.
2022-02-09 14:08:36 +01:00
Rasmus Wriedt Larsen
9d5e8d5bd8
Merge pull request #7842 from RasmusWL/consistency-queires
...
Misc: Streamline `consistency-queries/qlpack.yml`
2022-02-09 13:42:18 +01:00
jorgectf
85b5ef36ae
XmlInjection -> XmlEntityInjection
2022-02-09 13:28:56 +01:00
Chris Smowton
c547f47ca2
CI: Run on Windows 2019
...
Tracer appears to not yet support win2022
2022-02-09 11:59:53 +00:00
Nick Rolfe
1eba8277ee
Merge pull request #7614 from github/nickrolfe/array_flow_summaries
...
Ruby: add more Array/Enumerable flow summaries
2022-02-09 09:57:59 +00:00
Harry Maclean
f276904fa9
Ruby: Add nomagic pragma to helper
2022-02-09 22:38:35 +13:00
Michael Nebel
ff369f2a36
Merge pull request #7846 from michaelnebel/csharp/deconstruction
...
C# 10: Tuple deconstruction.
2022-02-09 10:08:16 +01:00
Mathias Vorreiter Pedersen
bbbb5268ce
Merge pull request #7881 from geoffw0/clrtxtperf
...
CPP: Fix performance for cpp/cleartext-transmission
2022-02-09 09:03:44 +00:00
Erik Krogh Kristensen
5340530cb7
use the number guard in existing queries that contained typeof checks
2022-02-09 09:51:57 +01:00
Erik Krogh Kristensen
d6721ec574
implement a isNaN guard for unsafe-shell-command-construction
2022-02-09 09:51:57 +01:00
Tom Hvitved
9440a45015
Merge branch 'main' into post-release-prep/codeql-cli-2.8.0
2022-02-09 09:40:33 +01:00
yoff
f21ac04285
Update python/ql/lib/semmle/python/frameworks/Stdlib.qll
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-09 09:22:31 +01:00
luchua-bc
4609227e76
Use data model for request/session attribute operations
2022-02-09 03:24:46 +00:00
jorgectf
3ccac4ed8a
Update .expected
2022-02-08 23:59:36 +01:00
Jonathan Leitschuh
7f46640176
Consider calls to setReadable(false, false) then setReadable(true, true) to be safe
2022-02-08 17:57:10 -05:00
jorgectf
c6d8b97871
Make verifyCall() a private predicate
2022-02-08 23:37:17 +01:00
jorgectf
7b51b91d13
Improve test
2022-02-08 23:33:43 +01:00
jorgectf
ed60d16367
Refactor the way to check the verifying call
2022-02-08 23:33:30 +01:00
Jorge
f1fab98ea2
Merge branch 'github:main' into python_jwt
2022-02-08 23:12:58 +01:00
Taus Brock-Nannestad
54ae744b2c
Python: Also update Python 2 file
2022-02-08 22:08:53 +01:00
Harry Maclean
3206384884
Merge pull request #7824 from github/hmac/constantize
2022-02-09 08:30:21 +13:00
Chuan-kai Lin
a7f1ee574c
Upgrade scripts testing: set initial dbschemes
...
This commit sets initial dbschemes for cpp, csharp, java, javascript, and
python so that automated testing for upgrade scripts would also cover legacy
upgrades.
2022-02-08 11:11:41 -08:00
Tom Hvitved
b2419d60bd
Merge pull request #7090 from hvitved/ruby/perf
...
Ruby: Cache more predicates
2022-02-08 20:02:33 +01:00
Chris Smowton
143d64c92c
Merge pull request #7879 from github/smowton/admin/getting-started-mention-codeql-go-deps
...
Docs: Note codeql-go needs an install step before use
2022-02-08 18:07:26 +00:00
Alex Ford
81ed5d0ff7
Ruby: comment and node description fixes
...
Co-authored-by: Harry Maclean <hmac@github.com >
2022-02-08 18:03:29 +00:00
jorgectf
b00051e4ab
Update .expected
2022-02-08 17:52:37 +01:00
jorgectf
01ad25f3f0
Apply .getALocalSource() and fix xmltodict's vulnerable predicate
2022-02-08 17:51:09 +01:00
jorgectf
7c4a6a12b0
Test polish
2022-02-08 17:50:39 +01:00
jorgectf
8f9cd16806
Update
2022-02-08 17:23:18 +01:00
Taus Brock-Nannestad
6ea8986daa
Python: Normalise string prefixes
2022-02-08 16:48:17 +01:00
Erik Krogh Kristensen
4bbb7ad320
Merge pull request #7876 from erik-krogh/zipRelative
...
JS: recognize more startswith sanitizers for path-injection queries
2022-02-08 15:22:39 +01:00
Nick Rolfe
ade7921079
Merge pull request #7890 from github/nickrolfe/unique_node
...
Ruby/QL: add `unique` annotation on `node` column
2022-02-08 13:15:17 +00:00
Tom Hvitved
984e01ecf0
C#: Remove FPs from cs/dereferenced-value-may-be-null
...
Apply a conservative approach by filtering out results for accesses to
captured nullable values, when there is an (implicit) call to the capturing
callable which is `null`-guarded. For example:
```
bool M(int? i, IEnumerable<int> @is)
{
if (i.HasValue)
return @is.Any(j => j == i.Value); // GOOD
return false;
}
```
2022-02-08 14:01:57 +01:00
Tom Hvitved
7948d965a0
C#: Add nullness tests for captured variables
2022-02-08 13:52:29 +01:00
Owen Mansel-Chan
034f3d5e76
Merge pull request #683 from lyoung-confluent/patch-2
...
Match gopkg.in import of squirrel for SQLi query
2022-02-08 12:19:15 +00:00
Tom Hvitved
3b5267eca5
Ruby: Cache DataFlow::Node::{toString,getLocation}
2022-02-08 13:03:42 +01:00
Tom Hvitved
f337459a4a
Ruby: Cache capturedEntryWrite
2022-02-08 13:03:42 +01:00
Tom Hvitved
b041bc03d1
Ruby: Cache ConditionBlock::(immediately)Controls
2022-02-08 13:03:41 +01:00
Tom Hvitved
4037d1ff96
Ruby: Cache ErbDirective::getAChildStmt
2022-02-08 13:03:41 +01:00
Tom Hvitved
4c5f32ba4a
Ruby: Cache exprNodeReturnedFrom
2022-02-08 13:03:31 +01:00
Tom Hvitved
45412fa17f
Cache hasLocalSource
2022-02-08 13:03:27 +01:00
Chris Smowton
a6596ea7ce
Fix test requirements, formatting
2022-02-08 12:01:32 +00:00
Rasmus Lerchedahl Petersen
3f36ccba92
python: add name to concept
2022-02-08 12:40:13 +01:00
Rasmus Lerchedahl Petersen
8665fe4817
python: add concept for XPath construction
...
also small fixup in `SqlConstruction`
2022-02-08 12:31:37 +01:00
Erik Krogh Kristensen
28ba78cb76
add explicit this
2022-02-08 12:20:21 +01:00
Rasmus Wriedt Larsen
3e01816f0c
Python: Add change-note
2022-02-08 12:03:40 +01:00
Rasmus Lerchedahl Petersen
7d287f1698
python: add concept for xpath execution
2022-02-08 11:46:28 +01:00
Rasmus Lerchedahl Petersen
103b5761f3
python: remove superfluous configuration
...
this also removes duplicated nodes and edges
in the path results
2022-02-08 11:34:11 +01:00
Michael Nebel
c04e344192
Merge pull request #7749 from michaelnebel/csharp/lambda-improvements
...
C# 10 - Lambda improvements.
2022-02-08 11:28:55 +01:00
Benjamin Muskalla
b62df5a9ad
Merge pull request #7872 from bmuskalla/fixCoverageCollection
...
Collect framework coverage on demand
2022-02-08 11:27:48 +01:00
Rasmus Lerchedahl Petersen
a9cfc60ea1
python: move supporting libraries
...
and update reference in query
2022-02-08 11:27:45 +01:00
Henry Mercer
eff0ca01b1
Merge pull request #7417 from github/henrymercer/java/update-telemetry-query-metadata
...
Java: Start running telemetry queries on Code Scanning
2022-02-08 10:26:30 +00:00
Rasmus Lerchedahl Petersen
88efcff818
python: move query
...
and update reference in query test
2022-02-08 11:24:09 +01:00
Chris Smowton
79654592d9
Apply suggestions from code review
2022-02-08 10:23:46 +00:00
Rasmus Lerchedahl Petersen
e51ba6f421
python: rename test directory
2022-02-08 11:20:10 +01:00
Rasmus Lerchedahl Petersen
e52dca0a35
python: move tests
2022-02-08 11:19:28 +01:00
Benjamin Muskalla
ff8a96b96d
Rename framework coverage query
...
Move it to the other summary queries, update all references.
2022-02-08 11:14:03 +01:00
Rasmus Wriedt Larsen
a8edd44a3c
Python: Update .expected
2022-02-08 11:12:34 +01:00
Benjamin Muskalla
85a8efab63
Update .github/workflows/csv-coverage-metrics.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-02-08 11:07:56 +01:00
Benjamin Muskalla
6e3d2a2046
Update misc/suite-helpers/security-and-quality-selectors.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-02-08 11:07:35 +01:00
Benjamin Muskalla
fb91821882
Update misc/suite-helpers/security-extended-selectors.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-02-08 11:06:51 +01:00
Benjamin Muskalla
94c517efd6
Update misc/suite-helpers/code-scanning-selectors.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-02-08 11:06:35 +01:00
Benjamin Muskalla
284c397883
Update misc/suite-helpers/lgtm-selectors.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-02-08 11:06:30 +01:00
Benjamin Muskalla
e7823a78ef
Update .github/workflows/csv-coverage-metrics.yml
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2022-02-08 11:06:21 +01:00
Nick Rolfe
fa16ff9ffc
QL for QL: make node column unique
2022-02-08 09:59:11 +00:00
Nick Rolfe
8881031d0a
Ruby: add upgrade/downgrade scripts
2022-02-08 09:57:55 +00:00
Nick Rolfe
2037368f62
Ruby: make node column unique
2022-02-08 09:55:34 +00:00
Nick Rolfe
dbe2951aec
Merge pull request #7880 from github/nickrolfe/locations_column_ql
...
QL for QL: sync changes from Ruby
2022-02-08 09:53:06 +00:00
CodeQL CI
db8ffb5ba9
Merge pull request #7870 from erik-krogh/nodeReExport
...
Approved by esbena
2022-02-08 09:44:25 +00:00
Erik Krogh Kristensen
d73b2effa0
rename maybeGetJoinArg maybeGetPathSuffix
2022-02-08 10:42:06 +01:00
Asger Feldthaus
862c3b9752
Ruby: autoformat
2022-02-08 10:22:15 +01:00
Asger Feldthaus
2b36703bfb
Ruby: add def= tags to API graph test
2022-02-08 10:20:25 +01:00
Geoffrey White
6005f3d2d4
C++: Add pragma[noinline].
2022-02-08 09:13:51 +00:00
Asger Feldthaus
66b1c86402
Ruby: update qldoc for def predicate
2022-02-08 10:00:14 +01:00
Asger Feldthaus
9ac526be89
Ruby: change binding for getParameter/getKeywordParameter
2022-02-08 09:36:05 +01:00
Asger Feldthaus
073493bb2e
Ruby: fix qldoc for getMethod
2022-02-08 09:28:07 +01:00
luchua-bc
ff4826d203
Correct the data model and update qldoc
2022-02-08 04:02:27 +00:00
Erik Krogh Kristensen
cc3f9bf2a8
fix performance issue by inlining a simpler version of getASourceProp
2022-02-08 00:22:01 +01:00
Erik Krogh Kristensen
aa95dd4ec7
fix typo
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-02-08 00:19:40 +01:00
Harry Maclean
3031b39dc1
Ruby: prevent bad join in ActionController.qll
2022-02-08 12:10:23 +13:00
Marcono1234
d0547cdbfd
Fix and improve Extractor options documentation formatting
2022-02-07 21:05:14 +01:00
Jonathan Leitschuh
c4112e6d4c
Post refactor fixiup
2022-02-07 15:02:13 -05:00
Robert Marsh
56caa5dfd6
C++: fix hasImplicitCopyConstructor for templates
...
Fixes some cases in instantiations of templates with manually written
copy constructors or copy assignment operators where
hasImplicitCopyConstructor would incorrectly hold
2022-02-07 14:26:28 -05:00
Luke Young
324f8f7eba
codeql query format
2022-02-07 11:24:02 -08:00
Chris Smowton
de38638db6
Combine CWE-200 queries
2022-02-07 14:22:36 -05:00
Rasmus Wriedt Larsen
eb109828c0
Merge pull request #7252 from museljh/feature/cwe-338
...
Python: CWE-338 insecureRandomness
2022-02-07 19:30:06 +01:00
Robert Marsh
61c315d74b
C++: test for explicit template copy constructor
2022-02-07 12:56:59 -05:00
Nick Rolfe
073d325750
QL for QL: update dbscheme stats
2022-02-07 17:54:35 +00:00
Nick Rolfe
3ee109731a
QL for QL: sync changes from Ruby
...
In particular, update the dbscheme to put location columns in a single
table.
2022-02-07 17:44:40 +00:00
Nick Rolfe
9217d0e1b9
Merge pull request #7875 from github/nickrolfe/locations_column
...
Ruby: put AST node locations in a single table
2022-02-07 17:43:33 +00:00
Geoffrey White
6727069893
C++: Autoformat.
2022-02-07 17:33:11 +00:00
Geoffrey White
d1b6871314
C++: Restrict type.
2022-02-07 17:32:52 +00:00
Geoffrey White
005dfdffdb
C++: Speed up cpp/cleartext-transmission ('Encrypted' class).
2022-02-07 17:19:25 +00:00
Chris Smowton
27b9e1c01b
Docs: Note codeql-go needs an install step before use
2022-02-07 16:11:42 +00:00
Erik Krogh Kristensen
b59c7911a3
update locations of expected output
2022-02-07 15:23:26 +01:00
Erik Krogh Kristensen
ca5f91e587
recognize more startswith sanitizers for path-injection queries
2022-02-07 14:19:13 +01:00
Michael Nebel
f21e084628
C#: Fix issue in naming of class in test file.
2022-02-07 14:15:59 +01:00
Michael Nebel
f5fc15e74d
C#: Add some testcases to cover mixed assignment and declarations in tuples.
2022-02-07 14:11:31 +01:00
Michael Nebel
0cf4b3fbcc
C#: Added dataflow testcases for tuple mixed initialization and assignment.
2022-02-07 14:11:31 +01:00
Michael Nebel
bcf732a7cb
C#: Re-factor tuple tests to use the default value flow configuration.
2022-02-07 14:11:31 +01:00
Michael Nebel
f478bf5b9b
Merge pull request #7809 from michaelnebel/csharp/test-pattern-match-flow
...
C#: Add flow test cases for undetected value flow, when making variable bindings in pattern matching.
2022-02-07 14:05:50 +01:00
Nick Rolfe
881776a2ac
Ruby: delete commented-out code
2022-02-07 12:50:06 +00:00
Nick Rolfe
e049f08c24
Ruby: update dbscheme stats
2022-02-07 12:42:34 +00:00
Erik Krogh Kristensen
6f28cb9201
lower the precision of js/unsafe-code-construction
2022-02-07 13:35:29 +01:00
Erik Krogh Kristensen
06f9924194
add change note
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
896d2bad0e
update expected output now that JSON.stringify() is seen as a sanitizer
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
d1d4ebb3b5
add values written to the global scope as exports
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
91b03f56ad
move .qll files from src to lib
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
eb133f59f6
update qhelp to focus on properly documenting potentially unsafe library functions
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
a9f7756788
reuse utility predicate
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
681179dcbb
add comment about parameters named "code"
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
53315e6ab6
ignore sources named "code"
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
59cc099008
add missing qldoc
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
d77c28f6a7
add qhelp for unsafe-code-construction
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
d790f3ccbb
add test for unsafe-code-construction query
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
198a464346
add js/unsafe-code-construction query
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
955ad8c458
add JSON.stringify as a code-injection sanitizer
2022-02-07 13:34:18 +01:00
Erik Krogh Kristensen
68a5c1f5b5
add code-injection sink for calls to node
2022-02-07 13:34:18 +01:00
Rasmus Wriedt Larsen
62702d0ca9
Python: Fix setStoreStep to use SetElementContent
2022-02-07 13:18:36 +01:00
Nick Rolfe
b3b2bba618
Ruby: make some generated predicates final
2022-02-07 12:17:50 +00:00
Rasmus Wriedt Larsen
b276b2d48c
Python: Clean up taint steps for attributes
2022-02-07 13:12:31 +01:00
Rasmus Wriedt Larsen
59160eeb24
Python: Add test showing taint for attr store
...
In `x.arg = TAINTED_STRING` there is a store step to the attribute `arg`
of `x`. In our taint modeling, we allow _any_ store step with the code
below. This means that we also say there is a taint-step directly from
`TAINTED_STRING` to `x` :|
```codeql
// construction by literal
// TODO: Not limiting the content argument here feels like a BIG hack, but we currently get nothing for free :|
DataFlowPrivate::storeStep(nodeFrom, _, nodeTo)
```
2022-02-07 13:12:28 +01:00
Nick Rolfe
b43cc23277
Ruby: add db downgrade script
2022-02-07 12:10:36 +00:00
Nick Rolfe
e8855c3718
Ruby: add db upgrade script
2022-02-07 12:10:36 +00:00
Nick Rolfe
388d361ec3
Ruby: put AST node locations in a single table
2022-02-07 12:10:36 +00:00
Michael Nebel
99f89f1fe2
C#: Update db stats file.
2022-02-07 12:57:10 +01:00
Mathias Vorreiter Pedersen
55e69d421c
Merge pull request #7849 from Yonah125/main
...
C/C++: Useless Test : verification of "Fully converted" Type
2022-02-07 11:46:51 +00:00
Benjamin Muskalla
2f94356899
Run daily
2022-02-07 12:12:29 +01:00
Benjamin Muskalla
bd417769ce
Add workflow to upload metrics
2022-02-07 12:08:18 +01:00
Benjamin Muskalla
a1432c47dc
Exclude framework coverage query from suites
...
We don't want to run this query on any database but rather
in a specific setup. Exclude from suites by default.
2022-02-07 12:08:18 +01:00
Benjamin Muskalla
9af50f5216
Turn framework coverage into metric query
2022-02-07 12:08:18 +01:00
Jeroen Ketema
1f2865c7cc
Merge pull request #7798 from jketema/missing-open-arg
...
C++: Add query for missing mode argument in `open`/`openat` calls
2022-02-07 12:01:44 +01:00
BACK Yonah
61dc9ef12e
C/C++: AutoFormat fix
2022-02-07 11:41:17 +01:00
Rasmus Wriedt Larsen
32cd7d6fa7
Add groups to all consistency-queries/qlpack.yml
...
as discussed in PR review
2022-02-07 11:15:48 +01:00
Tom Hvitved
dc09e87cb2
Ruby: Use SimpleSummarizedCallable in a few more places
2022-02-07 11:05:32 +01:00
Erik Krogh Kristensen
0584a6acaf
recognize a nodejs re-exports in a loop
2022-02-07 10:12:38 +01:00
Erik Krogh Kristensen
4c317f5753
apply suggestions from doc review
...
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com >
2022-02-07 09:43:49 +01:00
Michael Nebel
b2e18ebae1
C#: Lambda improvements change note.
2022-02-07 09:22:46 +01:00
Michael Nebel
782d6da754
C#: Support for lambda expression explicit return types and lambda attributes.
2022-02-07 09:19:47 +01:00
github-actions[bot]
b4ab86c020
Post-release preparation for codeql-cli-2.8.0
2022-02-06 23:34:07 +00:00
Arthur Baars
ac03fab986
Merge pull request #7753 from aibaars/ruby-3.1
...
Ruby 3.1 features
2022-02-06 21:06:16 +01:00
Artem Smotrakov
f53b2fcc62
Updated IgnoredHostnameVerification.ql to cover more uses of HostnameVerifier.verify()
2022-02-06 11:23:20 +00:00
jorgectf
d2f07e4df2
Merge branch 'jorgectf/python/deserialization' of https://github.com/jorgectf/codeql into jorgectf/python/deserialization
2022-02-05 16:20:17 +01:00
Jorge
99e14d16bc
Merge branch 'github:main' into jorgectf/python/deserialization
2022-02-05 16:20:09 +01:00
Jonathan Leitschuh
1f47ea5164
Update to new change note format
2022-02-04 17:16:12 -05:00
Jonathan Leitschuh
0268dd9f0a
Add file creation sanitizer
2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
9299c7996d
Add information disclosure test fix suggestions
2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
0a621c2801
Fix the formatting in TempDirLocalInformationDisclosureFromMethodCall
2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
79db76dcf8
Fix test failures TempDirLocalInformationDisclosureFromSystemProperty
2022-02-04 17:10:27 -05:00
Jonathan Leitschuh
d5c9af31b2
Fixup documentation/code from PR feedback
2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
f7a4aac525
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
a4b5573f53
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
a8d25b63ac
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-02-04 17:10:26 -05:00
Chris Smowton
e795823d97
Autoformat TempDirUtils.qll
2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
7e514e9ef9
Add QLdoc and fix Compiler Errors in Tests
2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
cb30385684
Update java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-02-04 17:10:26 -05:00
Jonathan Leitschuh
df716cbaa0
Revert changes to MethodAccessSystemGetProperty
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
66831989b7
Add QLdoc to TempDirUtils
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
7e55c92eb4
Apply suggestions from code review
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
c19f52cd04
Add release notes for "Temporary Directory Local information disclosure"
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
f6067d28f9
Fix file names and formatting from PR feedback
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
41b5011b81
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
7929faedc0
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
f910fd4719
Remove path flow tracking in 'TempDirLocalInformationDisclosureFromMethodCall'
2022-02-04 17:10:25 -05:00
Jonathan Leitschuh
e4c017e888
Apply suggestions from code review
...
Co-authored-by: Arthur Baars <aibaars@github.com >
2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
13fed0e9b6
Temp Dir Info Disclosure: Final pass and add documentation
2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
bc12e994b0
Add java.nio.file.Files API checks
2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
ecad7534ae
Add mkdirs check
2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
cf0ed81575
Add TempDir taint tracking for Files.write
2022-02-04 17:10:24 -05:00
Jonathan Leitschuh
3a15678b1e
Java: CWE-200: Temp directory local information disclosure vulnerability
2022-02-04 17:10:23 -05:00
Erik Krogh Kristensen
ab2d3a7ca0
Merge pull request #7828 from Naman-ntc/main
...
JS: Adding model for `.get` function of `Map` in Unvalidated Dynamic Method Call
2022-02-04 20:19:02 +01:00
Erik Krogh Kristensen
f00d723c49
Merge pull request #7843 from erik-krogh/CVE-2021-23484
...
JS: add file sources from `jszip` to `js/zip-slip`
2022-02-04 20:17:43 +01:00
BACK Yonah
21fdc53d62
C/C++: Using UnspecifiedType instead of Type
2022-02-04 19:12:15 +01:00
Nick Rolfe
9744cf2457
Ruby: apply suggested simplification from review
2022-02-04 17:14:47 +00:00
Nick Rolfe
aaff3226c9
Ruby: prefer ...isInt(x) over x = ...getInt()
2022-02-04 17:10:22 +00:00
BACK Yonah
b2ca25abef
Merge branch 'main' of https://github.com/github/codeql
2022-02-04 18:09:19 +01:00
BACK Yonah
f4a1d1d5e6
C/C++: Useless Test Fully converted verification
2022-02-04 18:05:03 +01:00
Nick Rolfe
45962f1cad
Ruby: make this unique for each method
...
Even when summaries are shared in a single class.
2022-02-04 17:03:55 +00:00
BACK Yonah
34320cb57b
C/C++: Useless Test Fully converted verification
2022-02-04 18:03:29 +01:00
Ian Wright
6c3daf49f9
Merge pull request #7785 from github/z80coder/impose-length-restriction
...
Restrict AST nodes according to string length
2022-02-04 16:35:04 +00:00
Nick Rolfe
7a9ddc28bf
Ruby: address some more feedback on array flow summaries
2022-02-04 16:33:27 +00:00
Henry Mercer
bb1e89d261
Merge pull request #7848 from github/henrymercer/js-ml-powered-codeowners
...
JS: Add codeowners for ML-powered queries
2022-02-04 16:08:56 +00:00
Michael Nebel
6ee30843bb
C#: Add lambda attributes test cases.
2022-02-04 16:54:49 +01:00
Henry Mercer
22ef35e13a
JS: Add codeowners for ML-powered queries
...
Create a new reviewers team @github/codeql-ml-powered-queries-reviewers
for reviewing ML-powered queries and the associated CodeQL libraries.
2022-02-04 15:49:44 +00:00
Ian Wright
be5e8dae05
Update javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2022-02-04 15:41:50 +00:00
Michael Nebel
7b3ba3cb96
C#: Modify database schema to allow lambda expression to be attributable and extract the lambda expression attributes.
2022-02-04 16:34:58 +01:00
Michael Nebel
f412d49ba4
C#: Add some examples lambdas with different kind of attributes and update existing testcases.
2022-02-04 16:34:58 +01:00
Michael Nebel
bb3f9cea3a
C#: Update test cases(s) expected output.
2022-02-04 16:34:58 +01:00
Michael Nebel
7520948ec4
C#: Add test case for finding lambdas with explicit return types.
2022-02-04 16:34:58 +01:00
Michael Nebel
83a5ef4961
C#: Examples of lambda expressions with explicit return types.
2022-02-04 16:34:58 +01:00
Michael Nebel
25019dbaa0
C#: Add support QL library support for lambda explicit return types.
2022-02-04 16:34:58 +01:00
Michael Nebel
eb8c226749
C#: Add support for explicit return types in the extractor.
2022-02-04 16:34:58 +01:00
Michael Nebel
ae62704d3a
C#: Add table for explicit return type in lambda expressions.
2022-02-04 16:34:57 +01:00
Michael Nebel
ccb727e3ca
C#: Test cases that shows that lambdas can be naturally (implicitly) typed and that the type is indistinguishable from the equivalent explicitly typed declaration.
2022-02-04 16:34:57 +01:00
Michael Nebel
a67033034a
C#: Example of naturally typed lambda.
2022-02-04 16:34:57 +01:00
jorgectf
43fde3561f
Merge branch 'jorgectf/python/deserialization' of https://github.com/jorgectf/codeql into jorgectf/python/deserialization
2022-02-04 16:32:11 +01:00
Jorge
d96eb01b9c
Merge branch 'github:main' into jorgectf/python/deserialization
2022-02-04 16:32:01 +01:00
Ian Wright
e57a0e0e2f
Update javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2022-02-04 15:21:56 +00:00
Ian Wright
b38335a6c2
add QL comment; inline a predicate; restore a comment
2022-02-04 15:21:09 +00:00
Nick Rolfe
ed00f2b0d2
Ruby: address some feedback on array flow summaries
2022-02-04 13:40:39 +00:00
Erik Krogh Kristensen
edcb3ba902
add file sources from jszip to js/zip-slip
2022-02-04 14:39:49 +01:00
Tom Hvitved
693aa69abd
Update csharp/ql/consistency-queries/qlpack.yml
2022-02-04 14:38:25 +01:00
yoff
182c62f5c3
Merge pull request #7838 from tausbn/python-fix-charset-performance-problem
...
Python: Fix performance issue in `charSet`
2022-02-04 14:18:13 +01:00
Michael Nebel
567768134f
Merge pull request #7792 from michaelnebel/csharp/attributes
...
C#: Attribute kind and return value attributes.
2022-02-04 14:10:51 +01:00
Taus
67be20f368
Python: Remove implied inequalities
...
Also gets rid of `inner_end`, since we're already doing `end - 1 = ...`
in the other fix (and so this is more consistent).
2022-02-04 12:46:06 +00:00
Benjamin Muskalla
eee03ebe3b
Merge pull request #7767 from bmuskalla/regenerateModelScript
...
Java: Regenerate framework models automatically
2022-02-04 13:29:46 +01:00
Naman Jain
009c95774e
update expected files
2022-02-04 12:28:17 +00:00
Michael Nebel
6487b546dc
C#: Update TargetFramework testcases expected files as well, as these also uses the string representation of the attributes.
2022-02-04 13:05:08 +01:00
Nick Rolfe
161d766ba9
Ruby: address review comments on array_flow.rb
2022-02-04 11:59:59 +00:00
Michael Nebel
ade119f4a8
C#: Add flow test cases for undetected value flow, when making variable bindinds in pattern matching.
2022-02-04 12:57:58 +01:00
Jeroen Ketema
b967eaf25d
Add documentation for parseHex
2022-02-04 12:35:13 +01:00
Rasmus Wriedt Larsen
c817ba5718
Python: Add consistency-queries/qlpack.yml
...
But no queries yet
2022-02-04 12:08:54 +01:00
Rasmus Wriedt Larsen
0bcfc4b657
Ruby: Update consistency-queries/qlpack.yml
...
I'm not sure whether this means the consistency queries were run using
the 0.0.1 release of the `codeql/ruby-all` qlpack, but using `"*"` at
least ensures that it is always using the version from the CodeQL repo.
2022-02-04 12:06:50 +01:00
Rasmus Wriedt Larsen
580d7d9df0
QL: Update consistency-queries/qlpack.yml
2022-02-04 12:06:50 +01:00
Rasmus Wriedt Larsen
1db4bdc607
C#: Update consistency-queries/qlpack.yml
2022-02-04 12:06:50 +01:00
Rasmus Wriedt Larsen
2220d3cc47
Misc: Allow */ql/consistency-queries/qlpack.yml
2022-02-04 12:06:50 +01:00
Rasmus Wriedt Larsen
2e788ea86e
Python: Accept deprecation warnings for old tests
2022-02-04 12:02:09 +01:00
Rasmus Wriedt Larsen
438a01e911
Python: Deprecate old bottle points-to extension
2022-02-04 12:02:09 +01:00
Rasmus Wriedt Larsen
c9e36aaf72
Python: Fix deprecated deprecated
2022-02-04 12:02:09 +01:00
Rasmus Wriedt Larsen
9ec531f040
Python: Add deprecation change-note
2022-02-04 12:02:09 +01:00
Rasmus Wriedt Larsen
84fdd8a739
Python: Add non-deprecated httpVerb to Concepts
2022-02-04 12:02:09 +01:00
Rasmus Wriedt Larsen
5a032d6f84
Python: deprecate old taint-tracking related predicates
2022-02-04 12:02:08 +01:00
Rasmus Wriedt Larsen
dba6b60c80
Python: Deprecate old library modeling
2022-02-04 12:02:08 +01:00
Rasmus Wriedt Larsen
a40fdf7a7c
Python: Deprecate old web modeling
2022-02-04 12:02:08 +01:00
Rasmus Wriedt Larsen
14a1aa0c11
Python: Add change-note
...
I went with `minorAnalysis` instead of `majorAnalysis`, since I don't
think the impact of this change will be major (but that's just my gut
feeling).
2022-02-04 12:00:49 +01:00
Rasmus Wriedt Larsen
b2ce0fcb72
Python: Add post-update nodes to args of unresolved calls
...
Besides solving the problem with `setattr`, it also solved some old
problems with json library modeling (yay).
2022-02-04 11:51:53 +01:00
Michael Nebel
f365477996
C#: Address review comments and update test output.
2022-02-04 11:48:12 +01:00
Benjamin Muskalla
bc5753cb20
Fix path expression
2022-02-04 11:43:18 +01:00
Naman Jain
5e1ca3154f
Update javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCallGood3.js
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-02-04 16:13:05 +05:30
Naman Jain
5121414a53
Update javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCallGood4.js
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-02-04 16:12:58 +05:30
Rasmus Wriedt Larsen
e9b496ba73
Merge pull request #7831 from RasmusWL/printast-remove-regexp
...
Python: Remove `RegExpTerm` from PrintAST
2022-02-04 11:38:58 +01:00
Asger Feldthaus
0a0d9583b4
Ruby: rephase comment for MkDef
2022-02-04 11:37:54 +01:00
Mathias Vorreiter Pedersen
2e2913b921
Merge pull request #7839 from rdmarsh2/rdmarsh2/ir-initializer-inheritance-fix
...
C++: fix IR generation for constructor base inits when no constructor is present.
2022-02-04 10:32:57 +00:00
Asger Feldthaus
0189e8abb4
Ruby: autoformat
2022-02-04 11:32:31 +01:00
Benjamin Muskalla
fcaead4004
Enable debugging action
2022-02-04 11:29:36 +01:00
Benjamin Muskalla
b747391c74
Improve error handling and refactor base path
2022-02-04 11:26:19 +01:00
Asger Feldthaus
87c62db781
Ruby: disable test line not currently working
2022-02-04 11:20:42 +01:00
Asger Feldthaus
75b72361ce
Ruby: add toString and locations to the new node types
2022-02-04 11:20:42 +01:00
Asger Feldthaus
7373a503f6
Ruby: Populate ArgumentPosition based on keyword arguments
2022-02-04 11:20:42 +01:00
Asger Feldthaus
5e350a0270
Ruby: Derive edge labels from {Argument,Parameter}Position
2022-02-04 11:20:42 +01:00
Asger Feldthaus
040e56623c
Ruby: add getAValueReachingRhs
2022-02-04 11:20:42 +01:00
Asger Feldthaus
17dd5cd581
Ruby: remove a stray TODO
2022-02-04 11:20:42 +01:00
Asger Feldthaus
d2e381aa79
Ruby: more def-node tests
2022-02-04 11:20:41 +01:00
Asger Feldthaus
32e0f42969
Ruby: refactor Return(x) to Method(x).return
2022-02-04 11:20:39 +01:00
Asger Feldthaus
55b5f19b92
Ruby: Add def-nodes to API graphs
2022-02-04 11:06:35 +01:00
Asger Feldthaus
9c17a5ce99
Ruby: replace "instance" label with a call to new
2022-02-04 11:03:25 +01:00
Asger Feldthaus
5858732da1
Ruby: change useStep signature
2022-02-04 11:01:04 +01:00
Asger Feldthaus
e6fdd4d34a
Ruby: Make hasLocalSource private/cached
2022-02-04 11:01:03 +01:00
Asger Feldthaus
9a496e647f
Ruby: Drive-by fix type-tracking through params with default values
2022-02-04 11:01:03 +01:00
Esben Sparre Andreasen
d08c0f7852
Merge pull request #7817 from github/esbena-patch-7
...
Document and format event-stream-orig.js
2022-02-04 10:26:30 +01:00
Jeroen Ketema
9f4e261625
Set precision of cpp/open-call-with-mode-argument to high
2022-02-04 10:01:25 +01:00
Jeroen Ketema
ef2a70e00c
Limit open/openat target to global/std scope
2022-02-04 09:51:10 +01:00
Mathias Vorreiter Pedersen
bc17df55ee
Merge pull request #7830 from MathiasVP/fix-ir-reevaluation-in-return-stack-allocated-memory
...
C++: Fix re-evaluation in `cpp/return-stack-allocated-memory`
2022-02-04 08:32:40 +00:00
Esben Sparre Andreasen
72b5edc144
Document and format event-stream-orig.js
...
Some anti-virus products (rightfully) flag this event-stream-orig.js as a malicious file.
This change does two things:
- neutralises the file such that the code can not be run accidentally
- documents the purpose of the file
2022-02-04 09:27:47 +01:00
Luke Young
3b32425567
remove .v1 from gopkg.in
2022-02-03 23:36:11 -08:00
Erik Krogh Kristensen
5e23da813f
rename named-parameters to keyword-parameters
2022-02-03 23:10:39 +01:00
Erik Krogh Kristensen
e434f075fa
introduce, and use, API::APICallNode
2022-02-03 23:10:39 +01:00
Erik Krogh Kristensen
3801a158a8
remove module exporst nodes from API graphs
2022-02-03 23:10:39 +01:00
Erik Krogh Kristensen
c3f4a851f0
remove some TODOs I won't do
2022-02-03 23:10:39 +01:00
Erik Krogh Kristensen
3be3da2eb6
add recursive API-graph test
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
ef5818e243
support import * in ApiGraphs
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
16774ba285
add support for named parameters in API graphs
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
095c73f1fe
redo the ApiGraph testing framework
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
66fd43fc3b
add def edge for function returns
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
d8eea7ba4c
property writes are def nodes
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
a908b219e9
more backtracking of def nodes, and lots of tests
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
038b032a43
get basic module exports to work in API-graphs
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
df9efbe778
get mimimal def nodes to work in python
2022-02-03 23:10:38 +01:00
Erik Krogh Kristensen
52ca0d168b
move API-graph tests out of the experimental test folder
2022-02-03 23:10:37 +01:00
Erik Krogh Kristensen
89786d9ce2
rename pr to ref in memberFromRef
2022-02-03 23:10:37 +01:00
Luke Young
dea1959e21
Match gopkg.in import of squirrel for SQLi query
2022-02-03 13:29:38 -08:00
Harry Maclean
ab7fd89653
Merge pull request #7663 from github/hmac/api-graph-subclass
...
Ruby: Add basic subclassing support to API Graphs
2022-02-04 10:19:07 +13:00
Harry Maclean
e328c6222a
Merge pull request #7797 from github/hmac/pin-rust
...
Ruby: Pin Rust to 1.54
2022-02-04 10:18:46 +13:00
Taus
22aa4c9379
Python: Fix performance issue in charSet
...
Observed on `mozilla/bugbug` on the 2.8.0 CLI branch, we had the
following line in the timing report:
```
FullServerSideRequestForgery.ql-17:regex::RegexString::charSet_dispred#fff#antijoin_rhs ............... 1m13s
```
Inspecting the logs, we see the following join:
```
(644s) Tuple counts for regex::RegexString::charSet_dispred#fff#antijoin_rhs/5@f295d1bk after 1m13s:
1 ~0% {1} r1 = CONSTANT(unique string)["]"]
2389 ~4% {3} r2 = JOIN r1 WITH regex::RegexString::nonEscapedCharAt_dispred#fff_201#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Rhs.2 'arg1', (Rhs.2 'arg1' + 1)
668873 ~0% {6} r3 = JOIN r2 WITH regex::RegexString::char_set_start_dispred#fff ON FIRST 1 OUTPUT Lhs.0 'arg0', "]", Lhs.1 'arg1', Lhs.2 'arg2', Rhs.1 'arg3', Rhs.2 'arg4'
537501371 ~4% {7} r4 = JOIN r3 WITH regex::RegexString::nonEscapedCharAt_dispred#fff_021#join_rhs ON FIRST 2 OUTPUT Lhs.0 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.4 'arg3', Lhs.5 'arg4', "]", Rhs.2
269085087 ~0% {7} r5 = SELECT r4 ON In.6 > In.4 'arg4'
89583155 ~3% {7} r6 = SELECT r5 ON In.6 < In.1 'arg1'
89583155 ~26634% {5} r7 = SCAN r6 OUTPUT In.0 'arg0', In.1 'arg1', In.2 'arg2', In.3 'arg3', In.4 'arg4'
return r7
```
Now, this is problematic not just because of the large intermediary join
but also because of the large number of tuples being materialised at the
end. The culprit in this case turns out to be this bit of `charSet`:
```
not exists(int mid | this.nonEscapedCharAt(mid) = "]" | mid > inner_start and mid < inner_end)
```
Rewriting this to instead look for the minimum index at which a `]`
appears resulted in a much nicer join.
I also fixed up a similar issue surrounding the `\N` unicode escape.
Not that I think this will necessarily be relevant, but the `min`-based
solution is more robust either way.
2022-02-03 20:42:04 +00:00
Robert Marsh
8544cff1c4
Merge pull request #7836 from geoffw0/clrtxt9
...
C++: Fix more FPs in cpp/cleartext-transmission
2022-02-03 15:18:55 -05:00
Chuan-kai Lin
c8bc5cfa75
Merge pull request #7825 from github/cklin/python-downgrade-scripts
...
Python: adjust downgrade script location and format
2022-02-03 11:40:07 -08:00
Michael Nebel
32756cd442
C#: Update stats after the change in the attributes relation.
2022-02-03 20:00:33 +01:00
Robert Marsh
55cbff7614
C++: fix for constructor init without constructor
2022-02-03 13:44:02 -05:00
Harry Maclean
912842623d
Simplify cache key
2022-02-04 07:41:29 +13:00
Robert Marsh
836c47abb3
C++: test for constructor init without constructor
2022-02-03 13:34:05 -05:00
Geoffrey White
8031c3f699
Merge branch 'main' into clrtxt9
2022-02-03 17:01:59 +00:00
Geoffrey White
02b1774d7f
C++: Switch from GVN to localFlow.
2022-02-03 16:00:26 +00:00
Tom Hvitved
ef227a4721
Merge pull request #7784 from hvitved/csharp/dotnet6
...
C#: Use .NET 6
2022-02-03 16:42:26 +01:00
Geoffrey White
3cfd1b5052
C++: More test cases.
2022-02-03 15:11:59 +00:00
Rasmus Wriedt Larsen
8386b36217
Python: Apply suggestions from code review
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2022-02-03 15:00:04 +01:00
Geoffrey White
3b844f701e
C++:Change note.
2022-02-03 13:58:38 +00:00
Rasmus Wriedt Larsen
5cd08b8e8c
Python: Ignore .isAbsent() from ClassCall
...
This means that DataFlowCall is only for resolvable calls, which might not seem
like a big thing in itself, but enables the next commit to actually work :P
2022-02-03 14:58:30 +01:00
Rasmus Wriedt Larsen
a5c2341204
Python: Add simple test of DataFlowCall
...
Notice the strange thing with treating `mypkg.foo(42)` as a ClassCall,
but completely ignoring `mypkg.subpkg.bar(43)` -- due to having the two
`ClassValue`s:
- `Missing module attribute mypkg.foo`
- `Missing module attribute mypkg.subpkg`
But not `Missing module attribute mypkg.subpkg` with the current import
structure.
2022-02-03 14:58:30 +01:00
Rasmus Wriedt Larsen
48aa07d67a
Python: Handle SyntheticPreUpdateNode in PrintNode
2022-02-03 14:58:30 +01:00
Rasmus Wriedt Larsen
49b5d60229
Python: Use AttrRead/AttrWrite for attr read/store steps
...
Note that this doesn't actually add the desired flow from setattr, due
to missing post-update note. This will be fixed in later commit.
2022-02-03 14:58:30 +01:00
Rasmus Wriedt Larsen
5774459dfb
Python: restrict AttrRead with AttrNode.isLoad()
2022-02-03 14:58:23 +01:00
Rasmus Wriedt Larsen
cf68148316
Python: Add change-note
2022-02-03 14:29:02 +01:00
Rasmus Wriedt Larsen
e2de0e61ca
Python: Remove RegExpTerm from PrintAST
...
Since this caused bad performance (as we had to evaluate points-to).
Fixes https://github.com/github/codeql/issues/6964
This approach was motivated by the comment on the issue from @tausbn:
> We discussed this internally in the CodeQL Python team, and have
> agreed that the best approach for now is to disable the printing of
> regex ASTs.
I tried to keep our RegExpTerm logic, but doing the fix below did not
work, and still evaluated RegExpTerm :| I guess we will just have to
revert this PR if we want it back
```diff
TRegExpTermNode(RegExpTerm term) {
+ none() and
exists(StrConst str | term.getRootTerm() = getParsedRegExp(str) and shouldPrint(str, _))
}
```
2022-02-03 14:22:14 +01:00
Arthur Baars
6525035f0a
Address comments
2022-02-03 13:47:03 +01:00
Erik Krogh Kristensen
e93c46ad31
Merge pull request #7811 from erik-krogh/pyApiIpa
...
Python: refactor API-graph labels to an IPA type
2022-02-03 12:31:39 +01:00
Mathias Vorreiter Pedersen
58993e2dc6
C++: Fix re-evaluation by importing GVN.
2022-02-03 11:16:14 +00:00
Jeroen Ketema
0b9b6d7b98
Address review comments
2022-02-03 12:09:18 +01:00
Erik Krogh Kristensen
5284bbb6b3
Merge pull request #7821 from erik-krogh/upload-sarif
...
QL: upload sarif as part of the QL-for-QL workflow
2022-02-03 12:05:51 +01:00
Jeroen Ketema
4d03082f16
Ensure that O_CREAT and O_TMPFILE are unique
2022-02-03 11:24:20 +01:00
Henry Mercer
224d7a7ce0
Merge pull request #7801 from github/henrymercer/js-atm-migrate-tests
...
JS: Migrate CodeQL tests for ML-powered queries
2022-02-03 10:17:19 +00:00
Ian Wright
dca03d7b5d
reinstate the AST node limit to minimize change to feature values
2022-02-03 09:45:35 +00:00
Ian Wright
d5ab119039
actually count the number of chars
2022-02-03 09:41:51 +00:00
Jeroen Ketema
e1ca5dd120
Simplify text in change note
2022-02-03 10:36:30 +01:00
Naman Jain
9809d30f00
file renaming and updated expected file
2022-02-03 09:35:17 +00:00
Naman Jain
adc8bf37fe
fixed mistake in examples
2022-02-03 09:29:42 +00:00
Jeroen Ketema
5a2ce225f4
Check that all bits are set when checking for a flag
...
The `O_...` macro definitions somtimes set multiple bits, while
the bits individually represent the values of different `O_...`
macros. This lead to false postives on codebases built against
Musl libc, which defines `O_TMPFILE` as `020200000` and
`O_DIRECTORY` as `0200000`.
2022-02-03 10:29:13 +01:00
Tony Torralba
3c9b332ce0
Merge pull request #7826 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-02-03 09:38:53 +01:00
Tom Hvitved
6bb71f051b
Merge pull request #7791 from hvitved/dataflow/inline-local-flow-star
...
Data flow: Inline `local(Expr|Instruction)?(Flow|Taint)`
2022-02-03 09:02:43 +01:00
Harry Maclean
c65ca8ff86
Model calls to constantize as code executions
...
`constantize` is an ActiveSupport extension to `String` that attempts to
look up a constant with a name matching the receiver.
2022-02-03 15:22:07 +13:00
github-actions[bot]
2a9f98cce0
Add changed framework coverage reports
2022-02-03 00:10:33 +00:00
Harry Maclean
704b58519f
Ruby: Include subclasses in more API calls
...
Change the behaviour of `API::getInstance()` and `API::getReturn()` to
include results on subclasses of the current API node.
2022-02-03 11:35:59 +13:00
Chuan-kai Lin
df91ee6616
Python: adjust downgrade script location and format
2022-02-02 14:23:21 -08:00
Harry Maclean
61cd05cfc5
Ruby: Ensure TRoute and TRouteBlock are private
2022-02-03 10:55:28 +13:00
Harry Maclean
80835a5a19
Ruby: Don't expose abstract class
...
Make ActionDispatch::Route into a private class
ActionDispatch::RouteImpl, defining a new class Route which exposes the
necessary public API from RouteImpl.
Also rename getHTTPMethod to getHttpMethod.
2022-02-03 10:41:30 +13:00
Harry Maclean
a8a7c156d0
via - update tests
2022-02-03 10:40:23 +13:00
Erik Krogh Kristensen
7ef051456a
upload sarif as part of the QL-for-QL workflow
2022-02-02 20:32:22 +01:00
Tom Hvitved
7b5699d058
C#: Update CIL attributes test
2022-02-02 19:25:30 +01:00
Tom Hvitved
2fe65128a0
C#: Update CIL type annotations test
2022-02-02 19:25:30 +01:00
Tom Hvitved
c4ad237a5c
C#: Update expected test output
2022-02-02 19:25:30 +01:00
Tom Hvitved
516bd9f77f
C#: Fix deprecation warnings
2022-02-02 19:25:30 +01:00
Tom Hvitved
09c5212ccc
C#: Account for explicit interface implementations in OperatorSymbol
2022-02-02 19:25:30 +01:00
Tom Hvitved
d7eeb1fec8
C#: Use .NET 6
2022-02-02 19:25:30 +01:00
Henry Mercer
2c17437092
JS: Run ML-powered queries tests on all PRs modifying relevant files
2022-02-02 18:11:25 +00:00
Henry Mercer
a586be956e
JS: Remove versions from packs we don't intend to publish
2022-02-02 18:10:57 +00:00
Geoffrey White
708da8cd62
C++: Increase the query precision to 'high'.
2022-02-02 18:03:25 +00:00
Arthur Baars
a22868ba27
Merge branch 'main' into ruby-3.1
2022-02-02 19:00:03 +01:00
Geoffrey White
4048ba0a1c
C++: Fix false positives around terminal output.
2022-02-02 17:59:28 +00:00
Geoffrey White
39a2ffd438
C++: Fix false positives around 'stdin'.
2022-02-02 17:39:14 +00:00
Robin Neatherway
e3feece94e
Merge pull request #680 from github/rneatherway/example-query
...
Add an example query for inexhaustive switches
2022-02-02 17:33:22 +00:00
Arthur Baars
6acf49d4da
Merge pull request #7814 from aibaars/fix-ql-alerts
...
Ruby: fix all QL-QL alerts
2022-02-02 18:25:38 +01:00
Jeroen Ketema
aa4651312e
Fix naming conflicts in cpp/world-writable-file-creation
2022-02-02 17:36:14 +01:00
Jeroen Ketema
f32500306a
Address review comments
2022-02-02 17:24:55 +01:00
Geoffrey White
cc20969bdd
C++: Add test cases based on some remaining real world FPs.
2022-02-02 16:15:59 +00:00
Tony Torralba
4f13bf8941
Merge pull request #6492 from atorralba/atorralba/android-cleartext-storage-database
...
Java: Create new query Cleartext storage of sensitive information in Android databases
2022-02-02 16:23:05 +01:00
Tony Torralba
54e8ea56e8
Apply suggestions from code review
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-02-02 15:44:26 +01:00
Jeroen Ketema
0773ab37a5
Use matches to check for 0x prefix
2022-02-02 15:26:46 +01:00
Jeroen Ketema
92d9e51d2a
Extract the value of O_CREAT and O_TMPFILE from the defining macro
...
There are operating systems that define `O_CREAT` with a different
value than Linux, which uses `0x40`. For example, OpenBSD uses `0x0200`.
Hence, we cannot use a hardcoded value.
Also handle `O_TMPFILE` while here.
2022-02-02 15:16:26 +01:00
Erik Krogh Kristensen
35999a7f8f
add support for fs-extra methods in insecure-temporary-file
2022-02-02 15:14:43 +01:00
Mathias Vorreiter Pedersen
1aa32b09be
Merge pull request #7802 from geoffw0/clrtxt8
...
C++: Recognize password struct fields.
2022-02-02 14:10:40 +00:00
Naman Jain
aea7054938
modified query and added tests
2022-02-02 19:39:08 +05:30
Erik Krogh Kristensen
573f17dc63
fix typos in documentation
...
Co-authored-by: Stephan Brandauer <kaeluka@github.com >
2022-02-02 15:00:38 +01:00
Henry Mercer
7018f6ad40
JS: Add missing @id for endpoint types query
2022-02-02 13:15:15 +00:00
Henry Mercer
e6745dc63a
JS: Add Action to run tests for ML-powered queries
2022-02-02 13:15:12 +00:00
Henry Mercer
422919b9d0
JS: Add generated files to .gitattributes
2022-02-02 13:15:04 +00:00
Henry Mercer
fbcb8d6857
JS: Migrate CodeQL tests for ML-powered queries
2022-02-02 13:15:04 +00:00
Arthur Baars
3b05cb621c
Address comment
2022-02-02 14:11:45 +01:00
Arthur Baars
33b97f3e0c
Update synchronized files
2022-02-02 13:30:45 +01:00
Arthur Baars
fdcef6225b
Ruby: fix QL warnings
2022-02-02 13:29:09 +01:00
CodeQL CI
7bb11b837c
Merge pull request #7788 from yoff/python/remove-library-annotation
...
Approved by tausbn
2022-02-02 03:51:00 -08:00
Robin Neatherway
4a4b9c30d7
Add an example query for inexhaustive switches
2022-02-02 11:38:15 +00:00
Rasmus Wriedt Larsen
fb6b8eb394
Python: Add simple test of AttrRead/AttrWrite
2022-02-02 11:19:35 +01:00
Rasmus Wriedt Larsen
51bc6dcf7e
Python: Add attributeClearStep
2022-02-02 11:19:35 +01:00
Rasmus Wriedt Larsen
d2b72a7547
Python: Expand fieldflow tests
2022-02-02 11:19:31 +01:00
Tom Hvitved
712418e5f8
Merge pull request #7781 from hvitved/dataflow/summary-stack-bottom-less-nonlinear
...
Data flow: Reduce non-linear recursion in `SummaryComponentStack::bottom`
2022-02-02 10:35:53 +01:00
Benjamin Muskalla
d4c4e75bac
Merge pull request #7268 from bmuskalla/modelDiffAction
...
Java: Produce diffs for model generator changes
2022-02-02 10:30:45 +01:00
Jeroen Ketema
bd859d99bf
Address review comments
2022-02-02 10:09:47 +01:00
Jeroen Ketema
5b8f56dcc6
Add change notes
2022-02-02 10:07:38 +01:00
Michael Nebel
860ded2806
C#: Added change note for return value attributes.
2022-02-02 09:59:09 +01:00
Michael Nebel
62d987f31f
C#: Add upgrade and downgrade scripts.
2022-02-02 09:53:29 +01:00
Rasmus Lerchedahl Petersen
4ad99d9299
python: add missing QlDoc
2022-02-02 09:14:21 +01:00
Rasmus Lerchedahl Petersen
448e0785c2
python: logging.root is not a call
2022-02-02 09:04:16 +01:00
Harry Maclean
5adcdf1cf8
Ruby: Minor refactor
2022-02-02 17:32:11 +13:00
Harry Maclean
8f5380122a
Ruby: Cache ActionDispatch IPA types
2022-02-02 17:31:47 +13:00
Harry Maclean
749dc092ae
Ruby: Attempt to mitigate potential bad join
...
By joining simultaneously on controller class and name.
2022-02-02 17:03:46 +13:00
Harry Maclean
a38bc9fe89
Ruby Fix handling of via: in ActionDispatch
2022-02-02 17:03:27 +13:00
Harry Maclean
856c3d332c
Minor cleanup to ActionDispatch modelling
...
`x.isStringOrSymbol(result)` is slightly terser than
`result = x.getStringOrSymbol()`.
2022-02-02 16:26:20 +13:00
Harry Maclean
47823b5a9a
Handle via: :all in Rails routes
...
ActionDispatch modelling now understands that
match "/foo", to: "foo#bar", via: :all
is equivalent to
match "/foo",
to: "foo#bar",
via: [:get, :post, :put, :patch, :delete]
2022-02-02 16:26:20 +13:00
Harry Maclean
8bdc05ddaf
getValueText -> getConstantValue
2022-02-02 16:26:20 +13:00
Harry Maclean
417287153b
Ruby: QL style fixes
2022-02-02 16:26:20 +13:00
Harry Maclean
e975f92091
Ruby: remove unused predicate
2022-02-02 16:26:20 +13:00
Harry Maclean
3786fbfc7d
Ruby: Rewrite ActionDispatch::underscore
...
This version is much shorter and hopefully performs a bit better.
2022-02-02 16:26:20 +13:00
Harry Maclean
eff2136f52
Ruby: remove unused predicate
2022-02-02 16:26:20 +13:00
Harry Maclean
dead7a8059
Ruby: Make most of ActionDispatch private
...
Any classes/predicates not used externally or in tests are now private.
Also fix some typos.
2022-02-02 16:26:20 +13:00
Harry Maclean
fa28e55645
Add a test for ActionDispatch::underscore
...
This shows how the predicate behaves, as well as a case where it goes
wrong.
2022-02-02 16:26:20 +13:00
Harry Maclean
9c67869875
Remove ActionDispatch::capitalize
...
This predicate isn't used.
2022-02-02 16:26:20 +13:00
Harry Maclean
ad71fdbb24
Add missing documentation to ActionDispatch::Route
2022-02-02 16:26:20 +13:00
Harry Maclean
1766916fc5
Ruby: Document ActionDispatch modelling
2022-02-02 16:26:20 +13:00
Harry Maclean
314683d5fb
Ruby: Improve UrlRedirect query using Rails routes
...
Handlers for non-GET requests aren't vulnerable to URL redirect attacks,
because browsers won't initiate non-GET requests when you click a link.
We can use Rails routing information, if present, to filter out any
handlers for non-GET requests.
2022-02-02 16:26:20 +13:00
Harry Maclean
751d8a7f59
Ruby: Document getACapture
2022-02-02 16:26:20 +13:00
Harry Maclean
870c6d7412
Ruby: Rails route resolution
...
Add `Route` classes which model Rails routing information, typically
defined in a `routes.rb` file. We extract only the most basic
information: HTTP method, path, controller and action. This is enough to
determine whether a given controller method is a route handler, and what
HTTP method it handles, which is useful for, among other things, the URL
redirect query.
2022-02-02 16:26:19 +13:00
Henry Mercer
e622e517d9
Merge pull request #7800 from github/henrymercer/js-atm-add-model-building-pack
...
JS: Add model building pack for ML-powered queries
2022-02-01 20:51:19 +00:00
Harry Maclean
ce0354acb3
Include rust-toolchain.toml in Ruby cache keys
...
This ensures that if we change our Rust version, the caches will be
invalidated.
2022-02-02 08:08:11 +13:00
Harry Maclean
9c32ab7122
rust-toolchain -> rust-toolchain.toml
2022-02-02 08:05:46 +13:00
Harry Maclean
613ecbb418
Ruby: Pin Rust to 1.54
...
Add a rust-toolchain file to the Ruby directory, which instructs Rustup
to install a specific version of Rust (1.54). This will be used in CI,
so any use of language features or dependencies that don't support 1.54
will result in a CI failure.
This should ensure we have a documented minimum supported rust version
and an easy to way to update it in the future (update the rust-toolchain
file).
2022-02-02 08:05:46 +13:00
Geoffrey White
d864af3622
C++: Change note.
2022-02-01 19:00:40 +00:00
Harry Maclean
fb00a6c61b
Merge pull request #7666 from github/hmac/file-open-access
...
Ruby: Add File.open as a FileSystemAccess
2022-02-02 07:32:16 +13:00
liangjinhuang
1dd15fa235
style:auto format
2022-02-02 01:30:54 +08:00
liangjinhuang
976e484c57
style:move all source files under src/experimental & feat:modify source regular matching rules
2022-02-02 01:14:51 +08:00
Henry Mercer
14601316a5
JS: Autoformat
2022-02-01 17:08:21 +00:00
Rasmus Wriedt Larsen
f6215f2300
Python: Refactor field-flow test
2022-02-01 17:59:03 +01:00
Rasmus Wriedt Larsen
cc4fe38fbd
Python: Delete dedicated argumentRouting<N> tests
...
I feel like they don't bring any value anymore, since we have the nice
inline expectation tests. If I'm wrong, happy to revert this commit
though.
2022-02-01 17:51:33 +01:00
Rasmus Wriedt Larsen
54f53c828e
Python: Refactor argumentRoutingTest.ql to be more generic
...
I checked to see that the tests still works. If I deleted the `arg5`
annotation, it got failures:
```diff
diff --git a/python/ql/test/experimental/dataflow/coverage/argumentPassing.py b/python/ql/test/experimental/dataflow/coverage/argumentPassing.py
index e218bdde9b..71816c1e01 100644
--- a/python/ql/test/experimental/dataflow/coverage/argumentPassing.py
+++ b/python/ql/test/experimental/dataflow/coverage/argumentPassing.py
@@ -46,7 +46,7 @@ def argument_passing(
c,
d=arg4, #$ arg4 func=argument_passing
*,
- e=arg5, #$ arg5 func=argument_passing
+ e=arg5,
f,
**g,
):
diff --git a/python/ql/test/experimental/dataflow/coverage/argumentRoutingTest.expected b/python/ql/test/experimental/dataflow/coverage/argumentRoutingTest.expected
index e69de29bb2..22037a40c3 100644
--- a/python/ql/test/experimental/dataflow/coverage/argumentRoutingTest.expected
+++ b/python/ql/test/experimental/dataflow/coverage/argumentRoutingTest.expected
@@ -0,0 +1,2 @@
+| argumentPassing.py:49:7:49:10 | ControlFlowNode for arg5 | Unexpected result: arg5= |
+| argumentPassing.py:49:7:49:10 | ControlFlowNode for arg5 | Unexpected result: func=argument_passing |
```
2022-02-01 17:50:06 +01:00
Rasmus Wriedt Larsen
76f3d74fed
Python: Remove extra whitespace from argumentPassing.py
2022-02-01 17:48:16 +01:00
Rasmus Wriedt Larsen
5ee755db09
Python: Require MISSING: flow annotations for normal data-flow tests
...
I had to rewrite the SINK1-SINK7 definitions, since this new requirement
complained that we had to add this `MISSING: flow` annotation :D
Doing this implementation also revealed that there was a bug, since I
did not compare files when checking for these `MISSING:` annotations. So
fixed that up in the implementation for inline taint tests as well.
(extra whitespace in argumentPassing.py to avoid changing line numbers
for other tests)
2022-02-01 17:46:53 +01:00
Erik Krogh Kristensen
e06f6529f1
refactor API-graph labels to an IPA type
2022-02-01 17:32:08 +01:00
Rasmus Wriedt Larsen
2bc4a60496
Python: Unify normal dataflow test setup
...
I went with NormalDataflowTest to signify that if you don't know what
you're looking for, this is probably the one. I did not want to just
call it DataflowTest, since that becomes a big vague when there are also
`FlowTest.qll` and `MaximalFlowTest.qll` -- I'm open to renaming this
though 👍
2022-02-01 17:31:31 +01:00
Rasmus Wriedt Larsen
41319607a9
Python: Use InlineExpectationsTest for field-flow tests
...
I deleted the old tests, so it's very clear what tests to look for
2022-02-01 17:31:31 +01:00
Rasmus Wriedt Larsen
d6f415bae2
Python: Run match tests if Python 3.10 or newer
...
Also fixes a bug in the tests
2022-02-01 17:31:31 +01:00
liangjinhuang
1885b683f7
style:formatDocument
2022-02-02 00:21:26 +08:00
liangjinhuang
af2e8ff8c6
feat:modify source regular matching rules
2022-02-02 00:10:15 +08:00
Henry Mercer
368839edfc
JS: Fix QLDoc style in ExtractMisclassifiedEndpointFeatures.ql
2022-02-01 15:39:15 +00:00
Arthur Baars
ea901adb3c
Merge pull request #7799 from github/aibaars/fix-ruby-workflows
...
Ruby: use ruby specific cache key
2022-02-01 16:28:14 +01:00
Henry Mercer
db0b4fc463
JS: Add model building pack for ML-powered queries
...
Tests are currently still internal. They will be migrated to
`github/codeql` in a subsequent PR.
2022-02-01 15:03:26 +00:00
Arthur Baars
73d60550ce
QL-QL: fix cache keys
2022-02-01 15:57:59 +01:00
Erik Krogh Kristensen
0f85a52f09
Merge pull request #7773 from erik-krogh/CWE-367
...
JS: add a js/file-system-race query
2022-02-01 15:36:13 +01:00
Rasmus Wriedt Larsen
a4bb0cc5d8
Python: Run tests for fieldflow/test.py
2022-02-01 15:32:07 +01:00
Rasmus Wriedt Larsen
1390f034f3
Python: Delete duplicated tests
...
All the same tests are present in `fieldflow/test.py`
2022-02-01 15:31:30 +01:00
Arthur Baars
6451a71a78
Ruby: use ruby specific cache key
2022-02-01 15:18:09 +01:00
Rasmus Wriedt Larsen
1394b38032
Python: Improve customSanitizer tests
...
Before we didn't show how we treated the value _after_ the check. But we
do actually handle this nicely 💪
2022-02-01 15:09:29 +01:00
Mathias Vorreiter Pedersen
3597d80340
Merge pull request #7787 from Yonah125/main
...
C/C++ : Useless test
2022-02-01 14:01:27 +00:00
Jeroen Ketema
ff1c971100
Add query for missing mode argument in open/openat calls
2022-02-01 14:52:22 +01:00
Rasmus Lerchedahl Petersen
1e2428cb6b
python: create LDAP module in Concepts
2022-02-01 14:39:58 +01:00
Nick Rolfe
5828a61fec
Merge pull request #7795 from github/nickrolfe/graph_test_edge_ordering
...
Ruby/C#: add semmle.order attribute to edges in CFG tests
2022-02-01 13:36:15 +00:00
Rasmus Lerchedahl Petersen
c2cd58edc4
python: rewrite to separate configurations
...
source nodes get duplicated, so perhaps flow states
are actually better for performance?
2022-02-01 14:36:11 +01:00
Erik Krogh Kristensen
a51f892a99
move dot in qhelp
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-02-01 14:34:30 +01:00
Owen Mansel-Chan
f351924fcc
Merge pull request #679 from owen-mc/add-error-expr-to-dbscheme
...
Add ErrorExpr to dbscheme
2022-02-01 13:32:57 +00:00
Michael Nebel
2c6e35f55e
C#: Add more attribute testcases.
2022-02-01 14:06:45 +01:00
Rasmus Lerchedahl Petersen
7df5c70c6f
python: update frameworks.rst
2022-02-01 13:54:34 +01:00
Rasmus Lerchedahl Petersen
bec8c0daea
python: update change note
2022-02-01 13:39:03 +01:00
Rasmus Lerchedahl Petersen
c587084758
python: use standard InstanceSource construction
2022-02-01 13:31:16 +01:00
Michael Nebel
31a70a17a4
C#: Add attribute tests for delegate types.
2022-02-01 13:29:26 +01:00
Michael Nebel
8ee27be908
C#: Small change in the attribute elements test. We now require that the attribute should be in source code and not the attributable.
2022-02-01 13:29:26 +01:00
Michael Nebel
7d1d2e792c
C#: Add specialized ql classes for each attribute kind and update AST printing.
2022-02-01 13:29:26 +01:00
Michael Nebel
5a6667efc5
C#: Update attribute test cases.
2022-02-01 13:29:26 +01:00
Michael Nebel
c94cdfa79a
C#: Update the extractor to include the kind of the extracted attributes. Furthermore, include method return attributes.
2022-02-01 13:29:26 +01:00
Michael Nebel
e86ac73628
C#: Add attribute kind to the dbscheme for the attribute relation.
2022-02-01 13:29:26 +01:00
Erik Krogh Kristensen
e6c90670e6
Merge pull request #7740 from erik-krogh/CWE-347
...
JS: promote the js/jwt-missing-verification query out of experimental
2022-02-01 13:10:35 +01:00
Chris Smowton
ee85d6c368
Undo whitespace change
2022-02-01 12:04:38 +00:00
Owen Mansel-Chan
613a85bcfb
Add ErrorExpr to dbscheme
2022-02-01 11:52:51 +00:00
museljh
012434b152
Update python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-01 19:00:06 +08:00
museljh
a6002186bd
Update python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-01 18:59:12 +08:00
Jeroen Ketema
dbac927721
Take into account that the 4th argument of openat may be omitted
...
This matches what is done for `open`.
2022-02-01 11:41:07 +01:00
Rasmus Wriedt Larsen
f7a0b17ed6
Merge pull request #7687 from yoff/python/PathInjection-FlowState
...
python: Rewrite path injection query to use flow state
2022-02-01 11:33:37 +01:00
yoff
b120721942
Update python/ql/src/Security/CWE-090/LdapInjection.ql
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-01 11:02:47 +01:00
Rasmus Lerchedahl Petersen
119a7e4f34
python: provide links for Flask
2022-02-01 10:55:45 +01:00
Rasmus Lerchedahl Petersen
ecea392a08
python: rewrite qhelp overview
...
(combining the Java version and the JS version)
2022-02-01 10:47:18 +01:00
Rasmus Lerchedahl Petersen
26befebfc2
python: drop precision and add severity score
...
Given both the original FP score and our concerns
regarding sanitizers, `@precision medium`, which
is aligned with other languages, feels appropriate.
2022-02-01 10:34:36 +01:00
Rasmus Lerchedahl Petersen
7511b33512
python: "command" -> "log"
2022-02-01 10:23:16 +01:00
yoff
45f0bfd8f0
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-01 10:06:37 +01:00
yoff
c03f89d712
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2022-02-01 10:04:26 +01:00
Mathias Vorreiter Pedersen
a59a9ba82b
C++: Autoformat.
2022-02-01 08:28:53 +00:00
yoff
8df04c58e9
Merge pull request #7793 from tausbn/python-fix-bad-TPythonTuple-join-order
...
Python: Fix bad join order in `TPythonTuple`
2022-01-31 22:39:58 +01:00
Harry Maclean
e5b7478028
Merge pull request #7780 from github/hmac/split-tests
...
Ruby: Split up CI jobs
2022-02-01 09:10:01 +13:00
Nick Rolfe
990e07b986
Ruby/C#: add semmle.order attribute to edges in CFG tests
2022-01-31 20:08:24 +00:00
BACK Yonah
46c1744204
C/C++: getFullyConverted replaced by getConversion*
2022-01-31 18:51:18 +01:00
Taus
4a29095e3b
Python: Fix bad join order in TPythonTuple
...
TL;DR: Something introduced the following bad join order:
```
(227s) Tuple counts for dom#TObject::TPythonTuple#ff/2@i2#8f58670w after 3m46s:
25000 ~0% {2} r1 = SCAN PointsToContext::PointsToContext::appliesToScope_dispred#ff#prev_delta OUTPUT In.1, In.0 'context'
24000 ~1% {2} r2 = JOIN r1 WITH @py_scope#f ON FIRST 1 OUTPUT Lhs.1 'context', Lhs.0
1076876712 ~6% {3} r3 = JOIN r2 WITH Flow::TupleNode#class#f CARTESIAN PRODUCT OUTPUT Rhs.0, Lhs.0 'context', Lhs.1
870129666 ~0% {3} r4 = JOIN r3 WITH Flow::ControlFlowNode::isLoad_dispred#f ON FIRST 1 OUTPUT Lhs.1 'context', Lhs.2, Lhs.0 'origin'
870129000 ~0% {3} r5 = r4 AND NOT dom#TObject::TPythonTuple#ff#prev(Lhs.2 'origin', Lhs.0 'context')
870129000 ~1% {3} r6 = SCAN r5 OUTPUT In.2 'origin', In.1, In.0 'context'
9000 ~0% {2} r7 = JOIN r6 WITH Flow::ControlFlowNode::getScope_dispred#ff ON FIRST 2 OUTPUT Lhs.0 'origin', Lhs.2 'context'
return r7
```
(...the above being the tuple counts _at the point when I cancelled the
query_!)
Rewriting the code to force a join between `TupleNode#class` and
`getScope` results in the following join orders:
```
(0s) Tuple counts for TObject::scope_loads_tuplenode#ff/2@b3cf0bo5 after 13ms:
37369 ~3% {1} r1 = JOIN Flow::TupleNode#class#f WITH Flow::ControlFlowNode::isLoad_dispred#f ON FIRST 1 OUTPUT Lhs.0 'origin'
37369 ~3% {2} r2 = JOIN r1 WITH Flow::ControlFlowNode::getScope_dispred#ff ON FIRST 1 OUTPUT Rhs.1 's', Lhs.0 'origin'
return r2
```
and
```
(78s) Tuple counts for dom#TObject::TPythonTuple#ff/2@i53#121c440w after 6ms:
34736 ~3% {2} r1 = SCAN PointsToContext::PointsToContext::appliesToScope_dispred#ff#prev_delta OUTPUT In.1, In.0 'context'
7370 ~5% {2} r2 = JOIN r1 WITH TObject::scope_loads_tuplenode#ff ON FIRST 1 OUTPUT Lhs.1 'context', Rhs.1 'origin'
7370 ~5% {2} r3 = r2 AND NOT dom#TObject::TPythonTuple#ff#prev(Lhs.1 'origin', Lhs.0 'context')
7370 ~1% {2} r4 = SCAN r3 OUTPUT In.1 'origin', In.0 'context'
return r4
```
the latter being the largest iteration of `dom#TPythonTuple` throughout
the log.
No other major performance issues were observed.
2022-01-31 16:59:50 +00:00
jorgectf
080775c873
Merge branch 'jorgectf/python/deserialization' of https://github.com/jorgectf/codeql into jorgectf/python/deserialization
2022-01-31 17:48:47 +01:00
Jorge
a1f8acc9bb
Merge branch 'github:main' into jorgectf/python/deserialization
2022-01-31 17:48:35 +01:00
BACK Yonah
56941dba6b
C/C++ : Fixed select issue in Useless Test
2022-01-31 16:56:12 +01:00
BACK Yonah
ca2ff6f9fb
C/C++: Fixing minor issues in Useless Test query
2022-01-31 16:04:56 +01:00
Tom Hvitved
5503abc73d
Merge pull request #7772 from hvitved/csharp/event-accessor-event-null
...
C#: Guard against `AssociatedSymbol` not being an `IEventSymbol`
2022-01-31 14:52:02 +01:00
Tom Hvitved
f2352d8272
Data flow: Inline local(Expr|Instruction)?(Flow|Taint)
...
Computing a full transitive closure is often bad; by inlining all calls we are
providing more context to the QL optimizer.
2022-01-31 14:33:41 +01:00
Ian Wright
83ecc065ab
restrict size of strings
2022-01-31 12:28:46 +00:00
Michael Nebel
56ac99039f
Merge pull request #7720 from michaelnebel/csharp/extended-prop-patterns
...
C#: Desugar property patterns that uses member access syntax.
2022-01-31 13:24:24 +01:00
Erik Krogh Kristensen
8dcec2e037
apply suggestions from doc review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-31 13:17:26 +01:00
Erik Krogh Kristensen
ec1a8cc826
apply suggestions from doc review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-31 12:32:12 +01:00
Chris Smowton
d064b17d7b
Merge pull request #678 from smowton/smowton/feature/note-filepath-clean-sanitizer
...
Note that `filepath.Clean("/" + e)` is a sanitizer against path traversal attacks
2022-01-31 10:55:48 +00:00
Tom Hvitved
2354281721
C#: Add DB down/upgrade scripts
2022-01-31 11:46:10 +01:00
Tom Hvitved
32e58add7b
C#: Extend compiler_generated to include event accessors
2022-01-31 11:45:23 +01:00
Rasmus Lerchedahl Petersen
9d416664a1
python: modern change note
...
I set the category to newQuery since that is what users will see.
When we have tags, it would be nice to tag it as a query promotion.
2022-01-31 11:27:55 +01:00
Rasmus Lerchedahl Petersen
bf1145ece0
python: Add change note
...
should we have the `lgtm,codescanning` handshake or not?
2022-01-31 11:27:55 +01:00
Rasmus Lerchedahl Petersen
8b5114d10e
python: Add standard customization setup
...
- modernize the sanitizer, but do not make it less specific
2022-01-31 11:27:55 +01:00
Rasmus Lerchedahl Petersen
20d54543fd
python: move log injection out of experimental
...
- move from custom concept `LogOutput` to standard concept `Logging`
- remove `Log.qll` from experimental frameworks
- fold models into standard models (naively for now)
- stdlib:
- make Logger module public
- broaden definition of instance
- add `extra` keyword as possible source
- flak: add app.logger as logger instance
- django: `add django.utils.log.request_logger` as logger instance
(should we add the rest?)
- remove LogOutput from experimental concepts
2022-01-31 11:27:55 +01:00
Rasmus Lerchedahl Petersen
211345c010
python: remove more annotations
2022-01-31 11:20:59 +01:00
Michael Nebel
7cbeffc8a7
C#: Refactor and use new language features.
2022-01-31 09:24:31 +01:00
Rasmus Lerchedahl Petersen
cac3862659
python: remove library annotation
...
to clean up QL warnings.
Should put these in a private module instead?
2022-01-31 08:50:37 +01:00
Rasmus Lerchedahl Petersen
0c3bce1415
python: deprecation
...
I am slightly concerned that the test now generates many more
intermediate results. I suppose that maes the analysis heavy.
Should the new library get a new name instead, so the old code
does not get evaluated?
2022-01-31 08:32:24 +01:00
BACK Yonah
d7313f3a82
C/C++ : Useless test
2022-01-30 14:33:32 +01:00
Mathias Vorreiter Pedersen
bb2feda8fb
Merge pull request #7703 from geoffw0/getslocal
2022-01-28 19:35:15 +00:00
Chris Smowton
de2ed83b55
Note that filepath.Clean("/" + e) is a sanitizer against path traversal attacks.
2022-01-28 19:32:58 +00:00
Geoffrey White
8a1b49f816
C++: Recognize password struct fields.
2022-01-28 19:10:46 +00:00
Arthur Baars
abf3ce6223
Ruby: expressions in pin operator ^
2022-01-28 19:47:31 +01:00
Arthur Baars
00fb4d3776
Ruby: Values in Hash literals and keyword arguments can be omitted
2022-01-28 19:47:31 +01:00
Arthur Baars
3e2ca61c01
Ruby: support anonymous block parameters/arguments
2022-01-28 19:47:31 +01:00
Arthur Baars
b9258e78ca
Ruby: non-local variables in variable reference pattern
2022-01-28 19:47:31 +01:00
Arthur Baars
966b8be5f9
Ruby: add downgrade scripts
2022-01-28 19:47:31 +01:00
Arthur Baars
e5eb01ca45
Ruby: add upgrade scripts
2022-01-28 19:47:31 +01:00
Arthur Baars
c85012460a
Ruby: update dbscheme stats
2022-01-28 19:47:31 +01:00
Arthur Baars
c6a36a50c2
Ruby: regenerate dbscheme and library
2022-01-28 19:47:31 +01:00
Arthur Baars
bfbc9fe144
Ruby: update tree-sitter-ruby
2022-01-28 19:47:25 +01:00
Alex Ford
57e958c372
Ruby: missing QLDoc
2022-01-28 17:38:55 +00:00
Alex Ford
269722fa86
Ruby: rb/clear-text-logging-sensitive-data changenote
2022-01-28 17:27:05 +00:00
Alex Ford
7fec2d270b
Ruby: QL format
2022-01-28 17:24:56 +00:00
Alex Ford
186623f878
Ruby: Add CleartextLogging.qhelp
2022-01-28 17:24:56 +00:00
Alex Ford
7ed447842f
Ruby: cleartext logging test output
2022-01-28 17:24:56 +00:00
Alex Ford
4fc9128350
Ruby: cleartext logging - remove an unnecessary abstract class
2022-01-28 17:24:56 +00:00
Alex Ford
91ccd307e8
Ruby: Implement rb/clear-text-logging-sensitive-data
2022-01-28 17:24:56 +00:00
Mathias Vorreiter Pedersen
0f239e315c
Merge pull request #7782 from geoffw0/clrtxt7
...
C++: Fix FPs for cpp/cleartext-storage-file
2022-01-28 17:24:05 +00:00
Geoffrey White
0396a84c3c
C++: Remove empty predicate / extends.
2022-01-28 17:11:38 +00:00
Alex Ford
cfb2d7ffaf
Ruby: add shared SensitiveDataHeuristics.qll
2022-01-28 16:38:58 +00:00
Geoffrey White
af09dd8af1
C++: Fixes to gets models.
2022-01-28 16:04:23 +00:00
Geoffrey White
036e1495b8
Merge branch 'main' into getslocal
2022-01-28 15:58:13 +00:00
Ian Wright
aceeb7324c
restrict AST nodes according to string length
2022-01-28 15:06:10 +00:00
Rasmus Lerchedahl Petersen
68d18ead34
python: add change note
2022-01-28 14:00:07 +01:00
Geoffrey White
a695f02af4
C++: Add change note.
2022-01-28 12:38:27 +00:00
Tom Hvitved
82cceb0a29
C#: Mark event accessors without bodies as compiler generated
2022-01-28 13:11:34 +01:00
Tom Hvitved
682163962a
Data flow: Sync files
2022-01-28 13:01:24 +01:00
Tom Hvitved
4bf07825a1
Data flow: Reduce non-linear recursion in SummaryComponentStack::bottom
...
Before:
```
[2022-01-28 09:45:34] (449s) Tuple counts for FlowSummaryImpl::Public::SummaryComponentStack::bottom_dispred#ff/2@i23#25a5eew4 after 432ms:
0 ~0% {2} r1 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev_delta OUTPUT In.0 'this', (In.1 - 1)
0 ~0% {2} r2 = JOIN r1 WITH FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'this'
0 ~0% {2} r3 = JOIN r2 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1 'result'
4171589 ~5% {2} r4 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev OUTPUT In.0 'this', (In.1 - 1)
4171589 ~0% {2} r5 = JOIN r4 WITH FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev ON FIRST 2 OUTPUT Rhs.2, Lhs.0 'this'
0 ~0% {2} r6 = JOIN r5 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev_delta ON FIRST 1 OUTPUT Lhs.1 'this', Rhs.1 'result'
62238 ~0% {3} r7 = SCAN FlowSummaryImpl::Public::SummaryComponentStack::drop#fff#prev_delta OUTPUT In.2, In.0 'this', In.1
62238 ~8% {3} r8 = JOIN r7 WITH FlowSummaryImpl::Public::SummaryComponentStack::head_dispred#ff#prev ON FIRST 1 OUTPUT Lhs.1 'this', Lhs.2, Rhs.1 'result'
62238 ~5% {5} r9 = JOIN r8 WITH FlowSummaryImpl::Public::SummaryComponentStack::length#ff#prev ON FIRST 1 OUTPUT Lhs.0 'this', Lhs.1, Lhs.2 'result', Rhs.1, (Rhs.1 - 1)
10373 ~6% {5} r10 = SELECT r9 ON In.4 = In.1
10373 ~0% {2} r11 = SCAN r10 OUTPUT In.0 'this', In.2 'result'
10373 ~0% {2} r12 = r6 UNION r11
10373 ~0% {2} r13 = r3 UNION r12
10373 ~0% {2} r14 = r13 AND NOT FlowSummaryImpl::Public::SummaryComponentStack::bottom_dispred#ff#prev(Lhs.0 'this', Lhs.1 'result')
return r14
```
After:
```
[2022-01-28 09:52:48] (6s) Tuple counts for FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff/2@i21#6243afwv after 5ms:
0 ~0% {2} r1 = JOIN FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev_delta WITH FlowSummaryImpl::Private::TConsSummaryComponentStack#fff#reorder_1_0_2#prev ON FIRST 1 OUTPUT Lhs.1 'result', Rhs.2 'this'
10373 ~3% {2} r2 = SCAN FlowSummaryImpl::Private::TConsSummaryComponentStack#fff#prev_delta OUTPUT In.1, In.2 'this'
10373 ~2% {2} r3 = JOIN r2 WITH FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev ON FIRST 1 OUTPUT Rhs.1 'result', Lhs.1 'this'
10373 ~2% {2} r4 = r1 UNION r3
10373 ~2% {2} r5 = r4 AND NOT FlowSummaryImpl::Public::SummaryComponentStack::bottom#ff#prev(Lhs.1 'this', Lhs.0 'result')
10373 ~0% {2} r6 = SCAN r5 OUTPUT In.1 'this', In.0 'result'
return r6
```
2022-01-28 13:00:04 +01:00
Geoffrey White
b73dc98191
C++: Exclude write to stdout etc.
2022-01-28 11:57:31 +00:00
Tom Hvitved
864b61a804
Merge pull request #7766 from hvitved/csharp/extractor/type-param-constraints
...
C#: Make `TypeParameterConstraints` a `CachedEntity`
2022-01-28 12:39:31 +01:00
Tom Hvitved
28702dff82
Merge pull request #7779 from hvitved/csharp/initial-downgrade-scheme
...
C#: Add initial downgrade DB scheme for use in tests
2022-01-28 12:38:07 +01:00
Nick Rolfe
8248a942ce
Ruby: enable taint checking for array-flow test
2022-01-28 11:33:59 +00:00
Nick Rolfe
c0e1384f4a
Ruby: move Array/Enumerable flow summaries to their own file
2022-01-28 11:33:59 +00:00
Nick Rolfe
6c0eb8beee
Ruby: update array flow summaries to use getConstantValue()
2022-01-28 11:33:59 +00:00
Nick Rolfe
693ff6a904
Ruby: add flow summaries for remaining Array methods
2022-01-28 11:33:59 +00:00
Nick Rolfe
030cfa36da
Ruby: add flow summaries for all remaining Enumerable methods
2022-01-28 11:33:59 +00:00
Erik Krogh Kristensen
7b925604df
update expected output
2022-01-28 12:21:33 +01:00
Rasmus Wriedt Larsen
3e71d7f9bb
Python: Add note about / for Django upload_to
...
I did a test locally, something like
import requests
req = requests.Request(
"POST",
"http://127.0.0.1:8000/app/upload-test/ ",
data={"name": "foo"},
files={"upload" : ("wat/haha|!#$%^&", open("foo.txt", "rb"))},
)
# print(req.prepare().body.decode('ascii'))
requests.session().send(req.prepare())
and the `wat/` part was stripped from the filename
2022-01-28 12:17:46 +01:00
Nick Rolfe
588e60e230
Merge pull request #7775 from github/nickrolfe/graph_test_ordering
...
Ruby/C#: more stable graph test ordering
2022-01-28 11:16:02 +00:00
Erik Krogh Kristensen
7aa59ca233
Merge pull request #7633 from erik-krogh/CWE-300
...
JS: add js/http-dependency query
2022-01-28 12:10:14 +01:00
Taus
47a57e0c0a
Merge pull request #7635 from github/python/support-match
...
Python/support match
2022-01-28 11:55:46 +01:00
yoff
74d57bbb1a
Update python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
...
Co-authored-by: Taus <tausbn@github.com >
2022-01-28 11:38:29 +01:00
Rasmus Wriedt Larsen
f962d8e72c
Python: Move test to correct location
2022-01-28 11:33:21 +01:00
Arthur Baars
cada7ef1a4
Ruby: add downgrade scripts to prepare-db-upgrade.sh
2022-01-28 11:07:56 +01:00
Rasmus Lerchedahl Petersen
ab43f041c3
python: rename files
2022-01-28 11:00:17 +01:00
Erik Krogh Kristensen
b5198bdaca
apply suggestions from doc review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-28 10:46:27 +01:00
Erik Krogh Kristensen
bf9bcc9600
add a js/file-system-race query
2022-01-28 09:41:12 +01:00
Erik Krogh Kristensen
179c26da9a
apply suggestions from review
2022-01-28 09:37:46 +01:00
Tony Torralba
f3e034b2be
Merge pull request #7764 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-28 09:35:54 +01:00
Harry Maclean
0428b8ee20
Split Ruby CI into multiple parallel jobs
...
Run format, compile and db upgrade checks in parallel, along with the
main tests, which run in two parallel halves.
2022-01-28 21:23:34 +13:00
Rasmus Lerchedahl Petersen
4c3c4deb34
python: Move over query and tests
2022-01-28 09:19:11 +01:00
Esben Sparre Andreasen
ee52774e90
Merge pull request #7760 from erik-krogh/CWE-184
...
JS: add CWE-184 to incomplete-scheme-check and bad-tag-filter
2022-01-28 09:18:41 +01:00
Tom Hvitved
ee5495ce65
C#: Add initial downgrade DB scheme for use in tests
2022-01-28 09:05:42 +01:00
Rasmus Lerchedahl Petersen
a026120c52
Python: Move configuration over and refine it
...
The original configuration did not match sinks with sanitizers.
Here it is resolved using flow state,
it could also be done by using two configurations.
2022-01-28 09:00:40 +01:00
Rasmus Lerchedahl Petersen
d539920661
Python: Update list of frameworks
2022-01-28 08:58:30 +01:00
Harry Maclean
b01f81aab3
Use modified getAPath predicate for test
2022-01-28 19:45:52 +13:00
Harry Maclean
a1b0f02e6e
Ruby: Introduce API::getAnImmediateSubclass()
...
class A; end
class B < A; end
class C < B; end
In the example above, `getMember("A").getAnImmediateSubclass()` will
select only uses of B, whereas `getMember("A").getASubclass()` will
select uses of A, B and C. This is usually the behaviour you want.
2022-01-28 16:44:03 +13:00
github-actions[bot]
c6130ea2d4
Add changed framework coverage reports
2022-01-28 00:11:49 +00:00
Andrew Eisenberg
28461f57ef
Merge pull request #675 from github/aeisenberg/examples-groups
...
Add new groups for examples packs
2022-01-27 09:26:15 -08:00
Dave Bartolomeo
cca74e925f
Merge pull request #7724 from github/aeisenberg/examples-groups
...
Add new groups for examples packs
2022-01-27 12:11:26 -05:00
Rasmus Wriedt Larsen
4338c06b0d
Python: Support Django FileField.upload_to
2022-01-27 17:20:16 +01:00
Rasmus Lerchedahl Petersen
c60df7d69c
Merge branch 'main' of github.com:github/codeql into python/support-match
2022-01-27 16:45:17 +01:00
yoff
4632c14280
Merge pull request #7654 from RasmusWL/remove-old-pointsto-queries
...
Python: Cleanup: Remove old points-to versions of queries
2022-01-27 16:39:01 +01:00
Nick Rolfe
cd5010fe11
C#: sync changes from Ruby to improve ordering of graph test output
2022-01-27 15:34:01 +00:00
Tom Hvitved
b7fb9e8b95
Merge pull request #7768 from hvitved/csharp/extractor-diagnostics-query
...
C#: Add internal extractor diagnostics query
2022-01-27 16:33:32 +01:00
Chris Smowton
17656fc12b
Merge pull request #7771 from Dig2/main
...
Fix typo in CodeQL-query-help-for-JavaScript
2022-01-27 15:03:35 +00:00
Mathias Vorreiter Pedersen
b3f4357dc8
Merge pull request #7742 from geoffw0/clrtxt6
...
C++: Upgrade cpp/cleartext-storage-buffer
2022-01-27 14:40:40 +00:00
Rasmus Lerchedahl Petersen
b93c04bb79
python: Add reverse flow in some patterns
...
Particularly in value and literal patterns.
This is getting a little bit into the guards aspect of matching.
We could similarly add reverse flow in terms of
sub-patterns storing to a sequence pattern,
a flow step from alternatives to an-or-pattern, etc..
It does not seem too likely that sources are embedded in patterns
to begin with, but for secrets perhaps?
It is illustrated by the literal test. The value test still fails.
I believe we miss flow in general from the static attribute.
2022-01-27 15:20:23 +01:00
Tom Hvitved
cdfe239016
C#: Guard against AssociatedSymbol not being an IEventSymbol
...
Apply same logic as for property/indexer accessors to account for cases where
the associated event cannot be determined. I have not been able to reproduce
such cases locally, though we have seen reports of it happening.
2022-01-27 15:14:03 +01:00
Nick Rolfe
6f06263d49
Ruby: add more properties for ordering nodes in graph tests
2022-01-27 13:57:43 +00:00
Dig2
516bed391a
Fix CodeQL-query-help-for-JavaScript typo
2022-01-27 21:33:20 +08:00
Benjamin Muskalla
5c9c83d331
Revert "Enable on my repo"
...
This reverts commit b9c3e6a052 .
2022-01-27 14:24:41 +01:00
Geoffrey White
2e1b09fd75
C++: Modernize flow sources.
2022-01-27 13:19:09 +00:00
Geoffrey White
47528dd8c0
C++: Autoformat.
2022-01-27 12:56:16 +00:00
Tamás Vajk
50f546043a
Merge pull request #7769 from github/release-prep/2.8.0
...
Release preparation for version 2.8.0
2022-01-27 13:36:59 +01:00
Tamás Vajk
14d227a232
Merge pull request #677 from github/release-prep/2.8.0
...
Release preparation for version 2.8.0
2022-01-27 13:36:19 +01:00
Tom Hvitved
d9a1046e0e
Merge pull request #7683 from hvitved/ruby/qltest-4-threads
...
Ruby: Use multiple threads in QL test CI job
2022-01-27 13:11:39 +01:00
Benjamin Muskalla
39a853b5e4
Remove unused models
2022-01-27 12:27:37 +01:00
Benjamin Muskalla
1cfb088634
rely on defaults
2022-01-27 12:26:59 +01:00
Benjamin Muskalla
e5acc6b54b
use default sha for pr
2022-01-27 12:26:59 +01:00
Benjamin Muskalla
3646ae0995
Skip diff install if not needed
2022-01-27 12:26:58 +01:00
Geoffrey White
1bf9c19638
C++: Autoformat.
2022-01-27 11:26:18 +00:00
Geoffrey White
f090a3b440
C++: Add to and clarify some taint library QLDoc.
2022-01-27 11:26:00 +00:00
Benjamin Muskalla
10aa7a7982
Better name
2022-01-27 12:02:42 +01:00
Benjamin Muskalla
b9c3e6a052
Enable on my repo
2022-01-27 12:01:47 +01:00
Tom Hvitved
1e39259e26
Merge pull request #7750 from hvitved/ruby/desugar-hash-literals
...
Ruby: Desugar hash literals
2022-01-27 12:01:06 +01:00
Benjamin Muskalla
66b9974dd4
Simplify naming pattern
2022-01-27 12:00:29 +01:00
Geoffrey White
d9a2347178
C++: Switch back to IR taint.
2022-01-27 10:50:22 +00:00
Tamás Vajk
3d2cc8890a
Update CHANGELOG.md
2022-01-27 11:50:13 +01:00
Tamás Vajk
cc4bb9b02f
Update 0.0.8.md
2022-01-27 11:49:29 +01:00
Benjamin Muskalla
4aa0002e97
Rename workflow
2022-01-27 11:43:25 +01:00
github-actions[bot]
634134f283
Release preparation for version 2.8.0
2022-01-27 10:40:20 +00:00
github-actions[bot]
d545716571
Release preparation for version 2.8.0
2022-01-27 10:40:14 +00:00
Tom Hvitved
e2ae327a74
C#: Add internal extractor diagnostics query
2022-01-27 11:19:31 +01:00
Rasmus Lerchedahl Petersen
cb52ab669e
python: address review comments
...
The comment about `py_scopes` was simply removed
2022-01-27 11:17:00 +01:00
Benjamin Muskalla
c1b5565e4d
Automation to regenerate framework models
2022-01-27 11:15:10 +01:00
yoff
e28669e487
Apply suggestions from code review
...
Co-authored-by: Taus <tausbn@github.com >
2022-01-27 10:31:43 +01:00
Tom Hvitved
f4195219f4
C#: Make TypeParameterConstraints a CachedEntity
2022-01-27 10:19:16 +01:00
Tom Hvitved
280023c45a
Address review comments
2022-01-27 09:44:41 +01:00
Tom Hvitved
ece952ae2d
Merge pull request #7759 from hvitved/csharp/more-debug-context
...
C#: Add more debug context to various error messages
2022-01-27 09:40:21 +01:00
Andrew Eisenberg
a7f755cf12
Add new groups for examples packs
...
Also, remove version numbers. Will make it easier to avoid publishing
the examples packs.
2022-01-26 14:49:18 -08:00
Andrew Eisenberg
9e0580da32
Add new groups for examples packs
...
Will make it easier to avoid publishing them.
2022-01-26 14:47:46 -08:00
Dave Bartolomeo
d069d91bf5
Merge pull request #6601 from dbartol/dbartol/side-effect-reorder/work
...
Fix order of IR call side effects
2022-01-26 17:02:02 -05:00
Tom Hvitved
32d1263810
Merge pull request #7755 from hvitved/csharp/qltest-stubs
...
C#: Restrict stub logic to QL test DBs
2022-01-26 20:08:33 +01:00
Rasmus Lerchedahl Petersen
163c888781
python: port concepts and implementations
2022-01-26 19:05:37 +01:00
Rasmus Lerchedahl Petersen
e6b5833bd6
python: fix typo in qhelp
2022-01-26 19:05:36 +01:00
Mathias Vorreiter Pedersen
647d4d028e
Merge pull request #7758 from jketema/unnamed-variable-fix
...
C++: Do not report "Declaration hides variable" for unnamed variables
2022-01-26 15:36:04 +00:00
Erik Krogh Kristensen
e75dc2116f
add CWE-184 to incomplete-scheme-check and bad-tag-filter
2022-01-26 16:13:13 +01:00
Jeroen Ketema
ee78cc731d
Add change note
2022-01-26 15:59:17 +01:00
Tom Hvitved
ef580aa8bc
C#: Add more debug context to various error messages
2022-01-26 15:50:26 +01:00
Tom Hvitved
baefd623c4
Merge pull request #7757 from hvitved/csharp/remove-stats
...
C#: Remove stats for removed relations
2022-01-26 15:22:59 +01:00
Jeroen Ketema
9194af9b15
Do not report "Declaration hides variable" for unnamed variables
2022-01-26 15:10:37 +01:00
Jeroen Ketema
10a94cfa45
Add test for structured binding declaration hiding variable
2022-01-26 15:08:50 +01:00
Jeroen Ketema
b380ba0d8f
Add semmle-extractor-options: -std=c++17 to test
2022-01-26 15:05:21 +01:00
Tom Hvitved
f38ee39cda
C#: Remove stats for removed relations
2022-01-26 14:20:41 +01:00
Tom Hvitved
6975ade0ff
C#: Restrict stub logic to QL test DBs
2022-01-26 13:59:24 +01:00
Tom Hvitved
dd27ed8392
Ruby: Desugar hash literals
...
```rb
{ a: 1, **splat, b: 2 }
```
becomes
```rb
::Hash.[](a: 1, **splat, b: 2)
```
2022-01-26 13:53:18 +01:00
Tom Hvitved
39436828de
Ruby: Add internal/Literal.qll for internal implementation details
2022-01-26 13:48:26 +01:00
Tom Hvitved
6565242b67
Merge pull request #7751 from hvitved/csharp/qltest-file-extraction-mode
...
C#: Update expected test output after passing in `--qltest` in `codeql test run`
2022-01-26 13:32:34 +01:00
Chris Smowton
df87297c59
Merge pull request #7733 from pwntester/java_util_regex_qll
...
Java: Add models for java.util.regex.Pattern and Matcher
2022-01-26 12:04:56 +00:00
Rasmus Lerchedahl Petersen
47af3a69a5
Merge branch 'main' of github.com:github/codeql into python/support-match
2022-01-26 11:39:46 +01:00
Alvaro Muñoz Sanchez
ba90fecc98
retab Test.java
2022-01-26 11:20:10 +01:00
Erik Krogh Kristensen
abd87615ff
update qhelp with suggestions
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-01-26 11:03:05 +01:00
Tom Hvitved
477f83cf9e
Merge pull request #7746 from hvitved/csharp/remove-legacy-relations
...
C#: Remove some unused legacy relations from the DB scheme
2022-01-26 10:40:55 +01:00
Tom Hvitved
99b9d4513b
C#: Update expected test output after passing in --qltest in codeql test run
2022-01-26 10:33:00 +01:00
Arthur Baars
948ebe4b4c
Merge pull request #7568 from aibaars/ruby-pattern-matching-taint
...
Ruby: taint steps for pattern matches
2022-01-26 10:27:47 +01:00
Stephan Brandauer
b7690e5e6b
Merge pull request #7734 from kaeluka/js-add-node-prefix-to-module-import
...
js: add support for the 'node:' prefix for importing internal modules
2022-01-26 10:15:08 +01:00
Tom Hvitved
28e03a8aae
Merge pull request #7738 from hvitved/ruby/action-controller-perf
...
Ruby: Fix bad join in `ActionControllerHelperMethod`
2022-01-26 09:48:21 +01:00
Tom Hvitved
2c27a07ead
Merge pull request #7726 from hvitved/ruby/any-array-element-content
...
Ruby: Introduce `TAnyArrayElementContent`
2022-01-26 09:48:01 +01:00
Erik Krogh Kristensen
de633940fe
promote the js/jwt-missing-verification query out of exeprimental
2022-01-26 09:35:54 +01:00
Tom Hvitved
51205d6ce5
C#: Add DB downgrade script
2022-01-26 08:44:37 +01:00
Tom Hvitved
83fb822115
C#: Add DB upgrade script
2022-01-26 08:43:24 +01:00
Tom Hvitved
4c16320e28
C#: Remove some unused legacy relations from the DB scheme
2022-01-26 08:35:08 +01:00
Arthur Baars
941f230c94
Merge pull request #7729 from github/hmac/bump-clap
...
Ruby extractor: bump clap
2022-01-26 08:12:47 +01:00
Dave Bartolomeo
4c42013836
Update test expectations
2022-01-25 15:22:13 -05:00
Henry Mercer
15aa09fb7a
Merge pull request #7744 from github/henrymercer/js-atm-tweak-query-help
...
JS: Move experimental notice to the bottom of the ML-powered query help
2022-01-25 17:44:27 +00:00
Edoardo Pirovano
662675ebf0
Merge pull request #7739 from github/edoardo/3.4-mergeback
...
Merge `rc/3.4` into `main`
2022-01-25 17:44:13 +00:00
Edoardo Pirovano
4a3e945346
Merge pull request #676 from github/edoardo/3.4-mergeback
...
Merge `rc/3.4` into `main`
2022-01-25 17:43:55 +00:00
Shati Patel
1c711e05be
Merge pull request #7661 from shati-patel/vscode-pack-commands
...
Docs: Mention packaging commands in CodeQL extension
2022-01-25 16:55:37 +00:00
Andrew Eisenberg
e722121be8
Merge pull request #7618 from github/aeisenberg/getting-started-docs
...
Docs: Simplify getting started docs
2022-01-25 08:30:06 -08:00
Edoardo Pirovano
1b539eb4dc
Merge branch rc/3.4 into main
2022-01-25 16:22:01 +00:00
Edoardo Pirovano
cc7b72af41
Merge branch rc/3.4 into main
2022-01-25 16:16:44 +00:00
Mathias Vorreiter Pedersen
5d0f7efe84
Merge pull request #7743 from jketema/doc-fixes
...
CodeQL documentation fixes
2022-01-25 16:11:08 +00:00
Henry Mercer
70f7535988
JS: Move experimental notice to the bottom of the ML-powered query help
...
The Code Scanning UI shows just the first paragraph of the query help
as a summary, until a user chooses to expand the help.
We decided it was more useful to display the standard query help in this
summary compared to the experimental query notice, since there is
already a notice about experimental queries on the alert show page.
2022-01-25 15:52:09 +00:00
Tom Hvitved
afd6f58fe8
Merge pull request #7741 from hvitved/csharp/compilation-args-exclude-extractor-args
...
C#: Exclude extractor arguments from `compilation_args` relation
2022-01-25 16:31:46 +01:00
Geoffrey White
63ff17b3c1
Merge pull request #7737 from geoffw0/clrtxt5
...
C++: Upgrade cpp/cleartext-storage-file
2022-01-25 15:09:13 +00:00
Jeroen Ketema
082c712843
Replace Block by BlockStmt in basic C/C++ query documentation
...
`Block` has be deprecated in favor of `BlockStmt`.
2022-01-25 15:21:34 +01:00
Jeroen Ketema
1cfd222770
Remove redundant can
2022-01-25 15:21:06 +01:00
Michael Nebel
f1d5d3af9d
C#: Add change note for extended property patterns.
2022-01-25 15:13:11 +01:00
Michael Nebel
44cc044a3d
C#: Add testcase for extended property patterns (to indicate that they are de-sugared correctly).
2022-01-25 15:13:11 +01:00
Michael Nebel
833e8e4f1d
C#: Add some examples with the extended property pattern syntax.
2022-01-25 15:13:11 +01:00
Michael Nebel
83e7fae578
C#: Desugar property patterns that uses member access syntax.
2022-01-25 15:13:11 +01:00
Tom Hvitved
d7a91fdbe6
C#: Exclude extractor arguments from compilation_args relation
2022-01-25 15:09:29 +01:00
Geoffrey White
e4a3e9ee23
C++: Change note.
2022-01-25 13:55:01 +00:00
Geoffrey White
340b40e8f3
C++: Modernize cpp/cleartext-storage-buffer.
2022-01-25 13:54:42 +00:00
Stephan Brandauer
4ee290acd3
update test for 'node:' prefix
2022-01-25 14:25:44 +01:00
Stephan Brandauer
20ea825e4a
test for 'node:' prefix for importing node modules
2022-01-25 13:43:16 +01:00
shati-patel
1462565810
Clarify "download packs" usage
2022-01-25 12:37:17 +00:00
Erik Krogh Kristensen
cc527bdecd
Merge pull request #7721 from erik-krogh/CWE-1275
...
JS: add a js/samesite-none-cookie cookie
2022-01-25 13:28:08 +01:00
Shati Patel
9e1e2ba442
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-01-25 12:27:00 +00:00
Tom Hvitved
49488fa0a0
Ruby: Fix bad join in ActionControllerHelperMethod
...
```
[2022-01-25 12:35:14] (234s) Tuple counts for ActionController::ActionControllerHelperMethod#class#ff/2@ef816fil after 1.5s:
7685 ~0% {3} r1 = JOIN ActionController::ActionControllerContextCall#ff#shared WITH Method::Method::getName_dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'controllerClass', Lhs.0 'this'
13198 ~0% {3} r2 = JOIN r1 WITH Constant::ConstantValue::getStringOrSymbol_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'controllerClass', Lhs.2 'this', Rhs.1
15835365 ~4% {5} r3 = JOIN r2 WITH AST::AstNode::getEnclosingModule_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, "helper_method", Lhs.0 'controllerClass', Lhs.1 'this', Lhs.2
12943 ~1% {4} r4 = JOIN r3 WITH Call::MethodCall::getMethodName_dispred#ff ON FIRST 2 OUTPUT Lhs.4, Lhs.2 'controllerClass', Lhs.3 'this', Lhs.0
1146184 ~0% {4} r5 = JOIN r4 WITH Expr::Expr::getConstantValue_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.3, Rhs.1, Lhs.1 'controllerClass', Lhs.2 'this'
212 ~0% {2} r6 = JOIN r5 WITH project#Call::Call::getArgument_dispred#fff ON FIRST 2 OUTPUT Lhs.3 'this', Lhs.2 'controllerClass'
return r6
```
Joining on enclosing module and name simultaneously yields a much better join.
2022-01-25 13:00:13 +01:00
Alvaro Muñoz Sanchez
9ee967d6db
update test file
2022-01-25 12:42:41 +01:00
Erik Krogh Kristensen
caaee5e4e5
make a utility predicate for extracting sameSite values
2022-01-25 12:32:04 +01:00
Erik Krogh Kristensen
9f9dee5d18
apply documentation suggestions
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-25 12:14:16 +01:00
Tom Hvitved
67962cb93d
Ruby: Fix bad join in access predicate
...
Joining on variable name alone is a bad thing:
```
[2022-01-25 11:13:20] (228s) Tuple counts for Variable::Cached::access#ff#shared/3@868b54tu after 3m37s:
112554 ~0% {3} r1 = JOIN Variable::VariableReal::getNameImpl_dispred#ff WITH Variable::VariableReal::getDeclaringScopeImpl_dispred#ff ON FIRST 1 OUTPUT Lhs.1, Lhs.0 'arg2', Rhs.1 'arg1'
561015756 ~1% {3} r2 = JOIN r1 WITH Variable::variableName#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Lhs.2 'arg1', Lhs.1 'arg2'
return r2
```
This change ensures that we join on name and scope simultaneously.
2022-01-25 11:37:38 +01:00
Michael Nebel
26d9848fca
Merge pull request #7730 from michaelnebel/csharp/csharp10-release-notes
...
C#: Add change notes for the already implemented C# 10 features.
2022-01-25 11:31:02 +01:00
Geoffrey White
d70b813949
Merge pull request #7732 from MathiasVP/security-severity-for-return-stack-allocated-memory
...
C++: Add security-severity to `cpp/return-stack-allocated-memory`
2022-01-25 10:13:49 +00:00
Stephan Brandauer
9825136e58
add support for the 'node:' prefix for importing internal modules
2022-01-25 10:55:34 +01:00
Alvaro Muñoz Sanchez
c49c7903a8
add java.util.regex models and tests
2022-01-25 10:50:39 +01:00
Tom Hvitved
0299b4603f
Merge pull request #7677 from hvitved/ruby/constant-value
...
Ruby: Replace `getValueText` with `getConstantValue`
2022-01-25 10:31:02 +01:00
Harry Maclean
962d0213b5
Ruby extractor: stop using deprecated function
2022-01-25 22:04:24 +13:00
Tony Torralba
82ad79f55f
Merge pull request #7728 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-25 09:53:12 +01:00
Mathias Vorreiter Pedersen
72241886bf
C++: Add security-severity to 'cpp/return-stack-allocated-memory'.
2022-01-25 08:49:00 +00:00
Michael Nebel
f6a8d50593
C#: Add change notes for the already implemented C# 10 features.
2022-01-25 09:46:57 +01:00
Stephan Brandauer
35cc5ff0e2
Merge pull request #7715 from kaeluka/recognize-fs-extra-path-args
...
JS: add a predicate to recognize path arguments in calls to the fs-extra lib
2022-01-25 09:36:59 +01:00
Tom Hvitved
06776d19ee
Merge pull request #4949 from luchua-bc/cs/hash-without-salt
...
C#: Query to detect hash without salt
2022-01-25 09:04:23 +01:00
Tom Hvitved
fdd787b89c
Merge pull request #7658 from hvitved/csharp/dataflow/no-negative-positions
...
C#: Get rid of negative parameter/argument data-flow positions
2022-01-25 09:01:44 +01:00
dependabot[bot]
6543b1a3a9
Update clap requirement from 2.33 to 3.0
...
Updates the requirements on [clap](https://github.com/clap-rs/clap ) to permit the latest version.
Apply this update in both the generator and extractor.
2022-01-25 16:53:39 +13:00
Harry Maclean
c5904b7410
Add inline tests for API Graph subclassing
2022-01-25 16:41:49 +13:00
Harry Maclean
517f2d0823
Add optional results to InlineExpectationsTest
...
The idea behind optional results is that there may be instances where
each line of source code has many results and you don't want to annotate
all of them, but you still want to ensure that any annotations you do
have are correct.
This change makes that possible by exposing a new predicate
`hasOptionalResult`, which has the same signature as `hasResult`.
Results produced by `hasOptionalResult` will be matched against any
annotations, but the lack of a matching annotation will not cause a
failure.
We will use this in the inline tests for the API edge getASubclass,
because for each API path that uses getASubclass there is always a
shorter path that does not use it, and thus we can't use the normal
shortest-path matching approach that works for other API Graph tests.
2022-01-25 16:41:49 +13:00
Harry Maclean
d0a274c1e8
Use API graph subclassing in GraphQL modelling
...
This simplifies some of the code.
2022-01-25 16:41:24 +13:00
Harry Maclean
5e7a29a979
Ruby: Use API graph subclassing in Rails modelling
...
Now that API graphs have basic subclassing support, we can simplify some
of the ActiveRecord and ActionController code.
2022-01-25 16:40:14 +13:00
github-actions[bot]
1c2f4e79ff
Add changed framework coverage reports
2022-01-25 00:10:23 +00:00
Dave Bartolomeo
9183a4d7e7
Merge remote-tracking branch 'upstream/main' into dbartol/side-effect-reorder/work
2022-01-24 15:56:38 -05:00
CodeQL CI
8d1e22bc38
Merge pull request #7632 from erik-krogh/CWE-862
...
Approved by esbena, felicitymay
2022-01-24 12:47:16 -08:00
Erik Krogh Kristensen
d4bac887cf
add a js/samesite-none-cookie cookie
2022-01-24 21:39:41 +01:00
yo-h
364f07e3c5
Merge pull request #7725 from github/turbo-go-117-update
...
Update supported Go version
2022-01-24 15:23:00 -05:00
Robert Marsh
6d3381cb89
Merge pull request #7718 from MathiasVP/move-return-stack-allocated-memory-into-code-scanning
...
C++: Add `security` tag to `cpp/return-stack-allocated-memory`
2022-01-24 14:52:23 -05:00
Tom Hvitved
66a24c5c49
Ruby: Introduce TAnyArrayElementContent
2022-01-24 20:25:05 +01:00
Pierre
af0fc37f39
Update supported Go version
2022-01-24 20:20:04 +01:00
Andrew Eisenberg
f71217706a
Merge branch 'main' into aeisenberg/getting-started-docs
2022-01-24 11:16:13 -08:00
Rasmus Wriedt Larsen
301318020f
Merge pull request #7455 from haby0/py/add-shutil-module-path-injection-sinks
...
Python: Add shutil module sinks for path injection query
2022-01-24 20:06:36 +01:00
Tom Hvitved
e3afcb1b06
C#: Add missing severity and update expected test output
2022-01-24 20:00:25 +01:00
Tom Hvitved
65e1c0ebc1
Merge remote-tracking branch 'upstream/main' into cs/hash-without-salt
2022-01-24 19:57:07 +01:00
Geoffrey White
e42d3e540a
C++: Change note.
2022-01-24 18:32:17 +00:00
Geoffrey White
764f27f08e
C++: Upgrade to path-problem.
2022-01-24 18:32:05 +00:00
Geoffrey White
bbaac556e2
C++: Reveal the FP to be an issue with dataflow / model of strcpy.
2022-01-24 17:53:37 +00:00
Geoffrey White
11929378c7
C++: Upgrade cpp/cleartext-storage-file to full taint flow.
2022-01-24 17:48:45 +00:00
Andrew Eisenberg
497c87851c
Merge pull request #7571 from github/aeisenberg/remove-upgrades
...
Update docs on the output of `resolve qlpacks`
2022-01-24 09:02:02 -08:00
Erik Krogh Kristensen
75f389749a
Merge pull request #7719 from erik-krogh/cwe-219
...
JS: add CWE-219 to js/exposure-of-private-files
2022-01-24 17:06:09 +01:00
Tom Hvitved
cc712c20cb
Ruby: Use bitShiftLeft instead of pow in parseInteger
2022-01-24 16:06:35 +01:00
Erik Krogh Kristensen
bb786bc557
fix good/bad mixup in ClientExposedCookie qhelp
2022-01-24 15:34:30 +01:00
Tony Torralba
4f4f531dfc
Add missing QLDoc
2022-01-24 15:13:09 +01:00
Tom Hvitved
6efa595478
Merge pull request #7688 from hvitved/dataflow/required-component-stack
...
Data flow: Restructure `RequiredSummaryComponentStack`
2022-01-24 15:10:08 +01:00
Tom Hvitved
2a972dc045
Address review comments
2022-01-24 14:27:42 +01:00
Tony Torralba
b59fd4070f
Merge pull request #7136 from atorralba/atorralba/promote-insecure-trustmanager
...
Java: Promote Insecure TrustManager from experimental
2022-01-24 14:05:14 +01:00
Erik Krogh Kristensen
148b0c33a9
update the empty-password-in-config-file qhelp
2022-01-24 13:39:54 +01:00
Erik Krogh Kristensen
ab0d67a573
update query name and description
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-01-24 13:37:25 +01:00
Erik Krogh Kristensen
b2dc02b831
Merge pull request #7717 from erik-krogh/cwe-80
...
JS: add CWE-80 to queries that detect bad HTML sanitizers
2022-01-24 13:34:57 +01:00
Tom Hvitved
64f19637d4
Address review comments
2022-01-24 13:33:18 +01:00
Erik Krogh Kristensen
823cadecd5
add CWE-219 to js/exposure-of-private-files
2022-01-24 13:22:06 +01:00
Tom Hvitved
6a2f4719e8
Merge pull request #672 from github/post-release-prep/codeql-cli-2.7.6
...
Post-release preparation for codeql-cli-2.7.6
2022-01-24 13:01:01 +01:00
Edoardo Pirovano
413c0a8f4f
Merge pull request #7673 from github/post-release-prep/codeql-cli-2.7.6
...
Post-release preparation for codeql-cli-2.7.6
2022-01-24 11:59:51 +00:00
Mathias Vorreiter Pedersen
7db66055e5
C++: Add change note.
2022-01-24 11:57:25 +00:00
Mathias Vorreiter Pedersen
08379df613
C++: Add 'security' tag to 'cpp/return-stack-allocated-memory'.
2022-01-24 11:43:38 +00:00
Geoffrey White
4c99d39acf
Merge pull request #7701 from MathiasVP/remove-intentional-get-stack-pointer
...
C++: Remove FPs from `cpp/return-stack-allocated-memory`
2022-01-24 11:39:10 +00:00
Geoffrey White
588447d596
C++: Fix up isParameterDeref.
2022-01-24 11:06:24 +00:00
Owen Mansel-Chan
daabd3a045
Merge pull request #673 from owen-mc/refactor-returnvalue-n
...
Refactor `ReturnValue[n]` in data flow libraries
2022-01-24 10:47:22 +00:00
Arthur Baars
78b4d7cbb5
Ruby: remove redundant cast
2022-01-24 11:27:31 +01:00
Arthur Baars
0cef887683
Ruby: address comments
2022-01-24 11:27:26 +01:00
Geoffrey White
683f909f7a
Merge pull request #7704 from geoffw0/clrtxt4
...
C++: Another improvement to cpp/cleartext-transmission
2022-01-24 10:11:11 +00:00
Erik Krogh Kristensen
ab1bc685bb
add CWE-80 to queries that detect bad HTML sanitizers
2022-01-24 11:01:17 +01:00
Stephan Brandauer
02db472209
consistent notation
2022-01-24 10:58:06 +01:00
Anders Schack-Mulligen
7af6dc7164
Merge pull request #7702 from atorralba/atorralba/fix-jndi-injection-sinks
...
Java: Remove some JNDI Injection sinks
2022-01-24 10:53:58 +01:00
Stephan Brandauer
8be58fe01e
Fix comment to avoid summarizing implementation
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-01-24 10:47:28 +01:00
Arthur Baars
5df1f7a0c3
Ruby: use CfgNodes classes to implement case value to pattern variable taint steps
2022-01-24 10:31:08 +01:00
Arthur Baars
7d7e9ba9e1
Ruby: add CasePattern classes to CfgNodes
2022-01-24 10:31:08 +01:00
Arthur Baars
e9a01f9e8f
Ruby: fix test case
2022-01-24 10:31:08 +01:00
Arthur Baars
634c8cd060
Ruby: Generalize CfgNodes::ChildMapping
2022-01-24 10:31:08 +01:00
Arthur Baars
fcec8a8388
Address comments
2022-01-24 10:31:08 +01:00
Arthur Baars
ab4935fe68
Ruby: fix some alerts
2022-01-24 10:31:08 +01:00
Arthur Baars
7630b277b8
Ruby: update AST and CFG test data
2022-01-24 10:31:08 +01:00
Arthur Baars
26a0167d6d
Ruby: add taint step test for hash patterns
2022-01-24 10:31:06 +01:00
Arthur Baars
49c452239e
Ruby: add taint steps from case value to variables in patterns
2022-01-24 10:10:22 +01:00
Arthur Baars
77a3e4bd61
Ruby: CFG: fix completion of AsPattern variable
2022-01-24 10:10:22 +01:00
Stephan Brandauer
b277731312
add a predicate to recognize path arguments in calls to the fs-extra lib
2022-01-24 09:40:22 +01:00
Tony Torralba
908b7c43f2
Fix stubs
2022-01-24 09:34:43 +01:00
Anders Schack-Mulligen
9bd2ac96ea
Merge pull request #7705 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-24 09:14:35 +01:00
Anders Schack-Mulligen
b4bf7a1561
Merge pull request #7698 from aschackmull/java/bitwise-assignop-guards
...
Java: Add support for bitwise compound assignments in Guards.
2022-01-24 09:11:53 +01:00
github-actions[bot]
020970ff4c
Add changed framework coverage reports
2022-01-24 00:09:45 +00:00
Harry Maclean
8419daad03
Ruby: Add subclassing support to API Graphs
...
Given the code
class A; end
class B < A; end
class C < A; end
You can find uses of B and C with the expression
API::getTopLevelMember("A").getASubclass()
2022-01-24 12:21:39 +13:00
luchua-bc
27043a09b3
File path injection with the JFinal framework
2022-01-23 18:07:48 +00:00
Andrew Eisenberg
aee9eb5203
Apply docs fixes
...
Co-authored-by: James Fletcher <42464962+jf205@users.noreply.github.com >
2022-01-21 11:35:15 -08:00
Aditya Sharad
67e3f5edbc
Merge pull request #7685 from adityasharad/merge/3.3-3.4
...
Merge rc/3.3 into rc/3.4
2022-01-21 10:49:19 -08:00
Tom Hvitved
85e1cda81b
Ruby: Distinguish symbols from strings in ConstantValue
2022-01-21 19:16:12 +01:00
Harry Maclean
8e40899dfd
Merge pull request #7419 from github/hmac/const-get
2022-01-22 07:01:09 +13:00
Harry Maclean
2fa18801aa
Merge pull request #7665 from github/hmac/barrier-guard-array-const
2022-01-22 06:59:51 +13:00
Geoffrey White
4326e6f706
C++: Split 'gets' model and make it a local source.
2022-01-21 17:29:49 +00:00
Geoffrey White
79735f5ac5
C++: Add test case.
2022-01-21 17:29:48 +00:00
Tony Torralba
78d7e538a5
Remove some JNDI Injection sinks
...
Add tests and stubs
2022-01-21 17:47:15 +01:00
Henry Mercer
c41de33156
Merge pull request #7700 from github/henrymercer/js-atm-fix-xss-results-pattern
...
JS: Fix copy/paste error in XSS ML-powered queries results patterns
2022-01-21 16:18:33 +00:00
Geoffrey White
0b98397e9b
C++: Catch another encryption clue.
2022-01-21 16:16:16 +00:00
Geoffrey White
97447d0b3a
C++: Expand tests.
2022-01-21 16:16:15 +00:00
Tony Torralba
4df0f399cd
Move ContentProvider models to the appropriate file
2022-01-21 16:55:43 +01:00
Tony Torralba
c6dd7ddf7a
Fix stub
2022-01-21 16:55:43 +01:00
Tony Torralba
4f253590f1
Fix method name in LocalDatabaseOpenMethodAccess
2022-01-21 16:55:43 +01:00
Tony Torralba
652a1d2dc2
Fix wrongly resolved rebase conflicts
2022-01-21 16:55:43 +01:00
Tony Torralba
5cf664411b
Remove unneeded nonSuspicious values
2022-01-21 16:55:43 +01:00
Tony Torralba
baa1f71a53
Add QLDoc
2022-01-21 16:55:43 +01:00
Tony Torralba
4e4f619ae4
Update java/ql/lib/semmle/code/java/security/CleartextStorageAndroidDatabaseQuery.qll
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-21 16:55:43 +01:00
Tony Torralba
c5ed5fcaac
Apply suggestions from code review
...
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com >
2022-01-21 16:55:42 +01:00
Tony Torralba
ee84dae164
Fix predicate name
2022-01-21 16:55:42 +01:00
Tony Torralba
16b61f78e6
Fix QLDocs and the qhelp example
2022-01-21 16:55:42 +01:00
Tony Torralba
f0604e2e84
Added query for Cleartext Storage in Android Database
2022-01-21 16:55:42 +01:00
Henry Mercer
84907f91f1
JS: Fix copy/paste error in XSS ML-powered queries results patterns
...
We didn’t catch this because our unit tests test only library code due
to the previous difficulty of running queries with an ML model (the ML
models in packs work should fix that), and because the end-to-end
evaluation runs separate queries that have different result patterns.
Going forward we should create unit tests for the queries themselves,
which will require using the ML model in tests. We should also be able
to catch this type of error using DCA.
2022-01-21 15:17:52 +00:00
Mathias Vorreiter Pedersen
48064c1c8f
C++: Fix false positive.
2022-01-21 15:16:02 +00:00
Mathias Vorreiter Pedersen
7c8c2090f7
C++: Add real-world false positive from the 'cpp/return-stack-allocated-memory' query.
2022-01-21 15:14:18 +00:00
Mathias Vorreiter Pedersen
117795c409
Merge pull request #7682 from MathiasVP/rewrite-return-stack-allocated-memory-to-use-ir
...
C++: Use the IR for `cpp/return-stack-allocated-memory`.
2022-01-21 14:57:30 +00:00
yoff
a77a6ec864
Merge pull request #7684 from erik-krogh/patches
...
small refactorizations across CodeQL
2022-01-21 15:04:14 +01:00
Tom Hvitved
9d89cace95
Merge pull request #7643 from michaelnebel/csharp/struct-improvements
...
C#: Struct (and to a minor extent anonymous types) improvements
2022-01-21 14:51:26 +01:00
Anders Schack-Mulligen
5f7ee337cd
Java: Use more set literal syntax.
2022-01-21 13:58:27 +01:00
Anders Schack-Mulligen
41d294229d
Java: Add support for bitwise compound assignments in Guards.
2022-01-21 13:56:07 +01:00
Rasmus Lerchedahl Petersen
9aa4c4a6a7
python: Add missing input
...
also update test expectation
2022-01-21 13:55:33 +01:00
Rasmus Lerchedahl Petersen
41908cbf9f
python: add missing qldoc
2022-01-21 13:55:08 +01:00
Tony Torralba
1eaa379bb7
Merge pull request #7681 from atorralba/atorralba/improve-android-implicit-intents-query
...
Java: Improvements to the Android query Use of implicit PendingIntents
2022-01-21 13:46:17 +01:00
Rasmus Lerchedahl Petersen
49d4b1480d
python: Do not remove ChainedConfigs12.qll
...
since it was clearly already used.
Add deprecation message instead.
2022-01-21 12:27:29 +01:00
Rasmus Lerchedahl Petersen
35c9307baa
python: rewrite NoSQLInjection to use flow state
...
This allows a bit more precision. Specifically, we could
require the sanitizer to only affect `ConvertedToDict`.
In practice, most sanitizers woudl probably fail on raw
input also, though.
2022-01-21 12:12:58 +01:00
Chris Smowton
d6d1c943f1
Merge pull request #674 from erik-krogh/patches
...
use more set literals
2022-01-21 10:59:48 +00:00
Tony Torralba
c7e1df5689
Update java/ql/src/Security/CWE/CWE-927/ImplicitPendingIntents.qhelp
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-01-21 11:57:11 +01:00
Erik Krogh Kristensen
a235f8f023
remove redundant inline type casts
2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen
b75c316c27
fix non-us spelling
2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen
f500bccbe4
add explicit this to member call
2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen
ddfc3bc00f
use set literals instead of big disjunctions
2022-01-21 11:46:33 +01:00
Tom Hvitved
55f427ca0e
Ruby: Use multiple threads in QL test CI job
2022-01-21 11:46:08 +01:00
Benjamin Muskalla
830c2dc90a
Merge pull request #7603 from bmuskalla/commonsIoModel
...
Java: Replace Commons IO model
2022-01-21 11:42:27 +01:00
yoff
5b9ae9cede
Merge pull request #7659 from RasmusWL/move-regex-injection-files
...
Python: Move regex injection configuration files
2022-01-21 11:42:06 +01:00
Tony Torralba
0846d1f7b6
Merge pull request #7691 from atorralba/atorralba/fix-recursion-entrypointfieldstep
...
Java: Fix recursion in `entrypointFieldStep`
2022-01-21 11:37:58 +01:00
Tony Torralba
3f6e035016
Docs improvements
2022-01-21 11:37:02 +01:00
yoff
4fd0ada9a8
Merge pull request #7652 from RasmusWL/cleartext-remove-fps
...
Python: Remove usernames as sensitive source for cleartext queries
2022-01-21 11:30:40 +01:00
Erik Krogh Kristensen
f9d5cbf017
update qhelp
...
Co-authored-by: Esben Sparre Andreasen <esbena@github.com >
2022-01-21 11:26:58 +01:00
Tony Torralba
d22632ef78
Fix recursion in entrypointFieldStep
...
When using local taint tracking to define a RemoteFlowSource, a recursion was created because entrypointFieldStep adds new RemoteFlowSources and was a local taint step. This is fixed by converting entrypointFieldStep into a defaultAdditionalTaintStep instead of a localAdditionalTaintStep, i.e. it will only affect global taint tracking from now on.
2022-01-21 10:48:13 +01:00
Erik Krogh Kristensen
debebb2b8c
rewrite the qhelp for js/insecure-dependency
2022-01-21 10:41:08 +01:00
Tom Hvitved
f9b906d1e2
C#: Update uses of RequiredSummaryComponentStack
2022-01-21 09:42:16 +01:00
Tom Hvitved
cba733136c
Data flow: Sync
2022-01-21 09:42:16 +01:00
Tom Hvitved
f1a2b21e44
Data flow: Restructure RequiredSummaryComponentStack
2022-01-21 09:42:16 +01:00
Rasmus Lerchedahl Petersen
a5bc5373d0
python: Rewrite path injection to use flow state
...
This removes the FP cause by chaining
This PR also removes `ChainedConfigs12.qll`,
as we hope to solve future problems via flow states.
2022-01-21 09:26:48 +01:00
Tom Hvitved
aa9cfebc65
Ruby: Replace getValueText with getConstantValue
2022-01-21 09:19:19 +01:00
CodeQL CI
b02f1c87a1
Merge pull request #7679 from erik-krogh/ql-doc-style
...
Approved by esbena
2022-01-20 23:43:44 -08:00
CodeQL CI
2287b6e549
Merge pull request #7675 from erik-krogh/move-url-sink-to-customizations
...
Approved by esbena
2022-01-20 23:43:15 -08:00
Aditya Sharad
ccc6291844
Merge rc/3.3 into rc/3.4
...
Conflicts in *-support.rst resolved in favour of rc/3.3, which has a new paragraph.
Enterprise version numbers updated to LGTM Enterprise 1.30 and CodeQL 2.7.6.
2022-01-20 15:49:10 -08:00
Erik Krogh Kristensen
504e7a161d
simplify an redundant any() expression
2022-01-20 22:34:26 +01:00
Erik Krogh Kristensen
99994eeeb1
use set literals instead of big disjunctions
2022-01-20 22:33:40 +01:00
Erik Krogh Kristensen
15c1ce722a
Merge pull request #7678 from erik-krogh/use-set
...
JS: use more set literals
2022-01-20 21:03:48 +01:00
shati-patel
8fc429caf4
Emphasize use case for installing pack deps
2022-01-20 19:03:30 +00:00
Mathias Vorreiter Pedersen
bd1720f797
C++: Add change note.
2022-01-20 18:27:09 +00:00
Mathias Vorreiter Pedersen
e689f6bad2
C++: Use the IR for 'cpp/return-stack-allocated-memory'.
2022-01-20 18:22:49 +00:00
Tom Hvitved
cbea5eaeaa
C#: Simplify argument/parameter positions for captured variables
2022-01-20 17:08:12 +01:00
Tony Torralba
6fe0b78978
Remove PendingIntentAsField step and add SliceProviderLifecycle step
2022-01-20 16:52:07 +01:00
Andrew Eisenberg
534f8999b6
Update docs/codeql/codeql-cli/getting-started-with-the-codeql-cli.rst
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-01-20 07:09:34 -08:00
Erik Krogh Kristensen
2bffe56580
update expected output
2022-01-20 16:06:57 +01:00
Erik Krogh Kristensen
3155114e36
use more set literals
2022-01-20 16:06:34 +01:00
Anders Schack-Mulligen
fede7dd238
Merge pull request #7676 from aschackmull/java/instanceaccessnode
...
Java: Add data flow node encapsulating instance accesses.
2022-01-20 15:40:21 +01:00
Erik Krogh Kristensen
a77b2b0209
Merge pull request #7668 from erik-krogh/simplify-casts
...
simplify expressions that could be type-casts
2022-01-20 15:20:18 +01:00
Erik Krogh Kristensen
5780161b2c
fix most issues found by ql/class-doc-style in JS
2022-01-20 15:10:16 +01:00
Chris Smowton
38048399d3
Merge pull request #671 from owen-mc/misc-clean-ups
...
Correct module name in file comment
2022-01-20 14:00:46 +00:00
Alex Ford
9613ff743b
Merge pull request #7611 from github/ruby/protect_from_forgery-without-exception
...
Ruby: flag up `protect_from_forgery` calls without an exception strategy
2022-01-20 13:45:30 +00:00
Tony Torralba
caab1c3332
Merge pull request #6963 from atorralba/atorralba/android-onactivityresult-source
...
Android: Add the Intent parameter of the `onActivityResult` method as a source
2022-01-20 14:27:30 +01:00
Tony Torralba
29e87b3abd
Merge pull request #6975 from atorralba/atorralba/android-intent-uri-permission-manipulation
...
Java: CWE-266 - Query to detect Intent URI Permission Manipulation in Android applications
2022-01-20 14:27:02 +01:00
Geoffrey White
b230681bc8
Merge pull request #7650 from geoffw0/clrtxt3
...
C++: Improve cpp/cleartext-transmission
2022-01-20 13:21:54 +00:00
Rasmus Wriedt Larsen
f53dce3a83
Python: Apply suggestions from code review
...
Co-authored-by: Taus <tausbn@github.com >
2022-01-20 14:20:15 +01:00
Anders Schack-Mulligen
43da5aabbe
Java: Add dataflow node encapsulating instance accesses.
2022-01-20 14:12:33 +01:00
Erik Krogh Kristensen
7167e856fe
move electron sink to the customizations file
2022-01-20 14:07:23 +01:00
Owen Mansel-Chan
44641de91b
Represent ReturnValue[n] correctly in test output
2022-01-20 13:06:35 +00:00
Owen Mansel-Chan
691bb97fdc
Move ReturnValue[]-specific code to non-shared file
2022-01-20 13:06:35 +00:00
Erik Krogh Kristensen
548fb47603
JS: move ExternalArtifact.qll into lib/ folder to fix ql/db-type-outside-core
2022-01-20 14:00:57 +01:00
Erik Krogh Kristensen
9b69de8588
QL: add query detecting use of db-types outside the lib folder
2022-01-20 14:00:55 +01:00
github-actions[bot]
ab218421da
Post-release preparation for codeql-cli-2.7.6
2022-01-20 12:59:20 +00:00
github-actions[bot]
c52caa6322
Post-release preparation for codeql-cli-2.7.6
2022-01-20 12:59:04 +00:00
Tony Torralba
62f847a82e
Apply suggestions from code review
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-01-20 13:44:10 +01:00
Tony Torralba
3957ebe880
Fix bitwiseLocalTaintStep
2022-01-20 13:34:32 +01:00
Owen Mansel-Chan
54855113c4
Correct module name in file comment
2022-01-20 12:30:52 +00:00
Chris Smowton
de07035c27
Merge pull request #670 from github/smowton/admin/remove-committed-binary
...
Delete accidentally committed binary file
2022-01-20 12:28:01 +00:00
Tony Torralba
265f8a3b19
Make bitwise taintsteps specific for this query
2022-01-20 13:23:56 +01:00
Tony Torralba
4e9849e19d
Refactor IntentFlagsOrDataCheckedGuard to avoid footgun
2022-01-20 13:23:55 +01:00
Tony Torralba
62c21918b2
Add QLDoc to guard and sanitizer
2022-01-20 13:23:54 +01:00
Tony Torralba
58a0bcd70f
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-20 13:23:53 +01:00
Tony Torralba
8767d2db23
Don't capitalize the term content provider
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-20 13:23:52 +01:00
Tony Torralba
596cfd399e
Improve description
2022-01-20 13:23:52 +01:00
Tony Torralba
ab560234e3
Update java/change-notes/2021-10-27-android-intent-uri-permission-manipulation-query.md
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-20 13:23:51 +01:00
Tony Torralba
3405db31b8
Add qhelp
2022-01-20 13:23:51 +01:00
Tony Torralba
6152c8a989
Add change note
2022-01-20 13:23:48 +01:00
Tony Torralba
e1d30ebc09
Added severity
...
Removed duplicated code
2022-01-20 13:23:15 +01:00
Tony Torralba
ec8ffeed07
Add Intent URI Permission Manipulation query
2022-01-20 13:23:14 +01:00
Michael Nebel
e804922a2c
C#: Add flow test case for with expressions on anonymous types.
2022-01-20 13:14:06 +01:00
Michael Nebel
97d9985e0b
C#: Add support for flow via object initializer for anonymous types.
2022-01-20 13:12:19 +01:00
Tony Torralba
c09b6691e1
Merge pull request #6171 from atorralba/atorralba/promote-unsafe-certificate-trust
...
Java: Promote Unsafe certificate trust query from experimental
2022-01-20 12:07:03 +01:00
Chris Smowton
8111fbb69b
Delete m
2022-01-20 10:57:11 +00:00
Felicity Chapman
e178626226
Merge pull request #7653 from github/felicitymay-patch-1
...
Port changes from main to rc/3.3 to avoid regression
2022-01-20 10:45:13 +00:00
Erik Krogh Kristensen
6b7d84add7
QL: exclude fields that are uniquely used in call to an IPA constructor
2022-01-20 11:37:08 +01:00
Anders Schack-Mulligen
f154530141
Merge pull request #7662 from JLLeitschuh/patch-2
...
Fix typo in FileWritable
2022-01-20 11:13:59 +01:00
Benjamin Muskalla
8217873bae
Align files with new naming pattern
2022-01-20 11:02:53 +01:00
Anders Schack-Mulligen
4aa2661dc1
Merge pull request #7634 from bmuskalla/refactorLangModel
...
Refactor Apache Commons Lang model
2022-01-20 11:01:25 +01:00
Benjamin Muskalla
4cac35adad
Regnerate model to capture char[] APIs
2022-01-20 10:59:28 +01:00
Benjamin Muskalla
857c2778a6
Added missing model for ReadableByteChannel
...
This reveals more models for commons io
2022-01-20 10:59:28 +01:00
Benjamin Muskalla
b20b3ab480
Regenrate model to replace manual models
2022-01-20 10:59:27 +01:00
Benjamin Muskalla
93f6fde63c
Keep not-yet-covered models
2022-01-20 10:59:27 +01:00
Benjamin Muskalla
d07997699f
Introduce generated model for Commons IO
2022-01-20 10:59:24 +01:00
Geoffrey White
8bdbaf4b57
C++: Autoformat.
2022-01-20 09:52:24 +00:00
CodeQL CI
cfa670c123
Merge pull request #7651 from erik-krogh/CWE-471
...
Approved by asgerf, esbena
2022-01-20 01:47:39 -08:00
Tom Hvitved
8c00d3e643
Merge pull request #669 from github/release-prep/2.7.6
...
Release preparation for version 2.7.6
2022-01-20 10:45:00 +01:00
Erik Krogh Kristensen
4e8e3a7420
simplify expressions that could be type-casts
2022-01-20 10:41:35 +01:00
Benjamin Muskalla
2748bbffa3
Merge pull request #7656 from bmuskalla/excludeMainLoggingGenerator
...
Java: Exclude irrelevant rows from models
2022-01-20 10:40:51 +01:00
Tony Torralba
967308fbfd
Change InsecureTrustManagerConfiguration to DataFlow
2022-01-20 10:24:47 +01:00
mc
c105d71952
Update InsecureTrustManager.qhelp
...
Fixed typos and carried out and editorial review
2022-01-20 10:24:46 +01:00
Tony Torralba
7a1a45f5f9
QLDoc
2022-01-20 10:24:46 +01:00
Tony Torralba
77c2b43560
Add change note and severity score
2022-01-20 10:24:43 +01:00
Michael Nebel
76a0853f5b
C#: Add struct declaration and update line numbers for the existing test cases.
2022-01-20 10:23:57 +01:00
Tony Torralba
d58bb4753e
Refactor tests
2022-01-20 10:23:19 +01:00
Tony Torralba
ab4dc30f54
Refactor into libraries
2022-01-20 10:23:18 +01:00
Tony Torralba
7cd05fb685
Move from experimental
2022-01-20 10:23:18 +01:00
Erik Krogh Kristensen
6e9771fbf6
QL: make FieldAccess::getDeclaration return a FieldDecl
2022-01-20 09:59:45 +01:00
Michael Nebel
7d7ab58108
C#: Add flow test for record struct fields.
2022-01-20 09:58:02 +01:00
Michael Nebel
210bad6c29
C#: Add test case for with expressions for record structs, structs and anonymous types.
2022-01-20 09:58:02 +01:00
Michael Nebel
fc7f642734
C#: With expression examples for record structs, structs and anonymous types.
2022-01-20 09:58:02 +01:00
Michael Nebel
858aec3839
C#: Add test for source of the struct parameterless constructor(s).
2022-01-20 09:58:02 +01:00
Michael Nebel
073d2f2c75
C#: Add some example struct types, including one with a default constructor declarations.
2022-01-20 09:58:01 +01:00
Michael Nebel
547f492be0
Merge pull request #7577 from michaelnebel/csharp/line-pragma
...
C#: Make support for Line span pragma
2022-01-20 09:51:57 +01:00
Erik Krogh Kristensen
708c18d4c2
QL: update the name of the consistency query to make code-scanning alerts more clear
2022-01-20 09:41:13 +01:00
Erik Krogh Kristensen
b8f1fb3954
JS: fix ql/field-only-used-in-charpred within JavaScript
2022-01-20 09:41:13 +01:00
Erik Krogh Kristensen
3d3c6875a6
QL: add query detecting fields that are only used within the charpred
2022-01-20 09:41:10 +01:00
github-actions[bot]
1e5721b9b9
Release preparation for version 2.7.6
2022-01-20 08:21:09 +00:00
Harry Maclean
5dcee6ba27
Ruby: Add File.open as a FileSystemAccess
2022-01-20 21:09:41 +13:00
Rasmus Lerchedahl Petersen
32cbeae05f
python: missing start tag for relation
2022-01-20 08:56:12 +01:00
Rasmus Lerchedahl Petersen
d10ad3bdd4
python: update stats for tables
2022-01-20 08:42:32 +01:00
Harry Maclean
6bae03a7cc
Ruby: Update string const barrier guard
...
This change recognises guards like `FOO.include?`, where `FOO` is an array
constant.
2022-01-20 17:34:12 +13:00
Harry Maclean
13a0ece25c
Ruby: Add test case: array constant barrier guard
...
This guard isn't yet recognised as a `StringConstArrayInclusionCall`.
2022-01-20 17:07:01 +13:00
Owen Mansel-Chan
bfae3fdf97
Merge pull request #665 from owen-mc/update-function-get-a-call
...
Update `Function.getACall()`
2022-01-19 23:36:20 +00:00
Andrew Eisenberg
95355b5854
Docs: Add back removed section on getting started
...
Adds a second getting started, specifically for checking out the
codeql repo as a way to get the core queries.
This ensures that people wanting to work in the traditional way still
have the old docs available.
2022-01-19 13:36:57 -08:00
Jonathan Leitschuh
23548c50e1
Fix typo in FileWritable
2022-01-19 16:14:38 -05:00
Chris Smowton
5a2a15c9da
Merge pull request #668 from github/smowton/fix/no-pack-install-verify
...
Don't use codeql pack install --verify
2022-01-19 20:01:42 +00:00
Tom Hvitved
70f4efb834
Merge pull request #7646 from hvitved/csharp/roslyn-tuple-elements-workaround
...
C#: Workaround Roslyn bug in `INamedTypeSymbol.TupleElements`
2022-01-19 19:54:29 +01:00
Chris Smowton
7f39b1e12c
Don't use codeql pack install --verify
...
This shouldn't fail, but currently does due to a bug and is unnecessary in any case.
2022-01-19 18:40:05 +00:00
Tom Hvitved
128682b59e
C#: Replace Argument[-1] with Argument[Qualifier] in all flow summaries
2022-01-19 18:54:24 +01:00
Rasmus Lerchedahl Petersen
7e9a9e3d9a
python: remove compiler warnings
2022-01-19 18:01:58 +01:00
shati-patel
dc71ecef83
Docs: Mention packaging commands in CodeQL extension
2022-01-19 16:36:01 +00:00
Rasmus Wriedt Larsen
b9ee2960e2
Python: Add change-note
2022-01-19 17:24:53 +01:00
Rasmus Wriedt Larsen
aa10ad6a8a
Python: Fix RegexInjection query, add old deprecated versions
2022-01-19 17:22:44 +01:00
Rasmus Wriedt Larsen
e82ea7ad17
Python: move regex injection configuration files
...
I did not notice that these went to the wrong location in
https://github.com/github/codeql/pull/6693 . They should be in the
dataflow folder with the rest of the data-flow configurations files, the
injection folder is for old points-to based modeling.
2022-01-19 17:21:46 +01:00
Owen Mansel-Chan
4d1dcb3260
Remove first disjunct as it is a subset of second disjunct
2022-01-19 16:21:06 +00:00
Tom Hvitved
0990a1b404
C#: Get rid of negative parameter/argument data-flow positions
2022-01-19 17:14:37 +01:00
Tony Torralba
695e77a219
Simplify isSslSocket predicate
2022-01-19 17:01:28 +01:00
Mathias Vorreiter Pedersen
40c8881575
Merge pull request #7472 from erik-krogh/redundant-aggregate
...
QL-for-QL: Add a could-be-cast query
2022-01-19 15:48:00 +00:00
Henry Mercer
58b1a6fd40
Merge pull request #7655 from github/henrymercer/bump-atm-query-pack-v0.0.6
...
JS: Bump ML-powered query packs to v0.0.6
2022-01-19 15:44:55 +00:00
Tony Torralba
e442e50e6b
Apply suggestions from code review
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-01-19 16:43:48 +01:00
Tony Torralba
101ad777e3
Move things around after rebase
2022-01-19 16:43:48 +01:00
Tony Torralba
03020582af
Apply suggestions from code review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-01-19 16:43:47 +01:00
Tony Torralba
9ffc5ab183
Update java/ql/src/semmle/code/java/security/UnsafeCertTrustQuery.qll
...
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com >
2022-01-19 16:43:47 +01:00
Tony Torralba
c16181dd2f
QLDocs
2022-01-19 16:43:46 +01:00
Tony Torralba
000a544729
Decouple UnsafeCertTrust.qll to reuse the taint tracking configuration
2022-01-19 16:43:43 +01:00
Tony Torralba
1e2a956a30
Remove unused stub
2022-01-19 16:43:02 +01:00
Tony Torralba
d9e98ceacc
Consider setSslContextFactory and fix tests
2022-01-19 16:43:01 +01:00
Tony Torralba
4d207101e2
Fix QLDoc
2022-01-19 16:43:00 +01:00
Tony Torralba
999acb0021
Improve qhelp references
2022-01-19 16:43:00 +01:00
Tony Torralba
e9712f04a4
Add missing QLDoc
2022-01-19 16:42:59 +01:00
Tony Torralba
698fd64f7f
Adjust test after rebase
2022-01-19 16:42:59 +01:00
Tony Torralba
68fe3dd9f4
Fix conflicts in experimental query
2022-01-19 16:42:58 +01:00
Tony Torralba
c24520cb75
Adjust qhelp after rebase
2022-01-19 16:42:58 +01:00
Tony Torralba
5997b874de
Add change note
2022-01-19 16:42:53 +01:00
Tony Torralba
9e93aecf75
Add spurious test case
2022-01-19 16:42:06 +01:00
Tony Torralba
19d1a780ca
Generalize sanitizer using local flow
2022-01-19 16:42:05 +01:00
Tony Torralba
64518bf91a
Handle a specific pass-by-reference flow issue
2022-01-19 16:42:04 +01:00
Tony Torralba
4508945f85
Fix assumption regarding when an SSLSocket does the TLS handhsake
2022-01-19 16:42:03 +01:00
Tony Torralba
e842acf9e0
Improve qhelp
2022-01-19 16:42:03 +01:00
Tony Torralba
5d4cd70f8c
Adjusted sources and sanitizer of UnsafeCertTrust taint tracking config
2022-01-19 16:42:02 +01:00
Tony Torralba
e43fff2d30
Use InlineExpectationsTest
2022-01-19 16:42:02 +01:00
Tony Torralba
02d0fa9188
Minor changes in QLDocs and a sanitizer's type
2022-01-19 16:42:01 +01:00
Tony Torralba
4313baf622
Big refactor:
...
- Move classes and predicates to appropriate libraries
- Overhaul the endpoint identification algorithm logic to use taint tracking
- Adapt tests
2022-01-19 16:42:00 +01:00
Tony Torralba
e0f4c73aed
Move from experimental
2022-01-19 16:42:00 +01:00
Rasmus Lerchedahl Petersen
a0e79c1d7a
update stats for types
...
- should still update stats for tables
2022-01-19 16:38:19 +01:00
Tony Torralba
6096080156
Use all possible packages for Fragment classes
...
Also fix stub
2022-01-19 16:23:11 +01:00
Benjamin Muskalla
52406dc8df
Exclude logging sinks
...
Those sinks are too coarse grained to be exposed as sinks on any model.
2022-01-19 16:11:59 +01:00
Benjamin Muskalla
25d251c24f
Exclude main methods from models
2022-01-19 16:11:59 +01:00
Tony Torralba
3c9fac0c6e
Sync DataFlowImplForOnActivityResult.qll
2022-01-19 16:11:51 +01:00
Tony Torralba
6a4d2ee850
Apply code review suggestions
2022-01-19 16:08:31 +01:00
Tony Torralba
57ff13dd19
Sync DataFlowImplForOnActivityResult to latest changes
2022-01-19 16:08:31 +01:00
Tony Torralba
ea4ff80cc6
Add DataFlowImplForOnActivityResult to identical-files.json
2022-01-19 16:08:31 +01:00
Tony Torralba
37916a8368
Fix previous merge
2022-01-19 16:08:31 +01:00
Tony Torralba
d9d9ad7d63
Use dedicated instance of DataFlow
2022-01-19 16:08:31 +01:00
Tony Torralba
aef63f69b0
Formatting
2022-01-19 16:08:30 +01:00
Tony Torralba
4b3029564c
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-19 16:08:29 +01:00
Tony Torralba
c675028537
Add Fragment and Activity edge case
2022-01-19 16:08:28 +01:00
Tony Torralba
9ae1f1cf85
QLDoc
2022-01-19 16:08:27 +01:00
Tony Torralba
211cb9370f
Add the Intent parameter of onActivityResult as a source
2022-01-19 16:08:25 +01:00
Tony Torralba
520d8f5ec5
Add stubs
2022-01-19 16:06:23 +01:00
Tom Hvitved
7e3f3c6e2a
Merge pull request #7515 from hvitved/csharp/extraction-mode
...
C#: Introduce extractor mode to identify DBs created with `codeql test run`
2022-01-19 16:04:57 +01:00
Chris Smowton
162b3822dd
Merge pull request #7613 from github/smowton/admin/tag-random-used-once
...
Remove security-severity tag to java/random-used-once
2022-01-19 14:43:08 +00:00
Henry Mercer
c134e6c9ef
JS: Bump ML-powered query packs to v0.0.6
2022-01-19 14:40:42 +00:00
Rasmus Wriedt Larsen
93b3cd669a
Python: Cleanup: Remove old points-to versions of queries
...
Since we've internally agreed that we've reached the same or better set
of results.
2022-01-19 15:30:12 +01:00
Felicity Chapman
51e8b4c7ed
Port changes from main to rc/3.3 to avoid regression
2022-01-19 14:26:52 +00:00
Rasmus Wriedt Larsen
e82e648ca1
Python: Remove usernames as sensitive source for cleartext queries
...
Closes #6363 , #6927 , #6726 , #7497 , #7116
2022-01-19 15:25:21 +01:00
Rasmus Lerchedahl Petersen
db253e8939
python: upgrade and downgrade scripts
2022-01-19 15:22:57 +01:00
Chris Smowton
c63fcb2c69
Add change note
2022-01-19 14:13:45 +00:00
Rasmus Wriedt Larsen
f3daff4e5a
Python: Add FP tests for cleartext logging
2022-01-19 15:13:06 +01:00
Chris Smowton
f0645a34b9
Remove security-severity tag instead
...
This leaves the Java query in the same state as its C# cousin.
2022-01-19 14:06:40 +00:00
Erik Krogh Kristensen
cb9e14f544
add cwe-471 to js/prototype-pollution
2022-01-19 14:54:57 +01:00
Alex Ford
0aab670b17
Ruby: add missing example rails action
2022-01-19 13:47:00 +00:00
Tom Hvitved
cb098df4ea
Merge pull request #7334 from github/hmac/regexp-interpolations
...
Ruby: Resolve simple string interpolations
2022-01-19 14:43:58 +01:00
Alex Ford
45ed5a806c
Ruby: changenote for rb/csrf-protection-disabled enhancement
2022-01-19 13:41:00 +00:00
Alex Ford
b27d315ff4
Ruby: add an example of protect_from_forgery with: :exception
2022-01-19 13:30:27 +00:00
Mathias Vorreiter Pedersen
dfbde23821
Merge pull request #7627 from geoffw0/nullterm5
...
C++: Fix branch related FPs in cpp/improper-null-termination.
2022-01-19 13:30:05 +00:00
Rasmus Lerchedahl Petersen
ef9fb0873f
python: tools for writing upgrades and downgrade
...
adapted from [the ruby instructions](https://github.com/github/codeql/blob/main/ruby/doc/prepare-db-upgrade.md )
2022-01-19 14:29:58 +01:00
Rasmus Lerchedahl Petersen
36e18d5d80
python: dataflow for match
...
- also update `validTest.py`, but commented out for now
otherwise CI will fail until we force it to run with Python 3.10
- added debug utility for dataflow (`dataflowTestPaths.ql`)
2022-01-19 14:29:58 +01:00
Rasmus Lerchedahl Petersen
bb210f4172
pythos: SSA for match
...
- new SSA definition `PatternCaptureDefinition`
- new SSA definition `PatternAliasDefinition`
- implement `hasDefiningNode`
2022-01-19 14:29:58 +01:00
Rasmus Lerchedahl Petersen
de8ecb214f
python: Wrappers for database classes
...
- new syntactic category `Pattern` (in `Patterns.qll`)
- subpatterns available on statments
- new statements `MatchStmt` and `Case`
(`Match` would conflict with the shared ReDoS library)
- new expression `Guard`
- support for pattern lists
2022-01-19 14:29:58 +01:00
Erik Krogh Kristensen
e4203a4109
add CWE-471 to the prototype-pollution queries
2022-01-19 14:26:34 +01:00
Tom Hvitved
dacb33d1dd
C#: Adjust Roslyn workaround
2022-01-19 14:12:21 +01:00
Geoffrey White
0230494799
C++: Expand QLDoc comment.
2022-01-19 13:07:55 +00:00
Owen Mansel-Chan
7fd2fff1ba
Merge pull request #666 from owen-mc/tainted-path-add-more-tests
...
Add tests for tainted path query checking the sanitizers and sanitizer guards work
2022-01-19 13:00:57 +00:00
Henry Mercer
061b9badfe
Merge pull request #7649 from github/henrymercer/bump-atm-query-pack-v0.0.5
...
JS: Bump ML-powered query packs to v0.0.5
2022-01-19 13:00:41 +00:00
Geoffrey White
acfd593eb4
C++: Change note.
2022-01-19 13:00:36 +00:00
Geoffrey White
330b4c3704
C++: Generalize hasSocketInput a little to include fgets and friends.
2022-01-19 13:00:35 +00:00
Geoffrey White
9c2d961ae5
C++: Fix another expression of stdin / stdout we see in practice.
2022-01-19 13:00:34 +00:00
Michael Nebel
d7cd1cf0b9
C#: Address review comments.
2022-01-19 13:50:02 +01:00
Tom Hvitved
4f90b45dd7
C#: Address review comments
2022-01-19 13:46:22 +01:00
Tom Hvitved
c8509cc382
C#: Introduce extractor mode to identify DBs created with codeql test run
2022-01-19 13:46:22 +01:00
Geoffrey White
d77ba020f9
C++: Support more routines as proof-of-encryption in cpp/cleartext-transmission.
2022-01-19 12:40:32 +00:00
Rasmus Lerchedahl Petersen
b17f844f35
python: New generated files
2022-01-19 13:36:32 +01:00
Geoffrey White
974a8b1a9a
C++: Add a test case.
2022-01-19 12:33:21 +00:00
Henry Mercer
d467725ccd
JS: Bump ML-powered query packs to v0.0.5
2022-01-19 12:08:33 +00:00
Michael Nebel
3df30545d3
Merge pull request #7628 from michaelnebel/csharp/issue-7609
...
C#: Fix false positive alert for shadowing on record types.
2022-01-19 12:24:57 +01:00
Tom Hvitved
71ddd00a6c
C#: Workaround Roslyn bug in INamedTypeSymbol.TupleElements
2022-01-19 11:33:03 +01:00
Michael Nebel
edafdc8fde
C#: Added change note.
2022-01-19 11:04:53 +01:00
Michael Nebel
194da454b1
C#: Add record deconstruct method as an exception from the bad practice rule.
2022-01-19 11:04:53 +01:00
Michael Nebel
2eea6ca5fd
C#: Example record type with autogenerated Deconstruct method.
2022-01-19 11:04:53 +01:00
Mathias Vorreiter Pedersen
bdfde88e99
Merge pull request #7630 from JarLob/patch-2
...
C++: Reduce FPs in IncorrectPrivilegeAssignment.ql
2022-01-19 09:49:43 +00:00
Owen Mansel-Chan
85319b2dbf
Add tests for tainted path sanitizers and sanitizer guards
2022-01-19 09:49:15 +00:00
Erik Krogh Kristensen
ef2eacebce
add a js/empty-password-in-configuration-file query
2022-01-19 10:48:45 +01:00
Michael Nebel
55f787bcae
Merge pull request #7605 from michaelnebel/csharp/record-struct
...
C#: Support for record structs
2022-01-19 10:39:52 +01:00
Harry Maclean
994fcf54b5
Merge pull request #7126 from jeffgran/jg/graphql-ruby
...
Ruby: Add support for GraphQL
2022-01-19 22:19:30 +13:00
Erik Krogh Kristensen
b7a0b8765e
add js/http-dependency query
2022-01-19 10:05:39 +01:00
Harry Maclean
08d48b9375
Add top-level doc comment to GraphQL.qll
2022-01-19 21:42:46 +13:00
Tony Torralba
b2c7175ac5
Merge pull request #7641 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-19 09:34:01 +01:00
Tom Hvitved
f02aeafef1
Ruby: Move regex/non-regex split into TAstNode to convey disjointness
2022-01-19 09:22:01 +01:00
github-actions[bot]
f7240be136
Add changed framework coverage reports
2022-01-19 00:09:52 +00:00
Jaroslav Lobačevski
a1b0315d90
Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
2022-01-19 00:52:10 +01:00
Andrew Eisenberg
01b5881de6
Docs: Remove reference to checking out main branch
...
We are no longer including information about how to check out
github/codeql, so this paragraph doesn't fit any more.
2022-01-18 15:48:33 -08:00
Owen Mansel-Chan
84f9b74f50
t Improve documentation of Function.getACall
2022-01-18 23:44:34 +00:00
Owen Mansel-Chan
3c02403701
Do not use getACall() when we only want direct calls
...
In both of these locations we do not want calls through interface methods.
2022-01-18 23:36:14 +00:00
Andrew Eisenberg
0cd6556964
Docs: Update analyzing databases docs
...
Add more information about running packs. Include the `--download` flag.
2022-01-18 15:03:08 -08:00
Andrew Eisenberg
7fcf567eda
Docs: Simplify getting started docs
...
It is no longer necessary to check out a version of `github/codeql` as
a sibling directory to the distribution. Instead, users can download
the required packs as needed. using the `pack download` command or
the `--download` option for `codeql database analyze`.
2022-01-18 15:03:08 -08:00
Harry Maclean
4f7f92490a
Distinguish regex components from strings
...
Create a set of classes for components of regex literals,
separate from those of string literals. This allows us to special-case
components of free-spacing regexes (ones with the /x flag) to not have a
`getValueText()`.
This in turn is useful because our regex parser can't handle free-spacing
regexes, so excluding them ensures that we don't generate erroneous
ReDoS alerts.
2022-01-19 11:23:40 +13:00
Jaroslav Lobačevski
3fa2516898
Update cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
2022-01-18 21:47:55 +01:00
Jaroslav Lobačevski
d1c89562b8
Apply suggestions from code review
2022-01-18 21:45:13 +01:00
Chris Smowton
84097468cc
Merge pull request #7286 from luchua-bc/java/unsafe-url-forward-dispatch
...
Java: CWE-552 Query to detect unsafe request dispatcher usage
2022-01-18 18:19:20 +00:00
Owen Mansel-Chan
1aebf4ccac
Merge pull request #664 from owen-mc/add-change-note-function-getacall
...
Add change note for change to `Function.getACall`
2022-01-18 18:12:29 +00:00
Henry Mercer
63672ca394
Merge pull request #7616 from github/henrymercer/js-atm-add-query-help
...
JS: Add query help for ML-powered queries
2022-01-18 18:11:53 +00:00
Chris Smowton
1e32514600
Avoid using this for a non-extending supertype, and remove needless casts
2022-01-18 17:20:40 +00:00
Benjamin Muskalla
9e91b805d6
Sort Lang3 models
2022-01-18 18:10:37 +01:00
Benjamin Muskalla
e6800c877c
Merge Lang3 rows
2022-01-18 18:10:37 +01:00
Benjamin Muskalla
736e68820c
Split out Lang3 models
2022-01-18 18:10:37 +01:00
Benjamin Muskalla
67b60dcf78
Sort Lang2 rows
2022-01-18 18:10:36 +01:00
Benjamin Muskalla
82bda6d573
Merge Lang2 summary models
2022-01-18 18:10:36 +01:00
Benjamin Muskalla
8eb6743586
Split out Lang2 rows
2022-01-18 18:10:33 +01:00
Chris Smowton
d744cf9053
Clean up guard logic:
...
* Always sanitize after the second guard, not the first
* Only check basic-block dominance in one place
* One BarrierGuard extension per final guard
2022-01-18 17:10:06 +00:00
Chris Smowton
748008ad51
Remove dangling reference to UnsafeRequestPath.java
2022-01-18 17:08:38 +00:00
luchua-bc
a3d65a8ed0
Update recommendation in qldoc and make examples more comprehendible
2022-01-18 17:01:26 +00:00
Owen Mansel-Chan
84116e1681
Update ql/lib/change-notes/2022-01-18-function-get-a-call.md
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-18 16:51:07 +00:00
Owen Mansel-Chan
fd1136a777
Add change note for change to Function.getACall
2022-01-18 16:42:57 +00:00
Geoffrey White
982fb8f73a
C++: Add change note.
2022-01-18 16:38:44 +00:00
Robert Marsh
024bd27485
Merge pull request #7578 from MathiasVP/store-dest-should-not-be-use
...
C++: Store destinations should not be uses for dataflow SSA
2022-01-18 11:36:15 -05:00
Jeff Gran
47697f59c1
Ruby: Add classes for detecting user input from graphql-ruby
2022-01-18 09:13:58 -07:00
CodeQL CI
1912c56f82
Merge pull request #7631 from RasmusWL/sqlalchemy-scoped-session
...
Approved by tausbn
2022-01-18 14:31:49 +00:00
Erik Krogh Kristensen
2433eafef2
add query for detecting insecure temprary files
2022-01-18 14:54:56 +01:00
Rasmus Wriedt Larsen
95e935e9c1
Python: Support SQLAlchemy scoped_session
2022-01-18 14:34:31 +01:00
Erik Krogh Kristensen
30d896bdbb
QL: make the alert-message more precise when the type-cast is also redundant
2022-01-18 14:25:43 +01:00
Jaroslav Lobačevski
92f5a5f893
Reduce FPs in IncorrectPrivilegeAssignment.ql
...
Implements suggestions from https://github.com/github/codeql/pull/6949#issuecomment-976482965
2022-01-18 13:43:17 +01:00
Erik Krogh Kristensen
14d2f5fe02
QL: add a new ql/could-be-cast query
2022-01-18 13:37:32 +01:00
Erik Krogh Kristensen
a1f4c85dea
QL: update expected output for the printAst test
2022-01-18 13:37:04 +01:00
Erik Krogh Kristensen
1ec868eeae
QL: various improvements to Ast.qll
2022-01-18 13:23:33 +01:00
Erik Krogh Kristensen
95ae113994
QL: downgrade redundant-inline-cast to a warning query
2022-01-18 13:22:01 +01:00
Erik Krogh Kristensen
ea7945bac1
QL: show recommendation queries by default, and remove the MissingQLDoc query
2022-01-18 13:21:07 +01:00
Henry Mercer
be0c26f83d
Merge pull request #7617 from github/henrymercer/js-atm-update-alert-messages
...
JS: Update alert messages for ML-powered queries
2022-01-18 11:37:02 +00:00
Mathias Vorreiter Pedersen
cb0cc8d859
Merge pull request #7625 from geoffw0/nullterm4
...
C++: Fix some code duplication.
2022-01-18 11:18:06 +00:00
Tony Torralba
b16b0270d2
Merge pull request #6779 from atorralba/atorralba/android-implicit-pending-intents
...
Java: CWE-927 - Query to detect the use of implicit PendingIntents
2022-01-18 12:14:47 +01:00
Geoffrey White
548a62d1ab
C++: Fix branch related FPs in cpp/improper-null-termination.
2022-01-18 11:13:08 +00:00
Felicity Chapman
c3ed74d63c
Merge pull request #7604 from github/lgtm-1.29-docs
...
Update version numbers in CodeQL support notes for LGTM 1.29
2022-01-18 11:09:38 +00:00
Chris Smowton
9819752bdd
Merge pull request #7526 from smowton/smowton/fix/restore-nodes-edges-consistency
...
Don't include arg -> param edges in PathGraph::edges where arg is not reachable
2022-01-18 11:05:47 +00:00
Benjamin Muskalla
7e215a5193
Merge pull request #7599 from bmuskalla/modelWriter
...
Java: Model Appenable and Writer
2022-01-18 11:55:27 +01:00
Henry Mercer
1893b9f7a9
Merge pull request #7376 from github/henrymercer/js-atm-absent-features-optimization
...
JS: Update featurization for absent features optimization
2022-01-18 10:15:53 +00:00
Tony Torralba
f103d45340
Merge branch 'main' into atorralba/android-implicit-pending-intents
2022-01-18 10:50:49 +01:00
Mathias Vorreiter Pedersen
e1598aba5e
C++: Fix spelling.
2022-01-18 09:44:36 +00:00
Tony Torralba
3ff7710a18
Improve ExplicitIntent's QLDoc
2022-01-18 10:43:52 +01:00
Tony Torralba
fe2755c4a0
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-18 10:41:19 +01:00
Benjamin Muskalla
365a8d9bbd
Fix flow for fluent appendable api
2022-01-18 10:41:00 +01:00
Benjamin Muskalla
8e6a15640f
Model basic channel APIs
2022-01-18 10:40:39 +01:00
Anders Schack-Mulligen
fff3b5c5b4
Dataflow: Add qldoc.
2022-01-18 10:39:55 +01:00
Anders Schack-Mulligen
9479301485
Ruby: Accept qltest expected changes.
2022-01-18 10:36:52 +01:00
Anders Schack-Mulligen
5cfa3c7927
C++: Accept qltest expected changes.
2022-01-18 10:36:52 +01:00
Anders Schack-Mulligen
7b98ca9b0a
C#: Adjust qltest expected output.
2022-01-18 10:36:52 +01:00
Anders Schack-Mulligen
aa9912a699
Java: Fix expected output
2022-01-18 10:36:52 +01:00
Anders Schack-Mulligen
71e39353ca
Dataflow: Sync.
2022-01-18 10:36:52 +01:00
Anders Schack-Mulligen
b22c4e3c56
Dataflow: Bugfix: include subpaths ending at a sink.
2022-01-18 10:34:14 +01:00
Chris Smowton
f7d3892320
Update test expectations
2022-01-18 10:30:09 +01:00
Anders Schack-Mulligen
dfa79f6119
Dataflow: Sync.
2022-01-18 10:30:09 +01:00
Anders Schack-Mulligen
46736a137c
Dataflow: Don't include subpaths that can't reach a sink.
2022-01-18 10:30:09 +01:00
Chris Smowton
2c37885f6e
Sync dataflow
2022-01-18 10:30:09 +01:00
Chris Smowton
7c9b44b4cb
Don't include arg -> param edges in PathGraph::edges whose arg is not reachable
...
This avoids lots of missing-node warnings from `codeql bqrs interpret` as it discards the nodes that occur in the `edges` relation but not `nodes`. The problem arises because subpaths introduced two variants of `reach`, one of which is more restrictive than simply `reach(succ) and succ = pred.getASuccessor()`, so it no longer suffices to just check that the successor is reachable.
2022-01-18 10:30:09 +01:00
Michael Nebel
de3d62b3f4
C#: Update stats file for the new relations (they are unfortunately empty).
2022-01-18 09:33:40 +01:00
Michael Nebel
bf21026771
C#: Add downgrade scripts for the line span pragma.
2022-01-18 09:32:14 +01:00
Michael Nebel
8fd116fbd7
C#: Add upgrade scripts for the new tables requires for the line span pragma.
2022-01-18 09:32:14 +01:00
Michael Nebel
ac47c96f48
C#: Add Line span pragma test case.
2022-01-18 09:32:14 +01:00
Michael Nebel
8b048ca17e
C#: Add line span pragma example.
2022-01-18 09:32:14 +01:00
Michael Nebel
93255dfe13
C#: Add QL library support for the Line span directive.
2022-01-18 09:32:14 +01:00
Michael Nebel
7e264668d8
C#: Refator directive visitor to use expression body.
2022-01-18 09:32:14 +01:00
Michael Nebel
af380f846e
C#: Add support in the extractor for the LineSpanDirective.
2022-01-18 09:32:14 +01:00
Michael Nebel
195d40c04e
C#: Add new class needed for LineSpanDirective and modify existing implementation to use the new types.
2022-01-18 09:32:14 +01:00
Michael Nebel
a197befb5f
C#: Add shared base class for line and line span pragmas.
2022-01-18 09:32:14 +01:00
Michael Nebel
c9467d7e94
C#: Add new tables to the dbscheme line span pragma.
2022-01-18 09:32:14 +01:00
Anders Schack-Mulligen
c41ec1f8ec
Merge pull request #7619 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-18 09:17:40 +01:00
github-actions[bot]
b8959f7bdb
Add changed framework coverage reports
2022-01-18 00:10:52 +00:00
Alex Ford
c1a51d94a2
Ruby: add test for protect_from_forgery without exception strategy
2022-01-17 17:44:52 +00:00
Erik Krogh Kristensen
d63f4bfd94
Merge pull request #7615 from erik-krogh/super-charpred
...
QL: support this.method() calls in the charpred that references non-extending supertypes
2022-01-17 18:32:10 +01:00
Felicity Chapman
e0110bd25e
FIx typo in new note
2022-01-17 17:20:00 +00:00
Henry Mercer
ffa4135cbe
JS: Update alert messages for ML-powered queries
2022-01-17 17:19:49 +00:00
Erik Krogh Kristensen
a4cfb80b81
QL: update comment
2022-01-17 17:19:15 +00:00
Felicity Chapman
e7dde79d50
Add note and link to main CodeQL CLI docs
2022-01-17 17:14:58 +00:00
Erik Krogh Kristensen
85c273a413
QL: support this.method() calls in the charpred that references non-extending supertypes
2022-01-17 17:42:35 +01:00
Henry Mercer
e9128466d4
JS: Add query help for ML-powered queries
...
Query help is identical to the original query, except for a new
paragraph prepended to the overview explaining that the queries are
experimental.
We add Markdown query help since only Markdown query help is embedded in
SARIF via `--sarif-add-query-help`.
2022-01-17 16:34:50 +00:00
Henry Mercer
568d37e9b9
JS: Update definition of ATM query suite
...
It's simpler to just run all the queries in the pack instead of
specifying the IDs.
2022-01-17 16:34:50 +00:00
Geoffrey White
d475101286
C++: Fix some code duplication.
2022-01-17 16:26:22 +00:00
Owen Mansel-Chan
065043b311
Merge pull request #7588 from owen-mc/add-specific-needs-reference-predicates
...
Dataflow: Add language-specific NeedsReference predicates
2022-01-17 15:51:34 +00:00
Asger Feldthaus
79f799066a
JS: Update test output
2022-01-17 16:27:57 +01:00
Michael Nebel
b927aad6ed
C#: Address review comments related to record structs.
2022-01-17 16:16:18 +01:00
Michael Nebel
6c1bb4a3a9
C#: Add test case for record class and record structs.
2022-01-17 16:16:18 +01:00
Michael Nebel
746fd603d8
C#: Add flow summary test for record struct constructors.
2022-01-17 16:16:18 +01:00
Michael Nebel
9770f09839
C#: Deprecate Record and introduce RecordClass instead. Also make flow summary support for record struct constructors.
2022-01-17 16:16:18 +01:00
Michael Nebel
55cb2aa160
C#: Use modifier to decide, if a type is a record like type and implement support for record struct types.
2022-01-17 16:16:18 +01:00
Michael Nebel
dc76775d07
C#: Consider 'record' a type modifier in the extractor (it can be applied to both class and struct).
2022-01-17 16:16:18 +01:00
Michael Nebel
c17bd29640
C#: Rename C# code file and update test.
2022-01-17 16:16:18 +01:00
Tony Torralba
e967b8a9be
Merge pull request #6576 from atorralba/atorralba/android-cleartext-storage-filesystem
...
Java: Create new query Cleartext storage of sensitive information in Android filesystem
2022-01-17 14:02:38 +01:00
Tony Torralba
227929508f
Merge pull request #6923 from atorralba/atorralba/android-fragment-injection
...
Java: CWE-470 - Queries to detect Fragment Injection in Android applications
2022-01-17 14:02:15 +01:00
Tom Hvitved
3c837c322b
Merge pull request #7514 from github/post-release-prep/codeql-cli-2.7.5
...
Post-release preparation for codeql-cli-2.7.5
2022-01-17 12:40:33 +01:00
Tom Hvitved
429a9658e1
Merge pull request #657 from github/post-release-prep/codeql-cli-2.7.5
...
Post-release preparation for codeql-cli-2.7.5
2022-01-17 12:40:24 +01:00
Tony Torralba
7beab7cb59
Apply code review suggestions
2022-01-17 12:02:27 +01:00
Mathias Vorreiter Pedersen
78642aaae2
Merge pull request #7593 from MathiasVP/fix-join-order-in-get-conversion-type
...
C++: Fix join order in 'getConversionType4'
2022-01-17 11:01:08 +00:00
Chris Smowton
16aa53a928
Add security tag to java/random-used-once
...
Raised in https://github.com/github/codeql/issues/7601 , this is one of the only .ql files that has a security-severity score but not the tag "security", including many other queries that live outside the `Security/` subdirectory.
Besides this the only other files with this security-severity-but-no-security-tag combination are:
```
java/ql/src/Frameworks/JavaEE/EJB/EjbContainerInterference.ql
java/ql/src/Frameworks/JavaEE/EJB/EjbFileIO.ql
java/ql/src/Frameworks/JavaEE/EJB/EjbNative.ql
java/ql/src/Frameworks/JavaEE/EJB/EjbReflection.ql
java/ql/src/Frameworks/JavaEE/EJB/EjbSecurityConfiguration.ql
java/ql/src/Frameworks/JavaEE/EJB/EjbSerialization.ql
java/ql/src/Frameworks/JavaEE/EJB/EjbSetSocketOrUrlFactory.ql
```
Given their location I'm assuming these queries are disabled by default and likely shouldn't changed?
2022-01-17 10:35:34 +00:00
Tony Torralba
a23b8a4a43
Update java/ql/src/Security/CWE/CWE-470/FragmentInjection.inc.qhelp
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-17 11:20:39 +01:00
Tony Torralba
ba3a4fb717
Rename filesystemStore predicate after d9e6e5aa04
2022-01-17 11:13:41 +01:00
Tony Torralba
500deac12d
Change query description
2022-01-17 11:11:05 +01:00
Tony Torralba
d9e6e5aa04
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-17 11:11:05 +01:00
Tony Torralba
22aad17d0e
Apply review suggestions
...
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com >
2022-01-17 11:11:04 +01:00
Tony Torralba
9bbba3c96f
Adjust UnsupportedExternalAPIs test
2022-01-17 11:11:04 +01:00
Tony Torralba
1e4840e071
Fix predicate name
2022-01-17 11:11:03 +01:00
Tony Torralba
79ddbd6fe4
Fix QLDoc and the qhelp example
2022-01-17 11:11:03 +01:00
Tony Torralba
c1ac09a063
Added query for Cleartext Storage in Android Filesystem
2022-01-17 11:11:00 +01:00
Paolo Tranquilli
6a53b7b233
Merge pull request #7543 from github/rdmarsh2/cpp/hex-format-range-analysis
...
C++: Use range analysis for maximum lengths of `%x` formats
2022-01-17 08:32:34 +01:00
Alex Ford
d09f48ecb4
Ruby: flag up protect_from_forgery calls without an exception strategy
2022-01-16 20:56:13 +00:00
Artem Smotrakov
825fe1797a
Fixed another false-positive in CWE-297/IgnoredHostnameVerification.ql
2022-01-16 18:55:49 +00:00
Artem Smotrakov
6dad0e21d9
Ignore wrapped HostnameVerifier.vefify() calls
2022-01-16 18:29:30 +00:00
Artem Smotrakov
dcf251bb93
Fixed typos in IgnoredHostnameVerification.qhelp
2022-01-16 18:27:49 +00:00
Fosstars
2b33265d0f
Added a query for ignored hostname verification
...
- Added IgnoredHostnameVerification.ql
- Added a qhelp file with examples
- Added tests
2022-01-16 18:27:49 +00:00
Artem Smotrakov
f78002bc02
Fixed a false-positive in CWE-297/IgnoredHostnameVerification.ql
2022-01-16 18:25:18 +00:00
Fosstars
e11cb943a6
Added a query for ignored hostname verification
...
- Added IgnoredHostnameVerification.ql
- Added a qhelp file with examples
- Added tests
2022-01-16 18:25:18 +00:00
luchua-bc
4797fce48a
Update use cases and qldoc
2022-01-16 01:15:29 +00:00
luchua-bc
978ef1570a
Update method names
2022-01-16 01:11:25 +00:00
jorgectf
9ab6d21757
Add forward type tracking test
2022-01-14 22:56:51 +01:00
Andrew Eisenberg
a83af5e14c
Merge pull request #661 from github/aeisenberg/changenote-upgrades-removal
...
Changenotes: Add changenotes for upgrades refactoring
2022-01-14 12:12:57 -08:00
Tom Hvitved
2ecf0d3264
Merge pull request #7550 from michaelnebel/csharp/global-using
...
C#: Support for identifying whether a using directive is "global".
2022-01-14 20:03:18 +01:00
Andrew Eisenberg
156588a6a7
Update change note
...
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com >
2022-01-14 10:32:47 -08:00
Robert Marsh
5df6bcf952
C++: change note for hex format range analysis
2022-01-14 13:18:58 -05:00
Dave Bartolomeo
bce2a810a3
Merge pull request #7400 from github/dbartol/change-note-instructions
...
Add instructions for creating change notes.
2022-01-14 13:10:44 -05:00
Robert Marsh
9de63b2812
Merge branch 'main' into rdmarsh2/cpp/hex-format-range-analysis
...
Accept test changes from query split
2022-01-14 12:53:52 -05:00
Andrew Eisenberg
fbb5d7196f
Merge branch 'main' into post-release-prep/codeql-cli-2.7.5
2022-01-14 08:23:43 -08:00
Andrew Eisenberg
c86e96bcc2
Merge branch 'main' into post-release-prep/codeql-cli-2.7.5
2022-01-14 08:19:47 -08:00
Tony Torralba
a2c98baf29
Reordering
2022-01-14 17:17:57 +01:00
Tony Torralba
eb1806c0a9
Split PathMatchGuard into three guards
2022-01-14 17:14:18 +01:00
Ian Lynagh
bba8e45e74
Merge pull request #7602 from igfoo/igfoo/typos
...
Fix a couple of typos: clases / clasess
2022-01-14 15:56:04 +00:00
Henry Mercer
ed28b7f174
Merge pull request #7575 from github/henrymercer/atm-remove-code-to-features
...
JS: Remove ATM `CodeToFeatures` library
2022-01-14 15:31:34 +00:00
Michael Nebel
e09009cd8e
Merge pull request #7118 from michaelnebel/csharp-primary-ql-class
...
C#: PrimaryQlClass
2022-01-14 16:14:28 +01:00
Felicity Chapman
fdf77ad2b9
Update version numbers for LGTM 1.29
2022-01-14 15:07:29 +00:00
Ian Lynagh
22dc24629f
Fix a couple of typos: clases / clasess
2022-01-14 14:28:29 +00:00
Tony Torralba
fb1287d577
Use dominance instead of getParent
...
Add clarification comments to PathMatchGuard
2022-01-14 15:28:02 +01:00
Mathias Vorreiter Pedersen
25253c7b8d
C++: Don't count write operations as uses for IR dataflow. Accept test changes.
2022-01-14 13:39:57 +00:00
Mathias Vorreiter Pedersen
e8afec413a
C++: Add testcase that demonstrates a FP caused by spurious flow through phi nodes in IR dataflow.
2022-01-14 13:34:27 +00:00
Tony Torralba
136fefbab5
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-14 13:38:17 +01:00
luchua-bc
877c52981f
Remove the deprecated library keyword
2022-01-14 12:13:41 +00:00
Tony Torralba
cde7a35c1f
QLDoc
2022-01-14 13:12:30 +01:00
Michael Nebel
8c6c8b0adb
C#: Remove un-needed ql doc comment.
2022-01-14 12:55:54 +01:00
Tony Torralba
6aac848015
Fix imports
2022-01-14 12:43:08 +01:00
Tony Torralba
9f616e7cbe
Refactor to use FlowState
...
Remove the auxiliary DataFlow configuration
2022-01-14 12:24:35 +01:00
Mathias Vorreiter Pedersen
b51c85597b
Merge pull request #7529 from erik-krogh/fixup-library-deps
...
QL: recognize dependecies of the form: libraryPathDependencies: library-name
2022-01-14 11:13:56 +00:00
Erik Krogh Kristensen
b02fecf125
Merge pull request #7600 from erik-krogh/ql-for-ql-team
...
QL: change reviewers of QL-for-QL to a newly created team
2022-01-14 11:45:40 +01:00
Erik Krogh Kristensen
47e56365c4
QL: change reviewers of QL-for-QL to a newly created team
2022-01-14 11:32:09 +01:00
Henry Mercer
d55e6d1ca7
Merge pull request #7594 from github/henrymercer/js-atm-rename-queries
...
JS: Update names, IDs, and tags for ML-powered queries
2022-01-14 10:28:24 +00:00
Benjamin Muskalla
a4429d01a3
Add tests for writer models
2022-01-14 11:12:35 +01:00
Benjamin Muskalla
37ca6a5e41
Model Appenable and Writer
...
This allows us to track taint carried through all kind of writers.
2022-01-14 11:12:35 +01:00
Mathias Vorreiter Pedersen
6d95d47467
Merge branch 'main' into fix-join-order-in-get-conversion-type
2022-01-14 09:53:17 +00:00
Michael Nebel
6009d71e9a
C#: Add getAPrimaryQlClass override to UnknownExpr.
2022-01-14 10:41:44 +01:00
Tony Torralba
df95317a58
Fix tests after stub change
2022-01-14 10:33:21 +01:00
Tony Torralba
6f06be9419
Update change note
2022-01-14 10:33:19 +01:00
Tony Torralba
bd4abf4fd0
Additional Notification models
2022-01-14 10:32:38 +01:00
Tony Torralba
a9757fbc83
Setting null Components is not a sanitizer
2022-01-14 10:32:37 +01:00
Tony Torralba
a59a4024a5
Update stubs
2022-01-14 10:32:36 +01:00
Tony Torralba
66794665f3
Remove unneeded implicit read step
2022-01-14 10:32:36 +01:00
Tony Torralba
a0a914466c
Rewording
2022-01-14 10:32:33 +01:00
Tony Torralba
9c12c5f8b8
Remove duplicated models
2022-01-14 10:32:01 +01:00
Tony Torralba
f963887c58
Change test to avoid collision with SensitiveCommunication.ql
2022-01-14 10:32:01 +01:00
Tony Torralba
48acff9262
Remove unneeded code
2022-01-14 10:32:00 +01:00
Tony Torralba
9e3594fcf1
Added more sinks
2022-01-14 10:32:00 +01:00
Tony Torralba
1e3e48132c
Rewording
2022-01-14 10:31:59 +01:00
Tony Torralba
47c851efaf
Consider more startService methods
2022-01-14 10:31:59 +01:00
Tony Torralba
12059a8a50
Update models to use synthetic fields
2022-01-14 10:31:58 +01:00
Tony Torralba
d49e52fb73
Add support for PendingIntents in Notifications
2022-01-14 10:31:58 +01:00
Tony Torralba
c73e4ebc48
Remove models after rebase
2022-01-14 10:31:58 +01:00
Tony Torralba
7f85dae63b
Add support for implicit field read flows
2022-01-14 10:31:57 +01:00
Tony Torralba
e58a8587db
Add support for Slices
2022-01-14 10:31:56 +01:00
Tony Torralba
d43242d09e
Added tests
2022-01-14 10:31:56 +01:00
Tony Torralba
d0077b8c12
Added query ImplicitPendingIntents
2022-01-14 10:31:53 +01:00
Mathias Vorreiter Pedersen
68385dfab5
Merge pull request #7386 from github/redsun82/cpp-overrunning-write-precision-split
...
C++: split `cpp/overrunning-write` into two
2022-01-14 09:11:39 +00:00
Tom Hvitved
6c20585fc7
C#: Eliminate bad magic optimization
...
```
[2022-01-14 08:57:14] (253s) Tuple counts for Stmt::getAChild#bbf/3@8dfbc66f after 1m53s:
4922010396 ~5% {3} r1 = JOIN ControlFlowElement::ControlFlowElement::getEnclosingCallable_dispred#ff_10#join_rhs WITH ControlFlowElement::ControlFlowElement::getEnclosingCallable_dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'cfe', Rhs.1 'cfe', Lhs.0 'c'
1597068 ~2% {3} r2 = JOIN r1 WITH Element::Element::getAChild_dispred#ff ON FIRST 2 OUTPUT Lhs.0 'cfe', Lhs.2 'c', Lhs.1 'result'
return r2
```
2022-01-14 10:10:23 +01:00
Tom Hvitved
411d2b2876
C#: Update stats
2022-01-14 10:10:23 +01:00
Michael Nebel
f025db0371
C#: Add downgrade script for deleting using_global relation.
2022-01-14 10:10:23 +01:00
Michael Nebel
dcd6a6be40
C#: Add database upgrade script for adding the using_global relation.
2022-01-14 10:10:22 +01:00
Michael Nebel
a1eff1603a
C#: Add test for global using directive.
2022-01-14 10:10:22 +01:00
Michael Nebel
c118d9bf6f
C#: Add support for the global modifier for using directives.
2022-01-14 10:10:22 +01:00
Michael Nebel
e305a8a6c5
C#: Refactor Tuples to use expression body syntax.
2022-01-14 10:10:22 +01:00
Michael Nebel
6e72f6e2c4
C#: Refactor to re-use code to extract modifier tokens.
2022-01-14 10:10:13 +01:00
Edoardo Pirovano
f2818ebb5e
Merge pull request #7489 from edoardopirovano/fix-example
...
Fix example in JavaScript query
2022-01-14 08:58:28 +00:00
Tony Torralba
8f73772955
Merge pull request #7595 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-14 09:32:13 +01:00
Anders Schack-Mulligen
0b24af901d
Merge pull request #7349 from aschackmull/dataflow/state
...
Dataflow: Add support for flow state
2022-01-14 09:12:38 +01:00
github-actions[bot]
685336fa23
Add changed framework coverage reports
2022-01-14 00:10:33 +00:00
Henry Mercer
e9bb9f5294
JS: Update names, IDs, and tags for ML-powered queries
2022-01-13 17:45:40 +00:00
Henry Mercer
8e9d8c112d
JS: Improve comments in FunctionBodyFeatures.qll
2022-01-13 17:20:42 +00:00
Henry Mercer
2aea3257cb
JS: Improve documentation for getTokenizedAstNode
2022-01-13 17:20:41 +00:00
Andrew Eisenberg
4ffd8c62ac
Merge pull request #7579 from github/aeisenberg/changenote-upgrades-removal
...
Changenotes: Add changenotes for upgrades refactoring
2022-01-13 09:09:06 -08:00
Andrew Eisenberg
c6deccf863
Minor fixes to the getting started docs
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2022-01-13 09:02:10 -08:00
Henry Mercer
92d6fecc73
Optimize performance of body tokens
...
The refactoring to remove the `CodeToFeatures` AST reintroduced a
performance problem. This commit resolves it by pushing size
restrictions into intermediate predicates.
2022-01-13 16:29:04 +00:00
Michael Nebel
71baf32596
Update csharp/ql/consistency-queries/PrimaryQlClass.ql
...
Co-authored-by: Tom Hvitved <hvitved@github.com >
2022-01-13 16:36:31 +01:00
Owen Mansel-Chan
d41c55c69c
Add needed predicates for Ruby and C#
...
This was done manually.
2022-01-13 15:10:19 +00:00
Owen Mansel-Chan
2de6340ff5
Sync FlowSummaryImpl.qll
...
Done using sync-files.py
2022-01-13 15:09:25 +00:00
Owen Mansel-Chan
83a25698bb
Allow adding inputs and outputs needing reference
2022-01-13 15:09:17 +00:00
Tony Torralba
b6886b8e43
Move code to qll file
2022-01-13 15:28:57 +01:00
Tony Torralba
81feaaec02
Refactor PathMatchGuard
2022-01-13 15:24:41 +01:00
Anders Schack-Mulligen
c44cf29992
Merge pull request #7587 from owen-mc/add-default-taint-sanitizer-guard
...
Dataflow: Add default taint sanitizer guard
2022-01-13 14:44:55 +01:00
Tony Torralba
cd9a485c47
Refactor NullOrEmptyCheckGuard
2022-01-13 14:44:08 +01:00
Anders Schack-Mulligen
61490e74d8
Merge pull request #7561 from aschackmull/java/misc-perf
...
Java: A few perf fixes for getASupertype*().
2022-01-13 14:43:28 +01:00
Mathias Vorreiter Pedersen
6148af4621
C++: Fix join order in 'getConversionType4'.
2022-01-13 13:28:36 +00:00
Anders Schack-Mulligen
f7cf327e71
Dataflow: Sync
2022-01-13 13:28:43 +01:00
Anders Schack-Mulligen
a34c981209
Dataflow: Address comments.
2022-01-13 13:28:24 +01:00
Asger Feldthaus
708408a458
JS: Recognize "sql" option as a query string
2022-01-13 13:04:41 +01:00
Anders Schack-Mulligen
69973dadb3
Merge pull request #7548 from zbazztian/spring-taint-summaries
...
Java: Add Spring and Apache Common Langs taint flow steps
2022-01-13 13:00:41 +01:00
Paolo Tranquilli
e6763c858d
C++: add bindingset to private Printf predicate
...
That predicate turned out to create a lot of tuples, of which only a
minimal part was then used in the query.
2022-01-13 11:59:48 +00:00
Paolo Tranquilli
64d15d6226
C++: fix inc.qhelp files and change notes
2022-01-13 11:59:48 +00:00
Paolo Tranquilli
7b4300e4cf
C++: Apply suggestions in documentation
...
Co-authored-by: Sarah Edwards <skedwards88@github.com >
2022-01-13 11:59:48 +00:00
Paolo Tranquilli
9d49ad9f20
C++: use includes in OverrunWrite qhelp files
...
Also added the relevant CERT C _and_ C++ standard references where they
were missing, and did some minor stylistic tweaks to
`OverrunWriteFloat.qhelp`.
2022-01-13 11:59:48 +00:00
Paolo Tranquilli
c117a1e21f
C++: demote VeryLikelyOverrunWrite cast results
...
There were some false positives where something like
int x;
// ...
sprintf(buff, "%ld", (long)x);
was considered as if the parameter had a non-trivial range analysis only
because the range of `int` is smaller than the range for `long`, without
any non-trivial range analysis actually done on `x`.
These will now be reported by `OverrunWrite` instead.
2022-01-13 11:59:48 +00:00
Paolo Tranquilli
630982cc31
C++: auto format Printf.qll
2022-01-13 11:59:48 +00:00
Paolo Tranquilli
9f811b2439
C++: remove unused variables and fix tests
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
013216d5e6
C++: exclude widening from VeryLikelyOverrunWrite
...
This also restrict what we consider "non-trivial" range analysis, as we
now require both ends to be non-trivially bounded for signed integers.
This avoids false positives stemming from a non trivial upper bound but
no meaningful lower bound, for example.
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
aac029841a
C++: doc fixes to VeryLikelyOverrunWrite
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
c8741f6475
C++: update 2021-12-14-overruning-write-split.md
...
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com >
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
1e4861a944
C++: shorten VeryLikelyOverrunWrite @name
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
106400238a
C++: tweak overrunning write qhelp files
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
8ac34f3db5
C++: NoSpecifiedEstimateReason→Unspecified...
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
4a85b9b0cc
C++: add VeryLikelyOverrunWrite.ql to cwe-120
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
97f1a5bac0
C++: add VeryLikelyOverrunWrite.qhelp
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
10b62154a1
C++: add cpp/very-likely-overruning-write help
...
Also update the help of `cpp/overruning-write`, as the case shown there
will actually not be flagged by that query any more.
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
b979f02e5d
C++: fix OverrunWrite for backward compatibility
...
Rather than testing for `TypeBoundsAnalysis`, we test that the reason is
not `ValueFlowAnalysis` (which is reported by the new
`cpp/very-likely-overruning-write` query), so that if a client has
overridden `BufferWrite::getMaxData` the `NoSpecifiedEstimateReason` is
taken into account.
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
db6214fdff
C++: add change note for new overrun write query
2022-01-13 11:59:47 +00:00
Paolo Tranquilli
a0059202db
C++: split cpp/overrunning-write into two
...
This splits the `cpp/overruning-write` into two separate queries based
off on the reason for the estimation. If the overrun is detected based
on non-trivial range analysis, the results are now marked by the new
`cpp/very-likely-overruning-write` high precision query. If it is based
on less precise, usually type based bounds, then it will still be marked
by `cpp/overruning-write` which remains at medium precision.
2022-01-13 11:59:47 +00:00
Michael Nebel
85fc127c0a
C#: Fix BDD limit issue (thank you @jbj).
2022-01-13 12:46:56 +01:00
Owen Mansel-Chan
7e42ccfbf1
Don't cache defaultTaintSanitizerGuard for java
2022-01-13 11:36:20 +00:00
Michael Nebel
7c11e2d7e9
C#: Add a consistency test for getAPrimaryQlClass
2022-01-13 12:20:42 +01:00
Michael Nebel
6b937a939b
C#: Add getAPrimaryQlClass overrides
2022-01-13 12:20:41 +01:00
Stephan Brandauer
40ad88ba53
Merge pull request #7474 from kaeluka/db-reads-as-taint-sources
...
JS: DB reads as taint sources
2022-01-13 12:06:48 +01:00
Michael Nebel
8583a4ffea
Merge pull request #7583 from michaelnebel/csharp/fix-broken-test
...
C#: Narrow string interpolation expressions to a specific single file in testcase.
2022-01-13 11:37:52 +01:00
Erik Krogh Kristensen
89bab6ae12
Merge pull request #7097 from erik-krogh/railsReDoS
...
JS/PY/RB: support a limited number of ranges for ReDoS analysis
2022-01-13 11:04:36 +01:00
Stephan Brandauer
93507a2d71
combine two implementations for database-accesses as remote flow sources
2022-01-13 10:53:58 +01:00
Michael Nebel
aacb03a74b
C#: Narrow string interpolation expressions to a specific single file in testcase.
2022-01-13 10:25:33 +01:00
Stephan Brandauer
63aaf24063
base implementation of Sequelize model on models-as-data
2022-01-13 09:41:25 +01:00
Anders Schack-Mulligen
da69886777
Merge pull request #7580 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-13 09:26:00 +01:00
Sebastian Bauersfeld
a6e4f29560
Java: Use the interface instead of the abstract class
2022-01-13 14:13:36 +07:00
Sebastian Bauersfeld
69f329ffec
Java: Add test cases for AbstractMessageSource.getMessage() methods
2022-01-13 14:13:27 +07:00
Sebastian Bauersfeld
39b6678b7d
Java: Add test case for StringEscapeUtils.escapeJson() taint step.
2022-01-13 11:18:37 +07:00
github-actions[bot]
625836a3be
Add changed framework coverage reports
2022-01-13 00:11:30 +00:00
Andrew Eisenberg
8a4120a08d
Changenotes: Add changenotes for upgrades refactoring
2022-01-12 11:38:43 -08:00
Andrew Eisenberg
e435a3e9c3
Changenotes: Add changenotes for upgrades refactoring
2022-01-12 11:36:31 -08:00
Henry Mercer
1c3c9216f5
Merge pull request #7576 from github/henrymercer/js-bump-atm-versions
...
JS: Bump ATM pack versions to 0.0.4
2022-01-12 16:53:10 +00:00
Stephan Brandauer
09a28c428c
base implementation of Spanner model on models-as-data
2022-01-12 17:07:16 +01:00
Henry Mercer
9abc3411a4
JS: Bump ATM pack versions to 0.0.4
2022-01-12 15:19:13 +00:00
Robert Marsh
5031d6c4a3
Merge pull request #7566 from MathiasVP/smaller-join-in-reachesRefParameter
...
C++: Smaller join in `reachesRefParameter`
2022-01-12 10:04:35 -05:00
Owen Mansel-Chan
8e8278764b
Add predicate defaultTaintSanitizerGuard for each language
...
This was done manually, as these files are not synced by sync-files.py.
2022-01-12 14:44:56 +00:00
Owen Mansel-Chan
c112980b81
Sync TaintTrackingImpl.qll
...
Done automatically using sync-files.py
2022-01-12 14:44:55 +00:00
Owen Mansel-Chan
9ec3d7787c
Add option for default taint sanitizer guard
...
This allows languages to specify A sanitizer guard in all
global taint flow configurations but not in local taint.
2022-01-12 14:44:55 +00:00
github-actions[bot]
8a2d92badc
Post-release preparation for codeql-cli-2.7.5
2022-01-12 13:28:43 +00:00
github-actions[bot]
970e8e1f91
Post-release preparation for codeql-cli-2.7.5
2022-01-12 13:28:33 +00:00
Henry Mercer
7f61738a23
Use US English spelling
2022-01-12 13:07:09 +00:00
Henry Mercer
6e37a65e84
Remove CodeToFeatures AST library
2022-01-12 12:47:28 +00:00
Henry Mercer
957e34d8a7
Make function body features library independent of CodeToFeatures AST
2022-01-12 12:47:28 +00:00
Henry Mercer
9e50ce873d
Move function body features into their own file
2022-01-12 12:47:28 +00:00
Henry Mercer
865fb5d0ef
Migrate representative entity -> representative function
2022-01-12 12:47:27 +00:00
Henry Mercer
0e5b493d0e
Remove CodeToFeatures AST consistency checks
...
We no longer use the `CodeToFeatures` AST, therefore these checks are
defunct.
2022-01-12 12:47:27 +00:00
Henry Mercer
387829bbb4
Extract body tokens from the JS AST, not the CodeToFeatures AST
2022-01-12 12:47:25 +00:00
Henry Mercer
3ef69763a7
Merge pull request #7567 from github/henrymercer/atm-body-tokens-perf-opt
...
ATM: Optimize body tokens by pushing in size restriction
2022-01-12 12:45:27 +00:00
Tamás Vajk
9065a7f320
Merge pull request #7573 from tamasvajk/fix/java-field-decl-tostr
...
Java: Fix toString on field declarations with single field
2022-01-12 13:03:16 +01:00
Tony Torralba
8a80e02861
Merge pull request #7574 from pwntester/improve_strings_qll
...
Add models for AbstractStringBuilder.substring,subsequence,getChars
2022-01-12 12:01:28 +01:00
Tony Torralba
c2105e506b
Added test cases
2022-01-12 11:06:58 +01:00
Alvaro Muñoz Sanchez
715d372572
Add models for AbstractStringBuilder.substring,subsequence,getChars
2022-01-12 10:54:27 +01:00
Anders Schack-Mulligen
c6a9b2b6ff
Merge pull request #7572 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-12 09:39:14 +01:00
Tamas Vajk
b9e0310aa2
Java: Fix toString on field declarations with single field
2022-01-12 09:22:16 +01:00
Michael Nebel
f17c110f51
Merge pull request #7562 from michaelnebel/csharp/record-seal-tostring
...
C#: Record types are allowed to seal ToString (test only).
2022-01-12 08:08:32 +01:00
luchua-bc
263dbd33f6
Optimize the query
2022-01-12 02:33:17 +00:00
github-actions[bot]
c79e8ab440
Add changed framework coverage reports
2022-01-12 00:10:48 +00:00
Andrew Eisenberg
e4eb2c2a59
Update docs on the output of resolve qlpacks
...
The output has changed and there are no more upgrades
packs. There are also other changes included here.
2022-01-11 15:54:53 -08:00
Andrew Eisenberg
da4f1d86aa
Merge pull request #7355 from github/aeisenberg/remove-upgrades
...
Move upgrades into standard library packs
2022-01-11 14:09:10 -08:00
Andrew Eisenberg
2b8e4b2ffa
Merge pull request #628 from github/aeisenberg/upgrades/work
...
Push upgrades pack into lib pack
2022-01-11 14:09:06 -08:00
Andrew Eisenberg
6ceebc7d1e
Merge branch 'main' into aeisenberg/upgrades/work
2022-01-11 11:27:35 -08:00
Andrew Eisenberg
07228672df
Merge branch 'main' into aeisenberg/remove-upgrades
2022-01-11 11:25:27 -08:00
Mathias Vorreiter Pedersen
c45127fdd6
Merge pull request #7541 from github/rdmarsh2/dataflow-ipa-params
...
C++: Use an IPA type rather than negative indexes for argument/parameter matching in data flow
2022-01-11 16:52:13 +00:00
Tony Torralba
7b0d9ea525
Merge pull request #7054 from atorralba/atorralba/promote-log-injection
...
Java: Promote Log Injection from experimental
2022-01-11 17:26:18 +01:00
Henry Mercer
3f70476c87
ATM: Optimize body tokens by pushing in size limit
...
Pushing the restriction to 256 tokens into the `bodyTokens` predicate
means we avoid this predicate blowing up due to very large functions.
This results in a runtime improvement from 1800s+ to 294s as measured
on a problematic repo on my machine (I didn't wait for the query to
finish running).
2022-01-11 16:16:54 +00:00
Tony Torralba
1030ff7063
Update java/ql/src/Security/CWE/CWE-117/LogInjection.ql
2022-01-11 16:25:32 +01:00
Tony Torralba
4aacba8594
Merge pull request #6468 from atorralba/atorralba/promote-cleartext-sharedprefs
...
Java: Promote Cleartext storage of sensitive information using SharedPreferences from experimental
2022-01-11 16:23:53 +01:00
Benjamin Muskalla
426f3117d6
Clarify model names and escape variables
2022-01-11 15:58:21 +01:00
Chris Smowton
6afd570c4c
Merge pull request #658 from smowton/smowton/feature/q-format-directive-is-safe
...
Note that the %q format directive escapes newlines, and therefore prevents log injection
2022-01-11 14:45:40 +00:00
Tony Torralba
394c4a9ee0
Remove unused code
2022-01-11 14:50:48 +01:00
Mathias Vorreiter Pedersen
b3a7090068
C++: Fix join in reachesRefParameter by joining with 'getEnd' instead
...
of 'getANode'.
Before:
Tuple counts for FlowVar::FlowVar::reachesRefParameter_dispred#ff/2@956ac39i after 229ms:
24806 ~1% {2} r1 = JOIN FlowVar::FlowVar_internal::parameterIsNonConstReference#f WITH Parameter::Parameter::getFunction_dispred#ff ON FIRST 1 OUTPUT Lhs.0 'p', Rhs.1
56985 ~3% {3} r2 = JOIN r1 WITH num#FlowVar::FlowVar_internal::TBlockVar#fff_12#join_rhs ON FIRST 1 OUTPUT Rhs.1 'this', Lhs.0 'p', Lhs.1
2384489 ~4% {4} r3 = JOIN r2 WITH FlowVar::FlowVar_internal::getAReachedBlockVarSBB#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1 'p', Lhs.0 'this'
49457 ~0% {2} r4 = JOIN r3 WITH SubBasicBlocks::SubBasicBlock::getANode_dispred#fb ON FIRST 2 OUTPUT Lhs.3 'this', Lhs.2 'p'
return r4
After:
Tuple counts for FlowVar::FlowVar::reachesRefParameter_dispred#ff/2@46f8bfn7 after 32ms:
24806 ~1% {2} r1 = JOIN FlowVar::FlowVar_internal::parameterIsNonConstReference#f WITH Parameter::Parameter::getFunction_dispred#ff ON FIRST 1 OUTPUT Lhs.0 'p', Rhs.1
56985 ~1% {3} r2 = JOIN r1 WITH num#FlowVar::FlowVar_internal::TBlockVar#fff_12#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0 'p', Rhs.1 'this'
56985 ~1% {3} r3 = JOIN r2 WITH SubBasicBlocks::SubBasicBlock::getEnd_dispred#fb_10#join_rhs ON FIRST 1 OUTPUT Lhs.2 'this', Rhs.1, Lhs.1 'p'
49457 ~0% {2} r4 = JOIN r3 WITH FlowVar::FlowVar_internal::getAReachedBlockVarSBB#ff ON FIRST 2 OUTPUT Lhs.0 'this', Lhs.2 'p'
return r4
2022-01-11 13:48:20 +00:00
Michael Nebel
77763d7ee5
Merge pull request #7559 from michaelnebel/csharp/const-interpolatedstring
...
C#: Constant string interpolation (test only).
2022-01-11 14:01:55 +01:00
Michael Nebel
56bc3db46a
C#: Add test case for sealed ToString modifier on a record type.
2022-01-11 13:58:43 +01:00
Michael Nebel
ae5d3a1ccb
C#: Add example of sealing ToString on a record type.
2022-01-11 13:57:29 +01:00
Anders Schack-Mulligen
fdb4851521
Java: A few perf fixes for getASupertype*().
2022-01-11 13:33:54 +01:00
Tony Torralba
50caf7d8dc
Move change note to new location and remove import
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2022-01-11 12:24:44 +01:00
Tony Torralba
b9e32208ee
Move change note to new location
2022-01-11 12:23:16 +01:00
Michael Nebel
1d8f8f79bb
C#: Add const interpolated string test case.
2022-01-11 12:02:07 +01:00
Michael Nebel
5b89f0e0b8
C#: Add example of const interpolated string.
2022-01-11 12:01:40 +01:00
Benjamin Muskalla
49d2fbfb5f
Fixed slug references and PR skips
2022-01-11 11:47:28 +01:00
Stephan Brandauer
132e0bf4b7
add database accesses as additional (heuristic) remote flow sources
2022-01-11 11:38:41 +01:00
Sebastian Bauersfeld
e2a9ced691
Java: Pass taint through Apache's StringEscapeUtils.escapeJson() method.
2022-01-11 15:49:44 +07:00
Sebastian Bauersfeld
f36ee95128
Java: Pass taint through Spring's AbstractMessageSource.getMessage() methods.
2022-01-11 15:48:29 +07:00
Anders Schack-Mulligen
2a36744deb
Merge pull request #7552 from smowton/smowton/fix/local-parameterized-classes
...
Note that parameterizations of local classes are themselves local
2022-01-11 09:36:15 +01:00
Alex Ford
b9ed8ed416
Merge pull request #7553 from github/revert-7498-dependabot/cargo/ruby/generator/clap-3.0
...
Ruby: Revert "Update clap requirement from 2.33 to 3.0 in /ruby/generator"
2022-01-10 19:36:40 +00:00
Alex Ford
17e5b9cffa
Revert "Update clap requirement from 2.33 to 3.0 in /ruby/generator"
2022-01-10 18:21:04 +00:00
Chris Smowton
e352a4b994
Note that parameterizations of local classes are themselves local
...
Previously `LocalClass` itself would match `.isLocal()` whereas `LocalClass<Param>` would not. Rather than require each individual user to check for `.getSourceDeclaration().isLocal()`, let's note that the specializations themselves are local.
2022-01-10 18:19:31 +00:00
Robert Marsh
fe355a0bc9
C++: update test comments
2022-01-10 12:38:08 -05:00
Tony Torralba
fbebf5e953
Move change note to new location
2022-01-10 17:27:02 +01:00
Tony Torralba
0e738622df
Merge branch 'main' into atorralba/promote-log-injection
2022-01-10 17:24:25 +01:00
Tony Torralba
cc92ce2754
Fix QLDoc
2022-01-10 17:13:13 +01:00
Tony Torralba
e1e5e78464
Apply suggestions from code review
...
- Update CleartextStorage library to latest refactor
- Move change note to new location
2022-01-10 17:10:55 +01:00
Tony Torralba
d17e973b6b
Apply suggestions from code review
...
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com >
2022-01-10 17:09:41 +01:00
Tony Torralba
ec8c234872
Fix predicate name
2022-01-10 17:09:41 +01:00
Tony Torralba
55dc783f28
Move from experimental and refactor
2022-01-10 17:09:37 +01:00
CodeQL CI
d912a98b02
Merge pull request #7171 from asgerf/js/mad
...
Approved by erik-krogh
2022-01-10 13:17:09 +00:00
Chris Smowton
6f598a6972
Fix formatting regex comment
2022-01-10 10:49:12 +00:00
Anders Schack-Mulligen
f590d2566e
DataFlow: Fix test.
2022-01-10 11:25:52 +01:00
Chris Smowton
ae5eadef28
Update ql/lib/semmle/go/frameworks/stdlib/Log.qll
...
Rename class
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com >
2022-01-10 10:24:30 +00:00
Anders Schack-Mulligen
c8a6798c05
Ruby: Workaround for optimiser problem.
...
A size 1 DataFlowType causes misoptimisations.
2022-01-10 11:21:18 +01:00
Tom Hvitved
d2ebbe0819
Merge pull request #7469 from hvitved/csharp/promote-adhoc-consistency-checks
...
C#: Promote existing ad-hoc consistency checks to consistency queries
2022-01-10 11:10:25 +01:00
Michael Nebel
533fc7a912
Merge pull request #7532 from michaelnebel/csharp/file-scoped-namespace
...
C#: Make support for file scoped namespace declarations.
2022-01-10 09:02:18 +01:00
Mathias Vorreiter Pedersen
a5ccd6a23b
Merge pull request #7521 from rdmarsh2/rdmarsh2/cpp/use-guards-in-overflow
2022-01-09 14:09:04 +00:00
Robert Marsh
67fb48fcc1
C++: use range analysis for hex format lengths
...
The "new" result on line 189 is a tighter bound than was previously
established, not a newly introduced location.
2022-01-07 16:16:22 -05:00
Robert Marsh
fa9242befe
C++: Add tests for bounded hex format values
2022-01-07 16:08:53 -05:00
Robert Marsh
673399719e
C++: autoformat DataFlowPrivate
2022-01-07 15:23:24 -05:00
Felicity Chapman
3b0d55e2f9
Merge pull request #5893 from niroshan/patch-1
...
Update README.md
2022-01-07 19:33:41 +00:00
Robert Marsh
78b8d113bb
C++: PR comments on DataFlow Position
2022-01-07 14:21:56 -05:00
Robert Marsh
4322a39807
C++: fix typo in Overflow.qll abs handling
2022-01-07 14:09:47 -05:00
Erik Krogh Kristensen
cc5e9fea77
add test
2022-01-07 18:44:04 +01:00
Erik Krogh Kristensen
f7a63d5ea0
remove duplicated line
2022-01-07 18:38:02 +01:00
Erik Krogh Kristensen
c8d29a9cf1
sync files
2022-01-07 18:38:02 +01:00
Erik Krogh Kristensen
1a8b6d7414
recognize ranges without upper bounds
2022-01-07 18:38:01 +01:00
Erik Krogh Kristensen
acaf294bee
support a limited number of regexp ranges
2022-01-07 18:36:30 +01:00
Robert Marsh
a126154dfb
C++: use -1 for this in dataflow Position
2022-01-07 11:39:26 -05:00
Robert Marsh
1890a14026
C++: IPA for pointer arg instead of negative index
...
This takes advantage of the new ArgumentPosition and ParameterPosition
types in the shared DataFlow library interface to represent indirections
with an IPA type rather than the negative-index system in use previously
2022-01-07 11:39:26 -05:00
Robert Marsh
4f23cce63b
C++: Accept more test output
2022-01-07 11:27:45 -05:00
Michael Nebel
23b8444348
C#: Cleanup C# source code file and add a test case for namespace delcarations.
2022-01-07 16:04:43 +01:00
Michael Nebel
b8f6d17bc1
C#: Add test for file scoped namespace.
2022-01-07 16:04:43 +01:00
Michael Nebel
a6d847b532
C#: Make support for FileScoped namespace declaration in the extrator.
2022-01-07 16:04:43 +01:00
Erik Krogh Kristensen
bb94c42a35
explicit this
...
Co-authored-by: Taus <tausbn@github.com >
2022-01-07 15:22:21 +01:00
Mathias Vorreiter Pedersen
4ee653378e
Merge pull request #7517 from MathiasVP/avoid-self-joins-in-toctou-query
...
C++: Remove bad self joins in `cpp/toctou-race-condition`.
2022-01-07 13:08:30 +00:00
Michael Nebel
94c1a489e0
Merge pull request #7507 from michaelnebel/csharp-libdataflow-cleanup
...
C#: Refactor and cleanup LibraryTypeDataFlow
2022-01-07 13:16:08 +01:00
Michael Nebel
17219eff61
Merge pull request #7530 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-07 13:15:49 +01:00
Michael Nebel
929f6ca578
C#: Address review comments.
2022-01-07 10:26:33 +01:00
Michael Nebel
d3368dcc23
C#: Remove the LibraryTypeDataFlow file as the remaining code is dead.
2022-01-07 10:26:32 +01:00
Michael Nebel
9b47249f6a
C#: Migrate the legacy clearContent flow summaries to the new framework.
2022-01-07 10:26:32 +01:00
Michael Nebel
fd317c2e7b
C#: Move RecordConstructorFlow.
2022-01-07 10:26:32 +01:00
Michael Nebel
fb950848c7
C#: Remove unused case, when converting SummaryComponent stacks.
2022-01-07 10:26:32 +01:00
Michael Nebel
5a0e6ed8e6
C#: Remove unsued predicates in CallableFlowSource and subclasses.
2022-01-07 10:26:32 +01:00
Michael Nebel
19914aba89
C#: Remove CallableFlowSink.
2022-01-07 10:26:32 +01:00
Michael Nebel
ed4d09bc8b
C#: Remove unneeded imports.
2022-01-07 10:26:32 +01:00
Michael Nebel
d042c4b3e4
C#: Remove unsused type,class and module AccessPath.
2022-01-07 10:26:32 +01:00
Michael Nebel
d5768bf4ed
C#: Remove more empty predicates.
2022-01-07 10:26:31 +01:00
Michael Nebel
a6b79926b2
C#: Remove unused predicate toCallableFlowSink.
2022-01-07 10:26:31 +01:00
Michael Nebel
ecc9593f00
C#: Remove the unused predicate callable flow.
2022-01-07 10:26:31 +01:00
Michael Nebel
c52787c741
C#: Move the declaration of synthetic fields to where they are needed.
2022-01-07 10:26:31 +01:00
Michael Nebel
608aba7cff
C#: Delete empty predicate requiresAccessPath.
2022-01-07 10:26:31 +01:00
Felicity Chapman
ad82523b91
Apply suggestions from code review
2022-01-07 08:49:37 +00:00
Felicity Chapman
95c9f89b04
Merge branch 'main' into patch-1
2022-01-07 08:49:13 +00:00
github-actions[bot]
efb1cd4f3b
Add changed framework coverage reports
2022-01-07 00:10:30 +00:00
Erik Krogh Kristensen
9afd360731
QL: recognize dependecies of the form: libraryPathDependencies: library-name
2022-01-06 23:35:28 +01:00
Chris Smowton
6b4a50567a
Merge pull request #659 from smowton/smowton/fix/path-transformer-use-realpath
...
Path transformer: use fully resolved path
2022-01-06 19:11:16 +00:00
Robert Marsh
c6da1f2be0
C++: re-add comment
2022-01-06 12:43:22 -05:00
Robert Marsh
355fc0ae63
C++: Use Guards library in Overflow.qll
...
Replaces the ad-hoc guard handling with the Guards library. Fixes an
observed false positive pattern, and (hopefully) means some pragmas are
no longer necessary for performance.
2022-01-06 12:15:37 -05:00
Robert Marsh
617bdbc5ba
C++: test for guard-by-return in Overflow.qll
2022-01-06 12:15:37 -05:00
Robert Marsh
d5682f157a
Merge pull request #7525 from MathiasVP/remove-rank-in-ssa-internals
...
C++: Remove `rank` aggregate in `SsaInternals`
2022-01-06 12:09:57 -05:00
Andrew Eisenberg
6d62227576
Merge pull request #7431 from aeisenberg/aeisenberg/solorigate-publish
...
Solorigate: Extract to separate qlpack
2022-01-06 08:53:32 -08:00
Mathias Vorreiter Pedersen
173cefd7e4
C++: Respond to PR reviews.
2022-01-06 15:39:40 +00:00
haby0
759ec31508
Delete shutil_path_injection.py file
2022-01-06 21:38:35 +08:00
Michael Nebel
b3cb250ece
Merge pull request #7516 from michaelnebel/csharp/improve-csv-validation
...
C#: Introduce Csv validation on kind.
2022-01-06 14:31:26 +01:00
Michael Nebel
9cafab1b4c
Merge pull request #7465 from michaelnebel/csharp-stringvalues-csv
...
C#: Introduce flow summaries for StringValues.
2022-01-06 14:30:29 +01:00
Rasmus Wriedt Larsen
3e1dcc3d11
Merge pull request #7518 from tausbn/python-extend-unreachable-statement-test
...
Python: Extend unreachable statement test
2022-01-06 14:07:29 +01:00
Mathias Vorreiter Pedersen
671954025d
C++: Fix qldoc.
2022-01-06 11:02:15 +00:00
Asger F
c9fcdb8261
Apply suggestions from code review
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2022-01-06 11:51:27 +01:00
Mathias Vorreiter Pedersen
2f42054f8f
C++: Rename 'hasRankInBlock' to 'hasIndexInBlock' since it's not really a rank computation anymore.
2022-01-06 10:31:05 +00:00
Mathias Vorreiter Pedersen
fdb9fb588c
C++: Remove the rank aggregate from 'SsaInternals.qll'.
2022-01-06 10:30:31 +00:00
haby0
05b0daa0b7
Add the test of shutil module in FileSystemAccess.py
2022-01-06 14:14:42 +08:00
Harry Maclean
43ddc54f2b
Ruby: Add Module#const_get as a code execution
...
Module#const_get takes a single string argument and interprets it as the
name of a constant. It then looks up the constant and returns its value.
Object.const_get("Math::PI")
# => 3.141592653589793
By itself, this method is not as dangerous as e.g. eval, but if the
value returned is a class that is then instantiated, this can allow an
attacker to instantiate arbitrary Ruby classes.
As a result, I think it's safe to say that any remote input flowing into
this call is a potential vulnerability. A real-world example of this is
https://github.com/advisories/GHSA-52p9-v744-mwjj .
2022-01-06 13:03:41 +13:00
Tom Hvitved
ac9cac78bc
Ruby: Fix typo
2022-01-06 12:27:03 +13:00
Tom Hvitved
c3fd272f9b
Ruby: Simplify getValueText logic for StringlikeLiterals
2022-01-06 12:27:03 +13:00
Tom Hvitved
799ec23b0d
Ruby: Generalize ExprChildMapping logic to AstNodes
2022-01-06 12:27:03 +13:00
Tom Hvitved
322f8356dd
Ruby: Include StringComponents in the CFG
2022-01-06 12:27:03 +13:00
Tom Hvitved
301d0bbdf8
Ruby: Restructure test to avoid dead code
2022-01-06 12:27:03 +13:00
Harry Maclean
23f1352953
Add ReDoS test that uses string interpolation
...
This exercises the support for resolving string interpolations, and is
based on a real vulnerability:
https://github.com/advisories/GHSA-jxhc-q857-3j6g )
2022-01-06 12:27:03 +13:00
Harry Maclean
32c93e70e2
Include simple interpolations in getValueText
...
When calculating `StringlikeLiteral.getValueText`, include results from
interpolations where we can determine their string value. For example:
b = "b" # local variable
D = "d" # constant
"a#{b}c" # getValueText() = "abc"
"a#{b}c{D}" # getValueText() = "abcd"
/#a#{b}c{D}/ # getValueText() = "abcd"
2022-01-06 12:27:03 +13:00
Harry Maclean
3df3fb092b
Make room for new test code
...
This change is split over several commits so it is easier to see.
This change adds some extra lines, which will be populated in the next
commit.
2022-01-06 12:26:51 +13:00
Harry Maclean
b4b91e84a3
Ruby: Fix ConstantAccessCfgNode.getValueText
...
The superclass definition uses SSA, which doesn't track constants.
2022-01-06 12:25:19 +13:00
Andrew Eisenberg
0a2f23f6f9
Update pack references in solorigate tests
2022-01-05 10:37:15 -08:00
Taus
ea538a1ee8
Merge pull request #7416 from github/not-that-kind-of-experimental
...
Remove experimental tag from non-ATM queries
2022-01-05 18:08:15 +01:00
Taus
5d4db3af15
Python: Extend unreachable statement test
...
Adds a test demostrating the false positive observed by andersfugmann.
Note that this does not change the `.expected` file, and so the tests
will fail. This is expected.
2022-01-05 16:45:38 +00:00
Chris Smowton
e0a3ec85f3
Path transformer: use fully resolved path
...
This makes source locations consistent between databases that do and don't use the `SEMMLE_PATH_TRANSFORMER` option in the case where the original source location isn't its own realpath (i.e, some parent directory is a symbolic link).
2022-01-05 16:31:31 +00:00
Chris Smowton
749698759a
Note that the %q format directive escapes newlines, and therefore prevents log injection
2022-01-05 16:04:20 +00:00
Michael Nebel
53000cf9f0
C#: Update the XSS expected file.
2022-01-05 16:44:03 +01:00
Michael Nebel
7e6d88d959
C#: Only use stubs for XSS test.
2022-01-05 16:44:03 +01:00
Michael Nebel
24543a2245
C#: Update the UrlRedirect expected file.
2022-01-05 16:44:03 +01:00
Michael Nebel
47ab2061d8
C#: Replace StringValues stub from stubs.cs with the stub in Microsoft.Extensions.Primitives.
2022-01-05 16:44:03 +01:00
Michael Nebel
b3f3c2de24
C#: Convert and cleanup flow summaries for Microsoft.Extensions.Primitives.StringValues.
2022-01-05 16:41:30 +01:00
Michael Nebel
48651a6113
C#: Update flow summaries for StringValues.
2022-01-05 16:41:30 +01:00
Michael Nebel
c36bf3cebc
C#: Reduce the amount of trash flow summaries produced for StringValues.
2022-01-05 16:41:30 +01:00
Michael Nebel
9a355c1050
C#: Add stubs for Microsoft.Extensions.Primitives.
2022-01-05 16:41:30 +01:00
Michael Nebel
586fddb0ce
Merge pull request #7509 from hvitved/csharp/stubs-from-source
...
C#: Treat QL test stubs as not from source
2022-01-05 16:40:19 +01:00
Mathias Vorreiter Pedersen
f5062c7d80
C++: Remove a bunch of bad self joins from 'cpp/toctou-race-condition'.
2022-01-05 15:28:53 +00:00
Alex Ford
f935df9865
Merge pull request #7313 from github/ruby/rails-cookie-config
...
Ruby: Add `rb/weak-cookie-configuration` query
2022-01-05 15:20:40 +00:00
Michael Nebel
83c05f72d9
C#: Update the expected output from MinimalStubsFromSource as the stubs are now considered library code and thus produced as a part of the minimal stub.
2022-01-05 15:35:42 +01:00
Alex Ford
da8c745bd8
Ruby: Restrict Rails Setting nodes to SetterMethodCalls
2022-01-05 14:11:07 +00:00
Chris Smowton
5760841812
Merge pull request #647 from smowton/smowton/admin/not-all-you-fmt-is-log
...
Declassify fmt.Fprintf as a log sink
2022-01-05 14:09:55 +00:00
Asger Feldthaus
a7698b8727
JS: Fix double space
2022-01-05 14:35:02 +01:00
Asger Feldthaus
486beda2fa
JS: Factor out common regexp in AccessPathToken
2022-01-05 14:35:02 +01:00
Asger Feldthaus
d33200ea83
JS: Add test for WithArity
2022-01-05 14:35:02 +01:00
Asger Feldthaus
21928bee6c
JS: Rename padded -> inversePad
2022-01-05 14:35:01 +01:00
Asger Feldthaus
1989d51942
JS: Update documentation in Impl.qll
2022-01-05 14:35:01 +01:00
Asger Feldthaus
3ced5c9269
JS: Resolve first N tokens instead of constructing each prefix
2022-01-05 14:35:01 +01:00
Asger Feldthaus
772681d249
JS: Initial support for models as data
2022-01-05 14:34:52 +01:00
Anders Schack-Mulligen
ef714f7328
Dataflow: Sync
2022-01-05 14:25:35 +01:00
Anders Schack-Mulligen
6b6a9df0eb
Dataflow: Remove abstract class
2022-01-05 14:13:26 +01:00
Tom Hvitved
433e373e41
C#: Remove restriction in CFG implementation to work with stubs
2022-01-05 14:12:17 +01:00
Michael Nebel
6fb112f8ec
C#: Update tests to comply with Csv validation rules for kind.
2022-01-05 13:44:47 +01:00
Michael Nebel
45469a4fe6
C#: Fix error message.
2022-01-05 13:44:47 +01:00
Michael Nebel
c88355ea13
C#: Introduce Csv validation for kind.
2022-01-05 12:48:24 +01:00
Arthur Baars
e96fcf8568
Merge pull request #7498 from github/dependabot/cargo/ruby/generator/clap-3.0
...
Update clap requirement from 2.33 to 3.0 in /ruby/generator
2022-01-05 12:24:42 +01:00
Mathias Vorreiter Pedersen
a48d5dcf48
Merge pull request #7459 from MathiasVP/promote-arithmetic-uncontrolled
...
C++: Increase precision of `cpp/arithmetic-uncontrolled` to `high`
2022-01-05 11:24:09 +00:00
Henry Mercer
19933262c4
Java: Fix copy/paste error in existing queries
...
Co-authored-by: yo-h <55373593+yo-h@users.noreply.github.com >
2022-01-05 10:50:22 +00:00
Mathias Vorreiter Pedersen
23b8b776ab
C++: Add change-note.
2022-01-05 10:12:20 +00:00
Michael Nebel
9983c1cbfb
C#: Remove generated comment checks in stub files as these are not present in handwritten stubs.
2022-01-05 10:37:37 +01:00
Mathias Vorreiter Pedersen
37c72cae3e
Merge branch 'main' into promote-arithmetic-uncontrolled
2022-01-05 08:12:47 +00:00
Anders Schack-Mulligen
fdb3cd03ef
Merge pull request #7513 from github/workflow/coverage/update
...
Update CSV framework coverage reports
2022-01-05 08:54:46 +01:00
github-actions[bot]
0aa1152899
Add changed framework coverage reports
2022-01-05 00:10:19 +00:00
Erik Krogh Kristensen
c7da8df03c
Merge pull request #7511 from erik-krogh/dedup-spaces
...
Python: remove duplicated spaces in qldoc
2022-01-04 21:39:15 +01:00
Erik Krogh Kristensen
fe1107ccac
remove duplicated spaces in qldoc
2022-01-04 21:03:06 +01:00
Andrew Eisenberg
49d239f4bf
Push upgrades pack into lib pack
...
PR Related to https://github.com/github/semmle-code/pull/40918
Removes the upgrades pack and uses ql/lib/upgrades instead.
Also, fix malformed parameter in instruction.
Co-authored-by: Chris Smowton <smowton@github.com >
2022-01-04 11:32:52 -08:00
Dave Bartolomeo
83ceb822aa
Move upgrades into standard library packs
...
Move upgrade to new location
Remove incorrectly merged files
Fix upgrades section
2022-01-04 11:30:25 -08:00
Tom Hvitved
a0766e08a1
Merge pull request #656 from github/release-prep/2.7.5
...
Release preparation for version 2.7.5
2022-01-04 18:57:50 +01:00
Alex Ford
712972cb82
Ruby: formatting
2022-01-04 16:41:23 +00:00
Alex Ford
36ea360b25
Ruby: behaviour -> behavior
2022-01-04 15:43:38 +00:00
Mathias Vorreiter Pedersen
8f843209a8
Merge pull request #7493 from MrAnno/relax-ambiguously-signed-bit-field
...
C++: relax ambiguously-signed-bit-field by allowing GLib's gboolean
2022-01-04 16:18:46 +01:00
github-actions[bot]
980c162fe3
Release preparation for version 2.7.5
2022-01-04 14:44:48 +00:00
Mathias Vorreiter Pedersen
e31185fea4
C++: add change-note for cpp/ambiguously-signed-bit-field.
2022-01-04 14:31:19 +00:00
László Várady
6496bf8c1d
C++: relax ambiguously-signed-bit-field by allowing GLib's gboolean
...
The gboolean type of GLib (a widely used C library) is a typedef to int.
It is meant to represent a simple true/false value.
Resolves #7491
2022-01-04 14:22:48 +00:00
Tom Hvitved
964915ee2e
C#: Treat QL test stubs as not from source
2022-01-04 14:53:28 +01:00
Tom Hvitved
a1bbe58516
C#: More uses of PopulateArguments
2022-01-04 13:47:55 +01:00
Alex Ford
dadaf25262
Merge branch 'main' into ruby/rails-cookie-config
2022-01-04 12:04:44 +00:00
Owen Mansel-Chan
daa55eaae2
Merge pull request #651 from erik-krogh/patches
...
various automatic patches applied to codeql-go
2022-01-04 11:46:20 +00:00
Edoardo Pirovano
081765cbe8
Apply suggestions from code review
...
Co-authored-by: Asger F <asgerf@github.com >
2022-01-04 10:07:34 +00:00
Tom Hvitved
50457d1579
Merge pull request #653 from dbartol/dbartol/move-change-notes
...
Move change notes to proper location
2022-01-04 09:35:29 +01:00
Dave Bartolomeo
171aa8bd62
Move change notes to proper location
2022-01-03 17:38:09 -05:00
Dave Bartolomeo
091906d380
Merge pull request #644 from github/post-release-prep/codeql-cli-2.7.4
...
Post-release preparation for codeql-cli-2.7.4
2022-01-03 17:09:54 -05:00
github-actions[bot]
00aae7cba5
Post-release version bumps
2022-01-03 20:10:43 +00:00
dependabot[bot]
b74af00b2b
Update clap requirement from 2.33 to 3.0 in /ruby/generator
...
Updates the requirements on [clap](https://github.com/clap-rs/clap ) to permit the latest version.
- [Release notes](https://github.com/clap-rs/clap/releases )
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/clap-rs/clap/compare/clap_generate-v3.0.0-rc.0...clap_complete-v3.0.0 )
---
updated-dependencies:
- dependency-name: clap
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-01-03 16:12:45 +00:00
Edoardo Pirovano
a616059761
Fix example in JavaScript query
2021-12-29 12:01:09 +00:00
Alex Ford
7d3932dc8d
Merge remote-tracking branch 'origin/main' into ruby/rails-cookie-config
2021-12-22 17:54:03 +00:00
Alex Ford
7f01be7067
Ruby: use new changenote format for rb/weak-cookie-configuration
2021-12-22 17:47:44 +00:00
Alex Ford
d977e8a473
Ruby: remove unnecessary custom transitive version of getReceiver
2021-12-22 17:47:44 +00:00
Alex Ford
9821c4a06c
Ruby: behaviour -> behavior
...
Co-authored-by: Nick Rolfe <nickrolfe@github.com >
2021-12-22 17:47:44 +00:00
Alex Ford
2cd02157c9
Ruby: fix import
2021-12-22 17:47:44 +00:00
Alex Ford
db967bde89
Ruby: add a change note for rb/weak-cookie-configuration
2021-12-22 17:47:44 +00:00
Alex Ford
71c5711eb3
Ruby: add some rb/weak-cookie-configuration tests
2021-12-22 17:47:44 +00:00
Alex Ford
8976469d9b
Ruby: Model some Rails cookie configuration settings
2021-12-22 17:47:44 +00:00
Alex Ford
5ce6e63590
Ruby: Tidy Rails.qll to make adding new settings modeling easier
2021-12-22 17:47:44 +00:00
Alex Ford
737f7332bc
Ruby: add rb/weak-cookie-configuration query
2021-12-22 17:47:44 +00:00
Alex Ford
8a3d1fe174
Ruby: add CookieSecurityConfigurationSetting concept
2021-12-22 17:47:43 +00:00
Tom Hvitved
8a62778e92
C#: Extract out/ref information in this(...) constructor calls
2021-12-22 13:05:58 +01:00
Tom Hvitved
a3b1fb603a
C#: Add missing tuple declarations to PatternExpr
...
`x` and `y` in `pair is var (x, y) ? x : null` are now correctly part of `PatternExpr`.
2021-12-22 13:05:58 +01:00
Tom Hvitved
915c0fdf9b
Shared SSA: Sync files
2021-12-22 13:05:58 +01:00
Tom Hvitved
05e37a7465
C#: Promote existing ad-hoc consistency checks to consistency queries
2021-12-22 13:05:58 +01:00
Mathias Vorreiter Pedersen
5a38f81e23
C++: Accept test changes.
2021-12-21 08:08:59 +01:00
Erik Krogh Kristensen
afe7ee17a0
run the use-set-literals patch
2021-12-20 17:55:19 +01:00
Erik Krogh Kristensen
d339f13629
run the non-us-language patch
2021-12-20 17:54:18 +01:00
Erik Krogh Kristensen
4459c8e7c6
run the redundant-cast patch
2021-12-20 17:53:09 +01:00
Mathias Vorreiter Pedersen
bbb936154a
C++: Increase the precision of 'cpp/uncontrolled-arithmetic' to high.
2021-12-20 14:03:13 +01:00
Mathias Vorreiter Pedersen
95fa93b274
C++: Only recognize signed integers as sinks in 'cpp/uncontrolled-arithmetic' in the case of overflow.
2021-12-20 14:02:44 +01:00
haby0
fed1d88268
Add shutil module path injection sinks
2021-12-20 16:09:06 +08:00
jorgectf
1f1b7a54f8
Update .expected
2021-12-19 18:58:43 +01:00
jorgectf
b6bdcd0eb8
Delete redundant exists()
2021-12-19 18:57:22 +01:00
jorgectf
98c8503ebd
Fix test mismatch
2021-12-19 18:35:53 +01:00
jorgectf
f82ed8573e
Model python_jwt.process_jwt
2021-12-19 18:32:14 +01:00
Andrew Eisenberg
7a38618e24
Solorigate: Post-release version bump
2021-12-17 12:30:09 -08:00
Henry Mercer
144ec8c629
JS: Update featurization for absent features optimization
...
Absent features are now represented implicitly by the absence of a row
in the `tokenFeatures` relation, rather than explicitly by an empty
string. This leads to improved runtime performance. To enable this
implicit representation, we pass the set of supported token features to
the `scoreEndpoints` HOP. Requires CodeQL CLI v2.7.4.
2021-12-17 18:04:42 +00:00
Chris Smowton
92d3da5e56
Declassify fmt.Fprintf as a log sink
...
In future we could try harder to find out whether you're Fprintf'ing to stdout, a file named xyz.log etc, but for now this causes Fprintf'ing to an HTTP writer to be mistaken for log-injection rather than just XSS.
2021-12-17 17:07:58 +00:00
Andrew Eisenberg
50ee4ab330
Solorigate: Extract to separate qlpack
...
Extracts solorigate to separate qlpacks in preparation for
publishing them to the registry.
2021-12-16 16:09:20 -08:00
Owen Mansel-Chan
da8f8e2eef
Refactor to use SummarizedCallable, sourceElement and sinkElement
2021-12-16 19:35:54 +00:00
Owen Mansel-Chan
ec3dd1e1c0
Revert "Update tests for no flow through receivers when no function body"
...
This reverts commit 06f889fce6 .
2021-12-16 19:35:54 +00:00
Owen Mansel-Chan
9b2f29bbcd
Allow data flow through receiver for modelled methods
2021-12-16 19:35:54 +00:00
Chris Smowton
ede57b6527
Merge pull request #637 from smowton/smowton/fix/log-injection-sanitizers
...
Fix sanitization by strings.Replace[All] in go/unsafe-quoting and go/log-injection
2021-12-16 12:28:40 +00:00
Dave Bartolomeo
d5ef1cf28d
Update docs/change-notes.md
...
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com >
2021-12-15 15:58:14 -05:00
Chris Smowton
f5108449a5
Update change-notes/2021-12-14-strings-replace-sanitizers.md
...
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com >
2021-12-15 20:07:34 +00:00
Henry Mercer
5696146179
Java: Convert telemetry queries to summary metrics
...
Use the support for summary metrics with messages that'll be in the next
version of the CodeQL CLI.
2021-12-15 17:59:01 +00:00
luchua-bc
29ce0e9ef1
Add sanitizer for virtual method calls
2021-12-15 16:19:50 +00:00
Sam Partington
db7b3bc136
Remove experimental tag from non-ATM queries
2021-12-15 16:17:14 +00:00
Tony Torralba
6dfe0ce7c5
Adapt chage note to new format
2021-12-15 16:57:20 +01:00
Tony Torralba
f0e9b768f2
Apply suggestions from code review
...
Co-authored-by: Felicity Chapman <felicitymay@github.com >
2021-12-15 16:53:47 +01:00
Tony Torralba
65b6c16254
Fix stub after merge
2021-12-15 16:53:47 +01:00
Tony Torralba
6363ff3c08
QLDoc
2021-12-15 16:53:46 +01:00
Tony Torralba
7a1b854678
Add change note
2021-12-15 16:53:46 +01:00
Tony Torralba
85526d71da
Add Fragment injection in PreferenceActivity query
2021-12-15 16:53:46 +01:00
Tony Torralba
701d12fb5b
Add Fragment injection query
2021-12-15 16:53:45 +01:00
Tony Torralba
efb471687c
Add stubs
2021-12-15 16:53:42 +01:00
Chris Smowton
9de1532735
Add log-injection test using strings.ReplaceAll
2021-12-15 15:35:14 +00:00
Dave Bartolomeo
e1417f18bf
Merge pull request #640 from github/release-prep/2.7.4
...
Release preparation for version 2.7.4
2021-12-14 16:42:40 -05:00
github-actions[bot]
ee6ea0f8cb
Release preparation for version 2.7.4
2021-12-14 21:34:55 +00:00
Dave Bartolomeo
d14ea51954
Merge pull request #639 from github/dbartol/fix-change-notes
...
Fix change notes
2021-12-14 14:32:56 -05:00
Dave Bartolomeo
8b0c79d16f
Add link to change-notes.md from CONTRIBUTING.md.
2021-12-14 14:30:45 -05:00
Dave Bartolomeo
744d139daf
Add more examples
2021-12-14 14:24:39 -05:00
Dave Bartolomeo
97193f72b3
Update Adding change notes.md
...
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com >
2021-12-14 14:15:34 -05:00
Dave Bartolomeo
1a2899168f
Remove stray text
2021-12-14 14:15:00 -05:00
Dave Bartolomeo
e1c9bf2b30
Fix PR feedback
2021-12-14 14:13:07 -05:00
Dave Bartolomeo
a23fe04ccb
Add instructions for creating change notes.
2021-12-14 13:42:52 -05:00
Dave Bartolomeo
a3e5b4c99c
Move pre-packaging change notes to old-change-notes directory
2021-12-14 12:46:56 -05:00
Dave Bartolomeo
42ecc9b1c7
Move new change notes to appropriate pack
2021-12-14 12:46:19 -05:00
Chris Smowton
bd806a8ff7
Merge pull request #638 from owen-mc/test-database-sql-models
...
Add missing tests for DatabaseSql function models
2021-12-14 17:22:40 +00:00
Chris Smowton
f86510ee20
Update comment
2021-12-14 12:39:31 +00:00
Chris Smowton
c2b42ce091
Fix sanitization by strings.Replace[All] in go/unsafe-quoting and go/log-injection
2021-12-14 12:37:18 +00:00
Owen Mansel-Chan
6a2a8298dd
Add missing tests for DatabaseSql function models
2021-12-13 14:18:46 -05:00
Chris Smowton
9309abf8cd
Merge pull request #574 from sauyon/dataflow-update
...
Update dataflow libraries and add support for CSV summary flow
2021-12-13 11:28:28 +00:00
Chris Smowton
89b2a2f9b0
Merge pull request #633 from owen-mc/database-sql-model-incorrect
...
Fix incorrect type name in database/sql model
2021-12-13 11:01:38 +00:00
Chris Smowton
559aec1d64
Merge pull request #632 from owen-mc/refactor-variadic-helper-functions-for-builtin-functions
...
Refactor isVariadic helper functions
2021-12-13 10:59:42 +00:00
Chris Smowton
08c10bf97b
Merge pull request #625 from smowton/smowton/fix/minor-perf-improvements
...
Improve performance: join-order AllocationSizeOverflow's source and use `matches` not `regexpFind`
2021-12-13 10:36:02 +00:00
Owen Mansel-Chan
ce27b0da52
Fix incorrect type name in database/sql model
...
This error seems to have been introduced in
36bbf1eeb9
2021-12-12 17:47:52 -05:00
Owen Mansel-Chan
353aa8d603
Refactor isVariadic helper functions
...
Store information more naturally for built-in functions.
2021-12-12 16:56:26 -05:00
liangjinhuang
77b5f422ba
change PasswordFnSink to RandomFnSink
2021-12-11 12:31:20 +08:00
Dave Bartolomeo
b57d3296f1
Merge pull request #620 from github/aeisenberg/version-policies
...
Add version policies
2021-12-10 17:39:15 -05:00
Andrew Eisenberg
3cc48fea6a
Merge pull request #622 from github/post-release/v2.7.3
...
Post release/v2.7.3
2021-12-10 10:00:11 -08:00
Chris Smowton
e9e4f5a687
Improve performance: join-order AllocationSizeOverflow's source and use matches not regexpFind
...
The join order fix takes 10 seconds off that predicate; the get-a-flag changes take about 25% off compared to using regexes.
2021-12-10 12:23:50 +00:00
Anders Schack-Mulligen
464b9c3991
Dataflow: Sync.
2021-12-10 11:20:01 +01:00
Anders Schack-Mulligen
32cb8f362b
Dataflow: Add test for FlowState.
2021-12-10 11:20:01 +01:00
Anders Schack-Mulligen
219bf51ec2
Dataflow: Add support for flow state.
2021-12-10 11:20:01 +01:00
Chris Smowton
facda77852
Dataflow relations: narrow all dataflow nodes before taking product with Configurations
...
This is particularly important for ConversionWithoutBoundsCheckConfig which has 20 configs. By paring DataFlow::Node down to only those that have a local-flow successor, or only those with an isAdditionalFlowStep for some related configuration, the result size can be significantly reduced prior to taking the product against Configuration and finally paring down using config.fullBarrier etc.
Saves about 1m20s per analysis on cockroachdb.
2021-12-09 16:56:38 +00:00
Andrew Eisenberg
cedf55c46e
Update pack dependency
2021-12-09 07:58:14 -08:00
Owen Mansel-Chan
b234ba7f26
Fix bad join order in getAFalsifiedGuard
...
viableParamArg should be evaluated first.
2021-12-08 17:33:59 -05:00
Owen Mansel-Chan
06f889fce6
Update tests for no flow through receivers when no function body
...
This branch originally included a commit to enable flow through receivers
when there is no function body. This was dropped, to be pursued later.
2021-12-08 16:03:18 -05:00
Owen Mansel-Chan
88e7c44a6d
Update expected test results with extra nodes
2021-12-08 15:28:28 -05:00
Owen Mansel-Chan
a01f90b903
Give DataFlowCallable a user-facing name (Callable), move to Scopes.qll
...
I removed asFunctionNode() because it would need an import, but it
doesn't seem to be used anywhere.
2021-12-08 11:30:39 -05:00
Owen Mansel-Chan
a6532b988f
Allow implicit taint reads through more content types
2021-12-08 11:20:38 -05:00
Owen Mansel-Chan
754c838cc0
Fix accidental cartesian product
...
PointerContent needs to have the PointerType specified as well
2021-12-08 11:20:37 -05:00
Owen Mansel-Chan
d70307243c
Fix bad join order in BarrierGuard.guards/2
2021-12-08 11:20:37 -05:00
Owen Mansel-Chan
1a9ea38c0b
Update non-shared dataflow files to match sync
2021-12-08 11:20:36 -05:00
Owen Mansel-Chan
095fe6e4a7
Do not allow "Argument" on its own
...
# Conflicts:
# ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.expected
2021-12-08 11:20:36 -05:00
Sauyon Lee
b2f62b185d
Allow for Return[i] specifications
2021-12-08 11:20:36 -05:00
Owen Mansel-Chan
578a31ecd8
Keep call to defaultTaintSanitizerGuard
2021-12-08 11:20:35 -05:00
Owen Mansel-Chan
01bfbde9ae
Sync dataflow libraries again
2021-12-08 11:20:35 -05:00
Owen Mansel-Chan
1a299d2e09
Update sync-dataflow-libraries target in Makefile
...
The location of the dataflow libraries in codeql-go has changed
and there is a new file to be synced.
2021-12-08 11:20:34 -05:00
Owen Mansel-Chan
16fdb9aa11
Do not test ReturnValue as input for sink
...
The documentation in ExternalFlow.qll does not specify
that "ReturnValue" can be used as the input column.
2021-12-08 11:20:34 -05:00
Owen Mansel-Chan
63b944a1b4
Another instance of getEnclosingFunction -> getRoot
2021-12-08 11:20:34 -05:00
Chris Smowton
3cf1459c4f
Revert getACallee type change
2021-12-08 11:20:33 -05:00
Chris Smowton
6110506e02
Revert "Make getACallee return DataFlowCallable"
...
This reverts commit b4742ccdf81bec3f872923da79953c61dea103f6.
2021-12-08 11:20:33 -05:00
Owen Mansel-Chan
5ec0b09160
Diasble clearing content and add test for it
2021-12-08 11:20:32 -05:00
Owen Mansel-Chan
e940a53cc6
Test models of flow through fields
2021-12-08 11:20:32 -05:00
Owen Mansel-Chan
2d8fd71189
Comment on why summaryDataFlowCall is none()
2021-12-08 11:20:31 -05:00
Owen Mansel-Chan
adf3dc0c61
Move type assertion into declared type
2021-12-08 11:20:31 -05:00
Owen Mansel-Chan
9f763dd044
Move built-in models to ExternalFlow
2021-12-08 11:20:30 -05:00
Owen Mansel-Chan
d717734820
Do not allow "Argument" on its own
2021-12-08 11:20:30 -05:00
Owen Mansel-Chan
d2ca1fb2eb
Address review comments #2
2021-12-08 11:20:29 -05:00
Owen Mansel-Chan
12058a2621
Fix containerStoreStep and containerReadStep
2021-12-08 11:20:29 -05:00
Owen Mansel-Chan
ab8096b717
Add tests for more content types (Element, MapKey, MapValue)
2021-12-08 11:20:28 -05:00
Owen Mansel-Chan
b7aa85b054
Address some review comments
2021-12-08 11:20:28 -05:00
Owen Mansel-Chan
f375553933
Add variadic functions test for function models
2021-12-08 11:20:27 -05:00
Owen Mansel-Chan
b75def62fe
Add variadic functions test for external flow
2021-12-08 11:20:27 -05:00
Owen Mansel-Chan
d9848fe515
Add more tests for variadic functions
2021-12-08 11:20:27 -05:00
Owen Mansel-Chan
8044fb2519
Add more flow tests for external flow
2021-12-08 11:20:26 -05:00
Owen Mansel-Chan
63d997f820
(Unimportant) Fix module name for vendored stubs
...
This doesn't affect the test, but does mean that you can run
`go build` to check the test would build.
2021-12-08 11:20:26 -05:00
Owen Mansel-Chan
1929a1f7a7
Fix unrelated test in experimental
2021-12-08 11:20:25 -05:00
Owen Mansel-Chan
5e38f48b74
Autoformat
2021-12-08 11:20:25 -05:00
Owen Mansel-Chan
a3df3614a5
Convert completetest to an inline flow test
2021-12-08 11:20:24 -05:00
Owen Mansel-Chan
8f7a34f9cb
Fix external flow tests
2021-12-08 11:20:24 -05:00
Owen Mansel-Chan
71bf834765
Fix incorrect assumption
...
node2 doesn't have to be a PostUpdateNode
2021-12-08 11:20:23 -05:00
Sauyon Lee
3379790686
add flow test involving CSV
2021-12-08 11:20:22 -05:00
Sauyon Lee
a632a58221
add CSV models of append
2021-12-08 11:20:22 -05:00
Sauyon Lee
070e383516
allow empty namespaces for Go
2021-12-08 11:20:21 -05:00
Owen Mansel-Chan
70c9ca5611
Update documentation in ExternalFlow.qll
2021-12-08 11:20:21 -05:00
Owen Mansel-Chan
038f951e9f
Fix containerStoreStep
...
Update some comments as well, and change a variable name
2021-12-08 11:20:20 -05:00
Owen Mansel-Chan
be6501d8e4
Add tests for data and taint flow through arrays and var args
2021-12-08 11:20:20 -05:00
Sauyon Lee
2060731077
Add tests for external flow
2021-12-08 11:20:20 -05:00
Rasmus Wriedt Larsen
a650c56c0c
Tag queries with CWE-328
...
CWE-328: Use of Weak Hash, see https://cwe.mitre.org/data/definitions/328.html
2021-12-07 20:54:31 +00:00
Sauyon Lee
873f496038
Use basicLocalFlowStep instead of .getASuccessor
...
This prevents non-monotonic recursion through summary post-update nodes
2021-12-07 07:39:28 -05:00
Sauyon Lee
afe7edc093
Fix test output
...
Includes a bunch of new edges, but no new results
2021-12-07 07:39:28 -05:00
Sauyon Lee
0572c4785c
Model net http sources as csv
2021-12-07 07:39:27 -05:00
Sauyon Lee
bebdb0ba53
Add RangeIndexNode
2021-12-07 07:39:27 -05:00
Sauyon Lee
3750af41d3
Add standard container steps
2021-12-07 07:39:27 -05:00
Sauyon Lee
8c4a1d2559
Consider CSV remote sources as untrusted flow sources
2021-12-07 07:39:26 -05:00
Sauyon Lee
d62f417130
Remove uses of getEnclosingCallable
2021-12-07 07:39:26 -05:00
Sauyon Lee
30ab22f5a6
Fix compilation errors with new DataFlowCallable
2021-12-07 07:39:26 -05:00
Chris Smowton
b10d5cf0b0
Broaden ReturnNode to include return nodes of summaries
2021-12-07 07:39:25 -05:00
Chris Smowton
94d9d08489
Fix DataFlow::Node::getEnclosingCallable
2021-12-07 07:39:25 -05:00
Sauyon Lee
c8a2a6356a
Add summary parameter nodes
2021-12-07 07:39:25 -05:00
Sauyon Lee
4af4a11729
Make getACallee return DataFlowCallable
2021-12-07 07:39:24 -05:00
Sauyon Lee
8cba368ef5
Model archive/tar.FileInfoHeader in CSV
2021-12-07 07:39:24 -05:00
Sauyon Lee
86d3410041
Add asFunctionNode to new dataflowcallable
2021-12-07 07:39:23 -05:00
Sauyon Lee
d9383d9412
Don't use internal predicates in revel
2021-12-07 07:39:23 -05:00
Sauyon Lee
73684f483c
Allow for Return[i] specifications
2021-12-07 07:39:22 -05:00
Sauyon Lee
aa747ea5ff
Fix validation regexes for go
2021-12-07 07:39:22 -05:00
Sauyon Lee
0151cd4f2e
Document SourceOrSinkElement
2021-12-07 07:39:22 -05:00
Sauyon Lee
0b50b7b2b1
Make DataFlowCallable either a Function or a FuncLit
2021-12-07 07:39:21 -05:00
Sauyon Lee
3ac2a50497
Update test output
2021-12-07 07:39:21 -05:00
Owen Mansel-Chan
763861bef9
Keep call to defaultTaintSanitizerGuard
2021-12-07 07:39:21 -05:00
Sauyon Lee
e41d609921
Use newtype for SourceOrSinkElement
2021-12-07 07:39:20 -05:00
Sauyon Lee
9bfe1c94b3
autoformat
2021-12-07 07:39:20 -05:00
Sauyon Lee
16371ac488
Add support for summary elements
2021-12-07 07:39:19 -05:00
Sauyon Lee
96c58b58dd
Add EmptyInterfaceType
2021-12-07 07:39:19 -05:00
Sauyon Lee
26d00f1d5b
Move basicLocalFlowsStep to DataFlowPrivate
2021-12-07 07:39:19 -05:00
Sauyon Lee
3098a4ef16
Qualify uses and add imports in DataFlowNodes
2021-12-07 07:39:18 -05:00
Sauyon Lee
93f2569f1d
Refactor data-flow nodes
2021-12-07 07:39:18 -05:00
Sauyon Lee
9ceda08d13
Sync dataflow libraries
2021-12-07 07:39:12 -05:00
Benjamin Muskalla
557cb0a09e
Add job name
2021-12-06 11:42:03 +01:00
Benjamin Muskalla
657c576186
Skip diffs if same branch
2021-12-06 11:30:14 +01:00
Benjamin Muskalla
38debc0b64
Remove push trigger
2021-12-06 11:21:15 +01:00
liangjinhuang
1102f60f3e
add tests
2021-12-04 00:52:15 +08:00
Sauyon Lee
4c67ef2b0b
Add FlowSummaryImpl to sync-dataflow-nodes target
2021-12-02 10:31:01 -05:00
Sauyon Lee
459f4d18a8
Fix sync-dataflow-libraries
2021-12-02 10:31:01 -05:00
luchua-bc
8bcffc2886
Query to detect unsafe request dispatcher usage
2021-12-02 04:00:29 +00:00
Andrew Eisenberg
b714988d7c
Post release 2.7.3
2021-12-01 14:34:07 -08:00
Andrew Eisenberg
e9864c5506
Add version policies
...
This controls how the qlpacks' versions will change
after a release.
2021-12-01 09:37:11 -08:00
Dave Bartolomeo
b2ca04ce1b
Temporarily vendor codeql/suite-helpers
2021-12-01 11:40:10 -05:00
Chris Smowton
894102defd
Merge pull request #621 from owen-mc/extractor-add-variadic-to-type-label
...
Update extractor to distinguish variadic and non-variadic signature types
2021-12-01 15:44:09 +00:00
Owen Mansel-Chan
d0c9aacd54
Distinguish variadic and non-variadic signature types in extractor
2021-12-01 09:33:44 -05:00
Owen Mansel-Chan
628835d3b3
Add failing tests for isVariadic
...
`nonvariadicDeclaredFunction` has the same signature as
`variadicDeclaredFunction`, so it is being erroneously reported as
variadic.
2021-12-01 09:32:12 -05:00
Chris Smowton
e07958d64c
Merge pull request #619 from owen-mc/update-is-variadic
...
Update `isVariadic`
2021-12-01 08:48:16 +00:00
Dave Bartolomeo
02495e16d1
Merge pull request #618 from github/release-prep/2.7.3
...
Release preparation for version 2.7.3
2021-11-30 17:29:49 -05:00
github-actions[bot]
e4b5dceb14
Release preparation for version 2.7.3
2021-11-30 20:39:28 +00:00
Owen Mansel-Chan
e08007b287
Add missing qldocs for two isVariadic() predicates
2021-11-30 15:13:42 -05:00
Owen Mansel-Chan
acc5c4098a
Fix Function.isVariadic to work on external packages
...
Going via `getFuncDecl()` didn't work as we don't function declarations
from external packages. It works to use `getType()` instead.
2021-11-30 15:11:34 -05:00
Owen Mansel-Chan
a6d8deae3e
Add Fmt.Fprint to isVariadic tests
...
We didn't have any tests involving a function in an imported package.
2021-11-30 15:07:57 -05:00
Dave Bartolomeo
9373bdc206
Fix suite-helpers dependency
2021-11-30 11:35:26 -05:00
Benjamin Muskalla
d181ee1701
Shorten workflow name
...
This will show up including the job name anyway
```
Models as Data / model-diff (apache/commons-codec)
```
2021-11-30 12:19:10 +01:00
Benjamin Muskalla
5e69eb491f
Generate diff and archive results
2021-11-30 12:19:10 +01:00
Benjamin Muskalla
734422f384
Generate the models for each variant
2021-11-30 12:19:10 +01:00
Benjamin Muskalla
9672128699
Download database
2021-11-30 12:19:10 +01:00
Benjamin Muskalla
c0a3cd07a5
Add default projects
2021-11-30 12:19:09 +01:00
Benjamin Muskalla
881539c735
Add scaffolding for model diff job
2021-11-30 12:19:09 +01:00
Dave Bartolomeo
8367fdbec4
Change notes
2021-11-29 16:47:56 -05:00
Dave Bartolomeo
52b68963d2
Prepare for automatic release prep
2021-11-29 16:47:30 -05:00
Erik Krogh Kristensen
adbe19878f
Merge pull request #615 from erik-krogh/explicit-this
...
apply the implicit-this patch to the remaining go code
2021-11-29 17:16:43 +01:00
Chris Smowton
b37fa9c447
Merge pull request #614 from owen-mc/always-extract-empty-interface-type
...
Always extract empty interface type
2021-11-29 12:15:52 +00:00
Erik Krogh Kristensen
1ade6c55d8
apply the implicit-this patch to the remaining go code
2021-11-29 13:10:04 +01:00
liangjinhuang
d0ac11817e
add insecureRandomness
2021-11-28 20:47:06 +08:00
Owen Mansel-Chan
f9a3832aa2
Add extractor test that empty interface type exists
2021-11-26 15:16:09 -05:00
Owen Mansel-Chan
d35a46e2f3
Always extract an empty interface type
2021-11-26 15:04:05 -05:00
Tony Torralba
662f880ab8
Merge pull request #609 from github/atorralba/log-injection-query
...
Go: Add Log Injection query (CWE-117)
2021-11-24 15:41:43 +01:00
Tony Torralba
cc8d9bdc7f
Update ql/src/Security/CWE-117/LogInjection.qhelp
...
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com >
2021-11-24 13:57:34 +01:00
Chris Smowton
5ed4e3651b
Merge pull request #611 from tunnelshade/main
...
Add `Where` method of squirrel sql builders to query range
2021-11-23 11:13:19 +00:00
Chris Smowton
ab9ab106e5
Merge pull request #612 from smowton/smowton/fix/zipslip-sanitizer-guard-efficiency
...
Improve ZipSlip sanitizer guard efficiency
2021-11-23 09:35:54 +00:00
tunnelshade
aeaa861fc6
Add Where method of squirrel sql builders to query range
2021-11-23 10:11:31 +05:30
Chris Smowton
271e239dee
Introduce manual magic to TaintedPathSanitizerGuardAsBacktrackingSanitizerGuard
...
This avoids computing the full `localTaint` relation when actually there are few `TaintedPath::SanitizerGuard` instances to start from.
2021-11-22 17:41:56 +00:00
Chris Smowton
8bf78b07e5
Avoid recursively defining DataFlow::BarrierGuard
...
In fact there never was true recursion, but the compiler thought there could be because it supposed that ZipSlip::SanitizerGuard growing may introduce instances that happen to also satisfy TaintedPath::SanitizerGuard. In fact this never happens, but here we make it clear by defining the shared sanitizer guards outside the DataFlow::BarrierGuard hierarchy and then introducing the sanitizers in each query that uses them.
2021-11-22 17:36:06 +00:00
Tony Torralba
f2017b626e
Fix stubs
2021-11-22 09:15:12 +01:00
Tony Torralba
c9332cdccb
Fix *Depth log levels in glog and klog
2021-11-22 09:15:01 +01:00
Tony Torralba
d4a20f1222
Autoformat
2021-11-19 18:04:51 +01:00
Tony Torralba
c886d10388
Add Log Injection query
2021-11-19 17:55:34 +01:00
Chris Smowton
4cae4b23fc
Merge pull request #606 from github/criemen/update-tracing-config
...
Update tracing-config.lua to newest API.
2021-11-17 10:49:20 +00:00
Chris Smowton
b190c4ed4a
Merge pull request #608 from smowton/smowton/fix/missing-id
...
Add missing @id tag
2021-11-16 20:06:06 +00:00
Chris Smowton
33fd1aaf2a
Add missing @id tag
2021-11-16 18:52:41 +00:00
jorgectf
840cded9b0
Avoid using Str_ in CookieHeader
2021-11-16 19:18:00 +01:00
jorgectf
a4204cc04f
Avoid using Str_ internal class
2021-11-16 19:00:04 +01:00
jorgectf
6ecb6d1a1b
Adapt Django and Flask to their main modelings
2021-11-16 14:59:41 +01:00
jorgectf
e7d649f36d
Make Cookie concept extend HTTP::Server::CookieWrite
2021-11-16 13:54:25 +01:00
jorgectf
cb8e54e38e
Delete redundant LXMLParser dangerous check
2021-11-16 13:27:24 +01:00
jorgectf
637901d980
Make concepts instances of their ranges
2021-11-16 13:25:29 +01:00
ihsinme
c916bed853
Update test1.cpp
2021-11-15 16:29:51 +03:00
Cornelius Riemenschneider
b3e2a83298
Update tracing-config.lua to newest API.
2021-11-15 12:35:53 +01:00
ihsinme
99740876cb
Add files via upload
2021-11-14 11:28:27 +03:00
Chris Smowton
792bc4bce0
Merge pull request #596 from pupiles/feature/cwe-090
...
CWE-090: Ldap Injection
2021-11-10 11:31:36 +00:00
Chris Smowton
f3ba40e29d
Update test expectations
2021-11-10 09:42:19 +00:00
Chris Smowton
1ebb47feb3
Fix filename spelling error
2021-11-10 09:29:50 +00:00
Chris Smowton
2953a44b36
Revert changes to go.sum
2021-11-10 09:25:40 +00:00
pupiles
4d9ce49816
use stubs libs && add heuristic sanitizers
2021-11-10 14:12:45 +08:00
pupiles
70a268dc6d
remove redundant reference lib
2021-11-09 21:35:46 +08:00
pupiles
97d4359881
add test code
2021-11-09 21:31:35 +08:00
Chris Smowton
f7e6b0ad5d
Merge pull request #603 from github/criemen/lua-tracing-config
...
Add port of the existing compiler-tracing.spec files to the new Lua tracing infrastructure.
2021-11-09 11:36:03 +00:00
Chris Smowton
2c5fe1dedc
File names should be camel-case
2021-11-09 10:45:09 +00:00
Chris Smowton
bc9300ebf5
Copyedit examples
...
Fragments suffice for illustration, and the two bad and good examples can be easily combined
2021-11-09 10:42:58 +00:00
Chris Smowton
c18b11a470
Copy-edit query:
...
* Regular comments to qldoc
* Improve naming
* Update out-of-date documentation from earlier versions of the query
2021-11-09 10:31:30 +00:00
Chris Smowton
dda425ca8d
Improve query style
...
No need to highlight the sink again in the message when the sink is the alert location to begin with
2021-11-09 10:08:02 +00:00
Chris Smowton
f7c19dea71
Copyedit qhelp
2021-11-09 10:05:18 +00:00
pupiles
7f68f85002
fomat .ql inline comment
2021-11-09 14:42:32 +08:00
ihsinme
8ddfea1dee
Update cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.qhelp
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2021-11-09 09:20:39 +03:00
Chris Smowton
f96733f270
Merge pull request #602 from github/criemen/update-tracing-config
...
Remove macos compatibility stanzas from tracing config.
2021-11-08 11:46:44 +00:00
Cornelius Riemenschneider
17a9dbfb62
Add port of the existing compiler-tracing.spec files to the new Lua tracing infrastructure.
2021-11-08 12:29:06 +01:00
Cornelius Riemenschneider
a49265fb63
Remove macos compatibility stanzas from tracing config.
2021-11-08 11:27:27 +01:00
jorgectf
83e3de1fed
Polish documentation.
2021-11-05 21:05:33 +01:00
jorgectf
ed74bd6800
Merge remote-tracking branch 'origin/main' into jorgectf/python/insecure-cookie
2021-11-05 20:14:06 +01:00
jorgectf
86aac7c215
Add/Update .expected files.
2021-11-05 20:13:12 +01:00
jorgectf
a420e6e18d
Add CookieInjection.qlref
2021-11-05 20:12:56 +01:00
jorgectf
cf47e8eb9c
Fix endpoints' naming
2021-11-05 20:12:35 +01:00
jorgectf
b3258ce20f
Add CookieInjection sample and .qhelp
2021-11-05 20:12:05 +01:00
jorgectf
d7a79469e6
Improve tests
2021-11-05 20:08:52 +01:00
jorgectf
4cb78ac654
Fix typo
2021-11-05 20:08:37 +01:00
pupiles
c97d0c6ce5
Remove redundant code
2021-11-05 13:14:28 +08:00
Chris Smowton
d1a2fbe96b
Merge pull request #573 from npesaresi/feature/SSRF
...
Yet another SSRF query for Golang
2021-11-04 17:36:21 +00:00
Chris Smowton
233269869c
Tidy sanitizers, using instanceof not extends or a charpred where possible
2021-11-04 16:26:14 +00:00
Chris Smowton
23855979d5
Include UntrustedFlowSource into ServerSideRequestForgery::Source but not vice versa
2021-11-04 16:19:22 +00:00
Chris Smowton
9e218a70bb
Make imports private
2021-11-04 15:32:37 +00:00
Chris Smowton
18028dca2d
Share repeated regex
2021-11-04 15:30:34 +00:00
Chris Smowton
648a70945d
Copyedit docs and improve naming
2021-11-04 15:30:29 +00:00
Chris Smowton
a9c853257d
Fix qhelp good example
2021-11-04 14:42:54 +00:00
Chris Smowton
5256725359
Copyedit qhelp
2021-11-04 14:41:38 +00:00
valeria-meli
b84f31e918
format
2021-11-04 10:01:38 -03:00
Valeria
9f52a6654e
Merge branch 'main' into feature/SSRF
2021-11-04 09:56:10 -03:00
Tony Torralba
6613a98e02
Fix references to logging library
2021-11-04 09:15:57 +01:00
Tony Torralba
ea7e259cfc
Add change note
2021-11-04 08:51:13 +01:00
Tony Torralba
474bf576a7
Minor corrections in QLDoc, qhelp and example code
2021-11-04 08:46:23 +01:00
pupiles
4f1052b3a7
feature add common sanitizer
2021-11-04 13:16:24 +08:00
Tony Torralba
f1df542345
Add stubs & tests
...
Fix mistakes detected by the tests
2021-11-03 17:26:13 +01:00
Chris Smowton
6d90b81655
Merge pull request #597 from owen-mc/var-args
...
Update dbscheme to add table for variadic signature types
2021-11-03 11:29:45 +00:00
Chris Smowton
b023b405b1
Merge pull request #599 from smowton/smowton/fix/comparison-barrier-join-order
...
Improve join order in InsufficientKeySize.ql
2021-11-03 10:08:25 +00:00
Tony Torralba
7d88f80fb9
Add tests for summaries
2021-11-03 10:35:38 +01:00
Chris Smowton
a10407823a
Merge pull request #600 from owen-mc/incorrect-integer-conversion
...
Improve "Incorrect integer conversion" query
2021-11-02 17:00:29 +00:00
Owen Mansel-Chan
8ea1f87d2b
Add change note
2021-11-02 15:09:43 +00:00
Owen Mansel-Chan
7c1b7b8810
Fix strictnessOffset in isBoundFor
2021-11-02 15:09:39 +00:00
Owen Mansel-Chan
7de6e17d86
Recognise math.MaxInt and math.MaxUint
...
Treat them as if we were on a 32-bit architecture.
2021-11-02 15:09:06 +00:00
Owen Mansel-Chan
a104a50940
Move max int value call into UpperBoundCheckGuard
2021-11-02 15:09:06 +00:00
Owen Mansel-Chan
5027d3fa44
Avoid using getIntValue()
...
Because it does not have a result if the value is
too large to fit in a 32-bit signed integer type
2021-11-02 15:09:05 +00:00
Owen Mansel-Chan
2cc0c80188
Add extra tests
2021-11-02 15:09:05 +00:00
Owen Mansel-Chan
be22373f3e
Move Incorrect Integer Conversion tests to InlineFlowTest
2021-11-02 15:09:00 +00:00
Owen Mansel-Chan
109e3660f8
Split Incorrect Integer Conversion into query and lib files
...
This is in preparation for changing the tests to use inline
expectations
2021-11-02 12:43:54 +00:00
Owen Mansel-Chan
7d333d7dbe
Add InlineFlowTest as simple inline expectation test
2021-11-02 12:43:54 +00:00
Chris Smowton
a92f144469
Improve join order in InsufficientKeySize.ql
2021-11-02 10:54:51 +00:00
Tony Torralba
ebd6529469
WIP: add tests
2021-11-02 10:37:41 +01:00
Owen Mansel-Chan
644c89b751
Update expected values for tests in the same folders
2021-11-01 21:38:41 +00:00
Owen Mansel-Chan
f2757135f2
Add tests for isVariadic() on FuncDef and Function
2021-11-01 16:00:50 +00:00
Owen Mansel-Chan
e6a57b22a2
Add isVariadic() on FuncDecl and Function
2021-11-01 16:00:49 +00:00
Owen Mansel-Chan
245d85ae97
Update dbscheme to add table for variadic signature types
2021-11-01 16:00:49 +00:00
Chris Smowton
c6c25eeff6
Merge pull request #598 from GleasonK/main
...
Fixed broken/moved/redirected links.
2021-11-01 12:08:59 +00:00
Chris Smowton
b365ac5c31
QL -> CodeQL
2021-11-01 10:43:24 +00:00
Chris Smowton
9cb783dffa
Better link for CONTRIBUTING.md section 4
2021-11-01 10:42:13 +00:00
Kevin Gleason
49f4e3742f
Fixed broken/moved/redirected links.
2021-10-29 17:17:17 -04:00
Tony Torralba
3ea1af3819
Refactor into separate libraries
2021-10-29 17:36:02 +02:00
pupiles
adea73da23
Merge branch 'main' into feature/cwe-090
2021-10-29 20:46:50 +08:00
pupiles
cd230bf9d7
feat:add ldap sink &&change code style
2021-10-29 20:44:03 +08:00
Chris Smowton
5cdeb40d6b
Merge pull request #594 from owen-mc/insufficient-key-size-barrier-guard
...
Add barrier guard for comparison in Insufficient Key Size query
2021-10-29 12:32:29 +01:00
Chris Smowton
004beab750
Add a good variant of test case foo10
2021-10-29 11:07:30 +01:00
Tony Torralba
7f15177498
Move from experimental
2021-10-29 10:19:05 +02:00
zhouxufeng
89a03d46ea
add ldap inject source
2021-10-29 11:27:48 +08:00
jorgectf
066b40098c
Add lxml.etree.XMLParser missing resolve_entities dangerous case
2021-10-28 19:34:15 +02:00
zhouxufeng
bcdf17d16f
feat ldap inject
2021-10-28 20:42:06 +08:00
valeria-meli
434571067f
Merge branch 'main' into feature/SSRF
2021-10-28 09:06:58 -03:00
valeria-meli
9615544092
Merge commit 'e784c356916468d4f40b8f47899970c4e75dada9' into main
2021-10-28 09:06:17 -03:00
Rasmus Wriedt Larsen
58bc1102e5
Merge branch 'main' into jorgectf/python/deserialization
2021-10-28 12:31:34 +02:00
Owen Mansel-Chan
599c276fd8
Add change note
2021-10-28 10:10:39 +01:00
Owen Mansel-Chan
e0e1a4671a
Address review comments
2021-10-28 10:10:39 +01:00
Owen Mansel-Chan
cdee44bbd1
Add barrier guard for comparison
2021-10-28 10:10:38 +01:00
jorgectf
cf9e9f9dd4
Add cookie injection query missing proper tests
2021-10-28 10:28:45 +02:00
jorgectf
129edd605e
Update .expected
2021-10-28 09:25:56 +02:00
jorgectf
5dc1ad6f8a
Polish .ql
2021-10-28 09:25:47 +02:00
jorgectf
0f2b81e0d2
Polish tests
2021-10-28 09:24:47 +02:00
ihsinme
1c80f26178
Update ExposureSensitiveInformationUnauthorizedActor.ql
2021-10-28 09:50:41 +03:00
ihsinme
04ee78aecf
Apply suggestions from code review
...
thanks
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2021-10-28 09:46:26 +03:00
jorgectf
48c3c3d8a8
Broaden scope
2021-10-27 21:00:50 +02:00
Chris Smowton
e784c35691
Merge pull request #595 from sauyon/patch-1
...
Add comment to `HasEllpsisTable`
2021-10-27 19:10:12 +01:00
jorgectf
28ec8c9dee
Merge remote-tracking branch 'origin/main' into jorgectf/python/insecure-cookie
2021-10-27 19:00:55 +02:00
Sauyon Lee
74da4820ee
Add comment to HasEllpsisTable
2021-10-27 08:51:58 -07:00
Andrew Eisenberg
09e70a9b8a
Merge pull request #592 from github/aeisenberg/suite-helpers
...
Update references to suite-helpers
2021-10-25 14:26:06 -07:00
Andrew Eisenberg
4b8909fe10
Update references to suite-helpers
...
Use the new pack names instead of the old names.
2021-10-25 12:11:22 -07:00
ihsinme
8a1d271328
Add files via upload
2021-10-25 14:48:19 +03:00
ihsinme
1dacd2ea76
Add files via upload
2021-10-25 14:47:25 +03:00
Chris Smowton
efecc9ab80
Merge pull request #591 from owen-mc/update-inline-expectations-test
...
Update inline expectations test
2021-10-21 12:41:57 +01:00
Owen Mansel-Chan
f4d9f2f2fa
Remove unused test comments
...
These were introduced in 68dca955 . Currently they aren't doing anything
as there isn't an inline expectation test for the tag "source" in this
folder. It seems they were originally intended to indicate untrusted flow
sources, but they aren't needed as we are using "noflow" to only mark the
places where there isn't a flow.
2021-10-21 11:07:59 +01:00
Owen Mansel-Chan
e01291f880
Put space after MISSING: and SPURIOUS:
...
This is the preferred style now
2021-10-21 11:07:59 +01:00
Owen Mansel-Chan
f38fd5722f
Only one dollar sign in each comment
2021-10-21 11:07:58 +01:00
Owen Mansel-Chan
09ef621b2f
Put space after first dollar sign
2021-10-21 11:07:58 +01:00
Owen Mansel-Chan
b8bd40463e
Reorder MISSING labels
...
The behaviour has changed: previously, "f+:" and "f-:" only affected the
following entry, but "MISSING:" and "SPURIOUS:" affect all following
2021-10-21 11:07:57 +01:00
Owen Mansel-Chan
f28539928a
Quote expected values that have spaces
2021-10-21 11:07:57 +01:00
Owen Mansel-Chan
5f0f04de1c
Update labels for missing and spurious results
2021-10-21 11:07:57 +01:00
Owen Mansel-Chan
7961ba6b93
Add hasActualResult predicate not using Location
2021-10-21 11:07:50 +01:00
Owen Mansel-Chan
a9165ce4a6
Sync InlineExpectationsTest.qll
2021-10-21 05:21:18 +01:00
Chris Smowton
32d71e8247
Merge pull request #585 from github/jbj/getAPrimaryQlClass-file
...
Fix getAPrimaryQlClass for File classes
2021-10-19 11:17:07 +01:00
Chris Smowton
392c084da4
Merge pull request #589 from github/aeisenberg/suites-fix
...
Suites: Switch to the `queries` directive
2021-10-18 19:19:58 +01:00
Andrew Eisenberg
198acac383
Suites: Switch to the queries directive
...
The addition of the `defaultSuite` directive means that using
the `qlpack` directive in a query suite will only return the
queries in the default suite, not _all_ the queries in the
pack as was the prior behaviour. This change ensures that
all query suites resolve to the same queries as before.
2021-10-18 10:00:59 -07:00
jorgectf
f1a73e3009
Merge branch 'jorgectf/python/deserialization' of https://github.com/jorgectf/codeql into jorgectf/python/deserialization
2021-10-16 10:07:13 +02:00
jorgectf
c2046f1777
Improve readability for xmlDom()
2021-10-16 10:07:11 +02:00
Jorge
be424704a6
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2021-10-16 10:04:50 +02:00
jorgectf
320a00be31
Delete simple API::Nodes
2021-10-16 10:02:43 +02:00
jorgectf
5b66a15de3
Extend mayBeDangerous() QLDoc
2021-10-16 09:57:28 +02:00
jorgectf
15dfc6d1da
Fix xml_sax_parser.py good/bad naming
2021-10-16 09:50:58 +02:00
Jonas Jensen
61a0c44ef6
Accept test changes: File -> GoFile
2021-10-15 08:04:58 +02:00
Andrew Eisenberg
25dc4f316b
Merge pull request #587 from github/aeisenberg/query-suite
...
Fix recursive reference in query suite
2021-10-14 09:53:56 -07:00
Andrew Eisenberg
de79eac0bb
Fix recursive reference in query suite
...
The line `- qlpack: codeql-go` references the pack's
default suite, which is this suite. Therefore this
reference is recursive and not allowed.
The change here aligns the query pack with other
languages.
2021-10-14 08:24:49 -07:00
Chris Smowton
a0a5462f50
Merge pull request #586 from github/erik-krogh/explicit-this
...
add explicit this qualifiers
2021-10-14 15:39:14 +01:00
Erik Krogh Kristensen
d27f42d287
add explicit this qualifiers
2021-10-14 12:45:14 +02:00
Jonas Jensen
1c245ba636
Fix getAPrimaryQlClass for File classes
2021-10-14 11:37:05 +02:00
Andrew Eisenberg
abe3f2148b
Merge pull request #584 from github/aeisenberg/tutorial
...
Move tutorial directly into each qlpack
2021-10-13 09:32:44 -07:00
Andrew Eisenberg
0786af19fb
Move tutorial directly into each qlpack
...
See also https://github.com/github/codeql/pull/6862
2021-10-12 14:39:15 -07:00
Andrew Eisenberg
fb5186d887
Merge pull request #583 from github/aeisenberg/defaultSuite
...
Add a defaultSuiteFile property
2021-10-12 14:27:40 -07:00
Andrew Eisenberg
705093d709
Fix property name
2021-10-12 13:04:28 -07:00
Andrew Eisenberg
da708c9743
Add a defaultSuite property
2021-10-12 12:48:01 -07:00
Chris Smowton
c6b9db37be
Merge pull request #581 from github/RasmusWL/normalize-qlpack
...
Packaging: Normalize src/qlpack.yml
2021-10-12 11:02:18 +01:00
Rasmus Wriedt Larsen
c7196916aa
Packaging: Normalize src/qlpack.yml
...
Port of 4) from https://github.com/github/codeql/pull/6605
> Dependencies from query packs to other packs are always "*" since
these dependencies are always from source and we should get the
latest.
Compare with [C++ change](https://github.com/github/codeql/pull/6605/files#diff-0236560ca1b9c19eb7c74d8bfecd1c78005e762122f8bcdaee9eb9b20460bf9c ).
2021-10-11 14:36:12 +02:00
Andrew Eisenberg
88ac6d7a40
Merge pull request #566 from dbartol/dbartol/refactor
...
Refactor Go pack into separate library and query packs
2021-10-07 09:41:47 -07:00
Dave Bartolomeo
3ea2152a86
Use a for loop
2021-10-07 11:35:42 -04:00
Dave Bartolomeo
590b4aac2a
Fix PR feedback
2021-10-07 11:00:15 -04:00
Dave Bartolomeo
eed0eab02c
Merge remote-tracking branch 'upstream/main' into dbartol/refactor
2021-10-07 10:49:45 -04:00
Chris Smowton
1c2b46e10d
Merge pull request #578 from github/rasmuswl/fix-hasLocationInfo-url
...
Fix `hasLocationInfo` URL reference
2021-09-29 14:06:01 +01:00
Rasmus Wriedt Larsen
8deaeb4ea1
Fix hasLocationInfo URL reference
...
Port of https://github.com/github/codeql/pull/6775
2021-09-29 13:53:55 +02:00
Rasmus Wriedt Larsen
8df3dab121
Python: Adjust .expected with subpaths
2021-09-28 17:04:20 +02:00
Rasmus Wriedt Larsen
e472814ddd
Python: Fix XXE qhelp
2021-09-28 17:02:39 +02:00
Rasmus Wriedt Larsen
9c286a1b50
Python: fix name of .qhelp file
2021-09-28 16:57:46 +02:00
Rasmus Wriedt Larsen
67fddda6d2
Merge branch 'main' into jorgectf/python/deserialization
2021-09-28 16:49:33 +02:00
Chris Smowton
8b3682205b
Merge pull request #577 from intrigus-lgtm/patch-3
...
Update query description
2021-09-27 13:50:08 +01:00
intrigus-lgtm
d26841da57
Update query description
...
A wildcard origin does not allow Access-Control-Allow-Credentials: true.
This change had been made in 824b5a4b52
but I has been forgotten to update the query description.
2021-09-27 13:34:30 +02:00
Natalia Pesaresi
83613ea042
Merge branch 'main' into feature/SSRF
2021-09-24 17:52:51 -03:00
Nati Pesaresi
636000ce01
fix qlref
2021-09-24 17:50:26 -03:00
Nati Pesaresi
1de0b0401a
inheritance fix
2021-09-24 17:14:45 -03:00
Nati Pesaresi
ba552251e9
rm region tags
2021-09-24 17:08:52 -03:00
Erik Krogh Kristensen
a082ed917c
track flow through string replace calls that just replace single chars
2021-09-22 19:43:48 +02:00
Chris Smowton
cc1d1d8d1b
Merge pull request #575 from hvitved/remove-reduced-env-var
...
Remove `CODEQL_REDUCE_FILES_FOLDERS_RELATIONS`
2021-09-22 16:51:06 +01:00
Tom Hvitved
9142079902
Remove CODEQL_REDUCE_FILES_FOLDERS_RELATIONS
2021-09-22 09:40:39 +02:00
Nati Pesaresi
a9a36ace3b
validator uuid
2021-09-17 18:01:43 -03:00
Nati Pesaresi
f913b1504a
codeql query format --in-place
2021-09-17 17:54:19 -03:00
Nati Pesaresi
746ce630f4
codeql query format --in-place
2021-09-17 17:53:01 -03:00
Natalia Pesaresi
63bb7ef56c
Merge branch 'main' into feature/SSRF
2021-09-17 17:46:32 -03:00
Nati Pesaresi
9ec35a0f99
merge main
2021-09-17 17:43:35 -03:00
Nati Pesaresi
2a20fe4b0e
beautify names
2021-09-17 17:40:56 -03:00
Natalia Pesaresi
a2bc1b57c1
Merge pull request #1 from npesaresi/feature/SSRF
...
CWE-918
2021-09-17 17:27:04 -03:00
Sauyon Lee
769456ee10
Merge pull request #572 from smowton/smowton/admin/revert-go-list
...
Revert "Merge pull request #554 from xhd2015/accelerate_go_list"
2021-09-16 10:48:18 -07:00
Chris Smowton
c13229d581
Revert "Merge pull request #554 from xhd2015/accelerate_go_list"
...
This reverts commit e5a2b6081d , reversing
changes made to ee893b252c .
2021-09-16 17:16:59 +01:00
Chris Smowton
0214c97589
Merge pull request #569 from smowton/smowton/fix/optimize-guarding-function
...
Use unique aggregate to optimize guardingFunction
2021-09-09 22:02:56 +01:00
jorgectf
61a81b60e8
Extend .qlref
2021-09-09 19:06:58 +02:00
Chris Smowton
f6a629ee30
Merge pull request #570 from github/smowton/admin/fix-upgrade-script
...
Fix broken upgrade script
2021-09-09 15:02:38 +01:00
Chris Smowton
848d6c56bb
Fix broken upgrade script
2021-09-09 13:48:14 +01:00
Dave Bartolomeo
6837233128
Treat CallSideEffect and InitializeDynamicAllocation the same as other side effects during IR generation
...
This commit moves the IR generation for the `CallSideEffect` and `InitializeDynamicAllocation` side effect instruction into their own subclasses of `TranslatedSideEffect`. Previously, they were embeddded in `TranslatedCall` and `TranslatedAllocationSideEffects`. There are no diffs in the generated IR. This just makes the implementation of all side effect generation be consistent.
2021-09-07 14:22:23 -04:00
jorgectf
21da603d81
Update .qlref
2021-09-07 20:13:39 +02:00
Dave Bartolomeo
d1e6813812
Make side effects for constructor calls use same mechanism as other arguments
...
This commit is yet another step to fixing the order of IR side effect instructions. Instead of having a special `StructorCallSideEffects` class for the call itself, I've introduced a `TranslatedStructorCallQualifierSideEffect` class that shares a bunch of common code with `TranslatedArgumentExprSideEffect`, but handles the case where there's no `Expr` for the qualifier of the constructor call. Because this class uses the same ordering as regular argument side effects, these side effects now appear in the correct order, reads before writes.
The test expectations have changed to reflect the new, correct order.
2021-09-03 16:58:32 -04:00
Dave Bartolomeo
ba72a1cde7
Make TranslatedSideEffect abstract
...
This is step two of fixing the ordering of call side effects. This commit refactors the existing `TranslatedSideEffect` class into an abstract `TranslatedSideEffect` class, which contains functionality common to all kinds of side effect, and a concrete `TranslatedArgumentSideEffect` class, which is the implementation of argument side effects. A future commit will add additional concrete classes for conservative call side effects and allocation side effects.
This change has zero diffs to the generated IR.
2021-09-03 11:31:14 -04:00
Dave Bartolomeo
47e16b0480
Move logic for determining CallSideEffect opcode out of TranslatedCall.
...
This is the first step to fixing the order of side effects on call instructions. The goal is to move all side effects (argument side effects, allocation side effects, and conservative call side effects) to be treated as elements in a single sequence of side effects, which will then be handled in a single place similar to how we already handle argument side effects.
2021-09-03 09:58:31 -04:00
Sauyon Lee
e5a2b6081d
Merge pull request #554 from xhd2015/accelerate_go_list
...
Accelerating go-extractor by using 'go list -deps' instead of just 'go list'
2021-09-02 12:32:02 -07:00
Sauyon Lee
f9ce06b4c0
Check for nil when getting package info
2021-09-02 11:25:58 -07:00
Sauyon Lee
7d3c504c3c
Fix godoc
2021-09-02 11:25:57 -07:00
Sauyon Lee
89c9c7060c
Remove unnecessary environment set
2021-09-02 11:25:57 -07:00
Sauyon Lee
6ed6193973
Remove redundant map assignments and fix some typos
2021-09-02 11:25:57 -07:00
xhd2015
8532605be7
Accelerating go-extractor by using 'go list -deps' instead of just 'go list'
...
Change-Id: Icc77214809a0bb8536d751f21194690d58663dc5
2021-09-02 11:25:57 -07:00
Chris Smowton
88645cf0f1
Use unique aggregate to optimize guardingFunction
2021-08-31 18:38:44 +01:00
Tom Hvitved
ee893b252c
Merge pull request #560 from hvitved/drop-files-folders-columns
...
Drop redundant columns from `files` and `folders` relations
2021-08-26 19:30:35 +02:00
Tom Hvitved
c70a413b71
DB upgrade script
2021-08-26 13:41:44 +02:00
Tom Hvitved
a9a0cffb01
Drop redundant columns from files and folders relations
2021-08-26 13:41:44 +02:00
Sauyon Lee
1ab2c44310
Merge pull request #564 from sauyon/add-cfg
...
Uncomment CFG tests
2021-08-25 18:28:33 -07:00
Sauyon Lee
ec6ac9db7c
Remove useless nodes predicate
2021-08-25 17:16:46 -07:00
Sauyon Lee
630e46e1fd
Exclude files with build constraints from the cfg test
2021-08-25 17:16:46 -07:00
Sauyon Lee
5fbed2b219
Uncomment CFG tests
2021-08-25 17:16:46 -07:00
jorgectf
48bca5beb8
Fix references' link anchor
2021-08-25 17:09:47 +02:00
Dave Bartolomeo
d82580647e
Add reference to codeql/go-examples pack from test pack
2021-08-24 10:31:03 -04:00
Dave Bartolomeo
bcaf218cd4
Update readme with workflow changes
2021-08-24 10:31:03 -04:00
Dave Bartolomeo
bc9764fcde
Invoke bash explicitly for Windows
2021-08-24 10:31:03 -04:00
Dave Bartolomeo
a069fa6fda
Make install script executable
2021-08-24 10:31:03 -04:00
Dave Bartolomeo
7c70745e52
Build target to run codeql pack install
2021-08-24 10:31:02 -04:00
Dave Bartolomeo
3165b8dec1
Script to run codeql pack install
2021-08-24 10:31:02 -04:00
Dave Bartolomeo
12bb6728d1
Fix dependencies for Go test pack
2021-08-24 10:31:02 -04:00
Dave Bartolomeo
26fd45746c
Move Go QL library files into separate pack
2021-08-24 10:31:02 -04:00
Dave Bartolomeo
1726a8b65f
Initial makefile changes for pack refactoring
2021-08-24 10:31:01 -04:00
Dave Bartolomeo
6d829cfdf3
Modernize Go pack definitions
2021-08-24 10:31:01 -04:00
Dave Bartolomeo
b6c250cbff
Ignore .codeql directories
2021-08-24 10:31:01 -04:00
Chris Smowton
a6f3d464ae
Merge pull request #568 from igfoo/igfoo/getPrimaryQlClasses
...
Add getPrimaryQlClasses()
2021-08-24 14:13:50 +01:00
Ian Lynagh
6a86f1a91b
Add getPrimaryQlClasses()
...
This is a non-overridable predicate that concatenates all the
getAPrimaryQlClass() results into a comma-separated string.
2021-08-24 13:03:24 +01:00
Sauyon Lee
4df8fac91c
Merge pull request #559 from sauyon/xorm
...
Add Xorm support
2021-08-23 09:21:19 -07:00
Sauyon Lee
dc00a17fd2
Add Xorm license
2021-08-23 08:15:57 -07:00
sn00py
474287dc9f
Update SQL.qll
...
remove package
2021-08-23 08:15:57 -07:00
sn00py
7fc045e749
Add inline test for xorm
2021-08-23 08:15:57 -07:00
snoopywu
4975dccd34
Format SQL.qll
2021-08-23 08:15:57 -07:00
snoopywu
0174270a03
Add change note
2021-08-23 08:15:56 -07:00
snoopywu
8c608bad21
Add Xorm support
2021-08-23 08:15:56 -07:00
Chris Smowton
647bc51483
Merge pull request #563 from sauyon/go117
...
Add support for Go 1.17
2021-08-23 10:45:24 +01:00
Sauyon Lee
4a1daf173c
fixup model changes
2021-08-19 14:04:38 -07:00
Sauyon Lee
d4aa572109
Add tests for Go 1.17 library changes
2021-08-19 14:02:30 -07:00
Sauyon Lee
c41502de1e
Fix tests for go 1.17
2021-08-19 14:02:29 -07:00
Sauyon Lee
f20922dcc7
Handle - positions in errors
2021-08-19 14:02:29 -07:00
Sauyon Lee
5c7590db53
Exclude beta versions of the CodeQL CLI
2021-08-19 14:02:29 -07:00
Sauyon Lee
ab80f35451
Add change note for 1.17
2021-08-19 14:02:29 -07:00
Sauyon Lee
ef1238cdd3
Add test for conversion panic
2021-08-19 14:02:29 -07:00
Sauyon Lee
cb40498b41
Update actions to use go 1.17
2021-08-19 14:02:29 -07:00
Sauyon Lee
b1e91e578b
Add models for library changes
2021-08-19 14:02:26 -07:00
Sauyon Lee
040b166eb2
Add new style build constraints and add test for the old style
2021-08-19 14:00:04 -07:00
Sauyon Lee
189070cf2c
Add support for go:build style constraints
...
This doesn't account for the new syntax, but there was no syntax
parsing in the old version anyway, and the only user doesn't currently
care about semantics
2021-08-19 14:00:03 -07:00
Sauyon Lee
f39e43e5d0
Allow conversions to an array to panic
2021-08-19 14:00:03 -07:00
Sauyon Lee
2a5e7e24cd
Update dependencies for go1.17
2021-08-19 14:00:03 -07:00
Sauyon Lee
b9871add53
Merge pull request #565 from sauyon/remove-dots
...
Remove non-goific dot in method signatures
2021-08-19 13:41:25 -07:00
Sauyon Lee
ff1eb8ef43
Remove non-goific dot in method signatures
2021-08-19 12:36:59 -07:00
Owen Mansel-Chan
51b3f7f62d
Merge pull request #555 from owen-mc/upstream-weak-crypto-key
...
Promote weak crypto key from experimental
2021-08-18 12:57:27 +01:00
Owen Mansel-Chan
b96efc655e
Improve grammar and punctuation
2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
6f2040da51
Add security severity score
2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
8c97395884
Add change note
2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
3bf2cf0ed8
Add precision metadata
2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
9634e8d7b0
Update path in qlref file
2021-08-18 11:54:04 +01:00
Owen Mansel-Chan
ca01d55297
Promote insufficient key size query
...
Files were just moved - changes made in next commit
2021-08-18 11:54:04 +01:00
Chris Smowton
10e362a0f2
Merge pull request #562 from sauyon/remove-binary
...
Remove accidentally added binary
2021-08-17 19:55:26 +01:00
Chris Smowton
2b6dde8e6c
Merge pull request #561 from github/developer-happiness-query-suite
...
Add a query suite for new experimental "developer happiness" queries
2021-08-17 19:45:44 +01:00
Sauyon Lee
dc50d73008
Remove accidentally added binary
2021-08-17 10:11:04 -07:00
Sam Partington
78a4823bde
Ensure all 3 IDs are considered
...
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com >
2021-08-17 09:53:11 +01:00
Sam Partington
4e36d1f52f
Add a query suite for new experimental "developer happiness" queries
...
These are the queries added in https://github.com/github/codeql-go/pull/558 .
2021-08-16 18:05:31 +01:00
Chris Smowton
fbc65b3f87
Merge pull request #558 from sauyon/add-sample-queries
...
Add sample DB-related queries
2021-08-12 21:55:14 +01:00
Sauyon Lee
4c5d3ff344
Move defer in loop query to experimental
2021-08-12 10:13:30 -07:00
Sauyon Lee
02396dbd04
Add database query in loop query
...
co-authored-by: Robert <robertbrignull@github.com >
co-authored-by: Sam Partington <sampart@github.com >
2021-08-11 18:15:23 -07:00
Sauyon Lee
1ffeb26a61
Add query for a GORM error not checked
...
co-authored-by: Sam Partington <sampart@github.com >
co-authored-by: Robin Neatherway <rneatherway@github.com >
2021-08-11 18:15:23 -07:00
Nati Pesaresi
210d0f3d6a
cwe-918
2021-08-03 17:48:08 -03:00
Shati Patel
65e9262b41
Merge pull request #556 from github/shati-patel-patch-1
...
Update CODEOWNERS
2021-07-28 12:56:48 +01:00
Shati Patel
0c4674cf86
Update CODEOWNERS
...
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com >
2021-07-28 11:54:25 +01:00
Shati Patel
e83af8e4ea
Update CODEOWNERS
2021-07-28 11:42:33 +01:00
jorgectf
54ed25a925
Change False and None scopes
2021-07-25 18:21:16 +02:00
jorgectf
c8a7f48d6e
Add .expected
2021-07-25 18:18:38 +02:00
jorgectf
983465963a
Polish CookieWrite
2021-07-25 18:18:29 +02:00
jorgectf
65044293dd
Add CookieWrite concept
2021-07-25 17:53:58 +02:00
jorgectf
66fdd530e3
Merge branch 'jorgectf/python/headerInjection' into jorgectf/python/insecure-cookie
2021-07-25 04:35:51 +02:00
jorgectf
4f68a1777c
Write documentation and example
2021-07-25 04:07:05 +02:00
jorgectf
c8983be947
Add query
2021-07-25 04:06:44 +02:00
jorgectf
8a3e4f14d1
Add tests and .qlref
2021-07-25 04:06:02 +02:00
jorgectf
0aaa9c13bd
Merge remote-tracking branch 'origin/jorgectf/python/headerInjection' into jorgectf/python/insecure-cookie
2021-07-25 03:22:16 +02:00
jorgectf
93c8529fc9
Add .expected
2021-07-25 01:53:21 +02:00
jorgectf
1dd77f167a
Fix undetected tests
2021-07-25 01:51:52 +02:00
jorgectf
b83b31cc7a
Write qldocs
2021-07-24 02:33:57 +02:00
jorgectf
61e873d725
Polish tests
2021-07-24 02:09:23 +02:00
jorgectf
0d2646fd3d
Polish documentation
2021-07-24 01:23:51 +02:00
jorgectf
068150b1ab
Finish modeling
2021-07-22 19:34:23 +02:00
jorgectf
b5e10b6c42
Write (String|Bytes)IO additional taint step
2021-07-22 19:15:30 +02:00
jorgectf
11f4c1cc8e
Format tests
2021-07-22 19:04:35 +02:00
Chris Smowton
e39753c72a
Merge pull request #552 from github/deferinloop-kind
...
Add @kind to deferinloop.ql
2021-07-19 11:17:26 +01:00
Chris Smowton
b03513bcd2
Merge pull request #542 from gagliardetto/cors-misconfig
...
Add query to detect CORS misconfiguration
2021-07-16 16:12:15 +01:00
Chris Smowton
87afdae1c7
use hasFlowTo where possible
2021-07-16 14:38:05 +01:00
Sam Partington
e227a4315f
Add @kind to deferinloop.ql
...
Required to use this query with the CodeQL CLI
2021-07-16 14:25:58 +01:00
Slavomir
52b650a1be
Add AllowOriginHeaderWrite and AllowCredentialsHeaderWrite classes
2021-07-16 00:01:55 +02:00
Slavomir
e92738a93f
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2021-07-16 00:42:36 +03:00
Chris Smowton
73227f12df
Merge pull request #539 from gagliardetto/fiber
...
Add web framework: github.com/gofiber/fiber
2021-07-15 17:53:45 +01:00
Slavomir
d252d6003f
Remove Protocol as UntrustedFlowSource
2021-07-15 16:20:33 +02:00
Slavomir
498332c186
Mention Fiber.json in Fiber.qll
2021-07-15 15:15:10 +02:00
Slavomir
7d1a632b61
Move fiber spec in the same folder as source
2021-07-15 15:12:02 +02:00
Slavomir
92e0f02d2a
Remove special cases inside if
2021-07-15 15:06:28 +02:00
Slavomir
66bd56f444
Don't use any() as sink
2021-07-05 13:14:56 +02:00
jorgectf
d475d52c76
Add partial modeling
2021-06-30 00:59:40 +02:00
jorgectf
c3b3bde35d
Add XMLParser concept
2021-06-30 00:59:17 +02:00
jorgectf
b9fa57f518
Move tests to test/
2021-06-30 00:58:58 +02:00
Chris Smowton
cd1e14ed09
Merge pull request #549 from edoardopirovano/change-pragma
...
Performance: Remove `pragma[noopt]`
2021-06-22 19:14:52 +01:00
jorgectf
78deec84fc
Upload main structure and initial tests
2021-06-22 16:41:08 +02:00
Edoardo Pirovano
65a34b4aa6
Performance: Remove pragma[noopt]
2021-06-22 10:05:53 +01:00
Chris Smowton
52028cf363
Merge pull request #547 from edoardopirovano/fix-join-order
...
Performance: Fix bad join ordering
2021-06-21 20:11:22 +01:00
Edoardo Pirovano
a7c656db8b
Performance: Fix bad join ordering
2021-06-21 18:58:35 +01:00
Slavomir
c0f195ba16
Reduce false positives
2021-06-19 22:25:51 +02:00
jorgectf
0e61558644
Empty commit
2021-06-19 18:39:58 +02:00
edvraa
ac777d237d
autoformat
2021-06-17 09:23:26 +01:00
edvraa
0456d4793a
Fix path tracking
2021-06-17 09:23:26 +01:00
edvraa
4576b16f30
Use dataflow gettype
2021-06-17 09:23:26 +01:00
edvraa
062acedd49
Unify and make getValueForFieldWrite private
2021-06-17 09:23:26 +01:00
edvraa
236b623f60
Get rid of NetHttpCookieTrackingConfiguration
2021-06-17 09:23:26 +01:00
edvraa
031a79b8f5
Gorilla Store Save sink
2021-06-17 09:23:26 +01:00
edvraa
8110c3d059
Use HasFlow
2021-06-17 09:23:26 +01:00
edvraa
d60d18a8d0
Stay on dataflow level
2021-06-17 09:23:26 +01:00
edvraa
ed8d025bdf
Dedicated types
2021-06-17 09:23:26 +01:00
edvraa
cba4f0448e
Use package
2021-06-17 09:23:26 +01:00
edvraa
167496edff
Use MethodCallNode and hasQualifiedName
2021-06-17 09:23:26 +01:00
edvraa
5929f66efb
No need for Function f
2021-06-17 09:23:26 +01:00
edvraa
06c328c5aa
Fix comment
2021-06-17 09:23:26 +01:00
edvraa
3ac1b4ba0b
Use CallNode
2021-06-17 09:23:26 +01:00
edvraa
d06f4ca21e
Fix argumnt nr
2021-06-17 09:23:26 +01:00
edvraa
9224a315f1
inline isGinContextCookieFlow
2021-06-17 09:23:26 +01:00
edvraa
4d397d9974
Fix tests
2021-06-17 09:23:26 +01:00
edvraa
5349c98ae1
Comments
2021-06-17 09:23:26 +01:00
edvraa
0b9959e4ef
Default stub
2021-06-17 09:23:26 +01:00
edvraa
d32fa19c12
reformat
2021-06-17 09:23:26 +01:00
edvraa
4eb4787692
simplify expressions
2021-06-17 09:23:26 +01:00
edvraa
f537c479c9
path tracking
2021-06-17 09:23:26 +01:00
edvraa
253abc55d9
get rid of AuthCookieNameConfiguration
2021-06-17 09:23:26 +01:00
edvraa
9c0b83fd34
Use getAPredecessor
2021-06-17 09:23:26 +01:00
edvraa
ff06815db1
Code review
2021-06-17 09:23:26 +01:00
edvraa
cbaad2efb9
Sensitive cookie without HttpOnly
2021-06-17 09:23:26 +01:00
Chris Smowton
191a4c1101
Merge pull request #546 from github/calumgrant/security-severities
...
Add security-severity scores
2021-06-16 14:22:27 +01:00
Calum Grant
975e4d7284
Add security-severity scores
2021-06-15 15:56:57 +01:00
luchua-bc
6a2c7d54cd
Enhance the query to check more scenarios
2021-06-14 03:24:16 +00:00
Slavomir
824b5a4b52
Wildcard origin does not allow Access-Control-Allow-Credentials: true
2021-06-05 10:40:28 +02:00
Chris Smowton
db0566c325
Merge pull request #543 from gagliardetto/clevergo-spec
...
Add codemill spec for clevergo
2021-06-03 13:59:59 +01:00
Slavomir
4662358b8d
Add flag checks
2021-06-03 12:53:52 +02:00
Slavomir
56e99b6efb
Convert header values to lowercase before comparing
2021-06-03 10:50:50 +02:00
Sauyon Lee
225a69aa27
Merge pull request #544 from github/erik-krogh/fix-primaryqlclass-typo
...
fix typo in the `getAPrimaryQlClass` implementation for `LabeledStmt`
2021-05-29 18:59:36 +00:00
Erik Krogh Kristensen
47d6412e1c
update expected output
2021-05-29 17:56:03 +00:00
Erik Krogh Kristensen
5b357e936b
fix typo in the getAPrimaryQlClass implementation for LabeledStmt
2021-05-29 19:01:16 +02:00
Slavomir
cb3cbc5e3f
Move spec to the same location of qll
2021-05-27 17:00:19 +02:00
Slavomir
4212eb7ac2
Add codemill spec for clevergo
2021-05-24 15:35:57 +02:00
Slavomir
521039d6a2
Add codemill spec
2021-05-24 15:34:16 +02:00
Slavomir
8525c58e1a
Improve qhelp doc
2021-05-24 15:19:50 +02:00
Slavomir
74f8f1dcdb
Cleanup
2021-05-24 15:19:35 +02:00
Sauyon Lee
1a67f8d867
Merge pull request #530 from edvraa/key
...
CWE-326: Insufficient key size
2021-05-24 01:11:16 +00:00
Slavomir
9d1f13fe9b
Add allowOriginIsWildcardOrNull predicate
2021-05-22 18:32:48 +02:00
Slavomir
924e445ce9
Add missing newline
2021-05-22 18:19:44 +02:00
Slavomir
f261f34f57
Add query to detect CORS misconfiguration
2021-05-22 18:14:13 +02:00
edvraa
c95295aa81
Simplify get int
2021-05-21 12:38:01 +01:00
edvraa
c9c22fd871
Change the message
2021-05-21 12:38:01 +01:00
edvraa
8414759f7d
Code review
2021-05-21 12:38:01 +01:00
edvraa
7e1c57689b
Insufficient key size
2021-05-21 12:38:01 +01:00
Sauyon Lee
d47d0303b0
Merge pull request #541 from smowton/smowton/admin/tag-lines-of-code
2021-05-14 19:11:40 +00:00
Chris Smowton
bc80772075
Tag lines of code query
2021-05-14 18:27:55 +01:00
Niroshan Rajadurai
d9826c571a
Update README.md
...
Updates to point to GHAS Capabilities, and tighter wording on License terms
2021-05-13 13:17:16 +01:00
Chris Smowton
6dcfbe8135
Merge pull request #540 from owen-mc/test-dataflow-pr-5773
...
Sync data-flow libraries
2021-05-12 10:49:33 +01:00
Owen Mansel-Chan
f0fd501a23
No need to cache isUnreachableInCall any more
2021-05-12 08:54:58 +01:00
Owen Mansel-Chan
a86390d850
Sync data-flow libraries
...
As of 2021-05-12
2021-05-12 08:54:11 +01:00
Slavomir
f644194354
Add package predicates
2021-05-10 15:18:47 +02:00
Slavomir
06fac54da3
Add web framework: github.com/gofiber/fiber
2021-05-10 15:12:32 +02:00
Chris Smowton
879666682d
Merge pull request #537 from gagliardetto/fix-clevergo
...
CleverGo: Update generated naming
2021-05-10 12:32:08 +01:00
Chris Smowton
1f9097430e
Merge pull request #535 from owen-mc/update-dataflow-libraries-2021-05-05
...
Update dataflow libraries 2021-05-05
2021-05-10 09:53:32 +01:00
Slavomir
7810461651
Update generated naming
2021-05-09 22:52:07 +02:00
Owen Mansel-Chan
fcbedee4c5
Keep call to defaultTaintSanitizerGuard
2021-05-06 15:06:29 +01:00
Owen Mansel-Chan
349df54905
Ignore lambda data flow for now
2021-05-06 13:57:49 +01:00
Owen Mansel-Chan
daf73553f6
Sync shared dataflow libraries
2021-05-05 16:58:30 +01:00
Chris Smowton
774717d2b8
Merge pull request #522 from gagliardetto/fix-clevergo
...
Improve CleverGo models
2021-04-30 17:11:56 +01:00
Slavomir
ea2909a362
HTTP::HeaderWrite: Don't override string getHeaderValue() with none()
2021-04-30 15:39:09 +01:00
Slavomir
110a3983c1
Regenerate codeql: Refactor HTTP::HeaderWrite
2021-04-30 15:39:09 +01:00
Slavomir
5578afa189
Regenerate using latest codemill generator.
2021-04-30 15:39:09 +01:00
Chris Smowton
0beaa7fdc9
Model content-type setters as HeaderWrites.
2021-04-30 15:39:09 +01:00
Chris Smowton
9ea8b34e47
HTTP ResponseBody: support HeaderWrites with hard-coded header values.
2021-04-30 15:39:09 +01:00
Chris Smowton
3fd2c7d4bb
Note response writers for existing HeaderWrite and HttpRedirect instances
2021-04-30 15:39:09 +01:00
Slavomir
36396df271
HttpResponseBody: Move .getAPredecessor*() to the test query.
2021-04-30 15:39:09 +01:00
Slavomir
989bfa2b1d
Improve naming and comments.
2021-04-30 15:39:09 +01:00
Slavomir
78b403f42e
Stub alternative HTTP::ResponseBody model implementation
2021-04-30 15:39:09 +01:00
Slavomir
ff848a502a
ResponseBody: Use .getAPredecessor*().getStringValue() instead of just .getStringValue()
2021-04-30 15:39:09 +01:00
Chris Smowton
3a0b36cdb8
Merge pull request #531 from sauyon/non-alert-queries
...
Non-alert queries
2021-04-27 17:49:49 +01:00
Sauyon Lee
bfe6e7510d
Evaluate symlinks for the dummy file
2021-04-27 08:32:21 -07:00
Sauyon Lee
d09cb7f228
Remove badpkg.go to make tests location-independent
2021-04-27 01:18:22 -07:00
Sauyon Lee
03c3b15caa
Improve autoformatting check
2021-04-27 01:18:21 -07:00
Sauyon Lee
27b72b53e5
Add diagnostic queries
2021-04-27 01:18:21 -07:00
Sauyon Lee
9f85846980
Add lines of code summary query
2021-04-27 01:18:20 -07:00
Sauyon Lee
fa5cb652d8
Fix lines of code counting
2021-04-27 01:18:20 -07:00
Sauyon Lee
ed978e439f
Add GoFile and move HtmlFile to Files.qll
2021-04-27 01:18:19 -07:00
Sauyon Lee
2a80a60468
Add GeneratedFile concept
2021-04-27 01:18:19 -07:00
Sauyon Lee
3393588353
Move concepts imports to Concepts.qll
2021-04-27 01:18:18 -07:00
Sauyon Lee
7a790340ed
Merge pull request #526 from sauyon/fix-bad-error-locs
...
Extract dummy files for errors without locations
2021-04-27 01:07:22 -07:00
Sauyon Lee
b808c187cf
Add test with curly braces in filename
2021-04-21 21:14:41 -07:00
Sauyon Lee
f15b65d07e
Extract dummy files for errors with no location
2021-04-21 21:14:40 -07:00
Sauyon Lee
488f7f5b9b
Use pre-transformed path for extractor fileinfo
2021-04-21 21:14:40 -07:00
Chris Smowton
90c4b5d63f
Switch to using HTML entities for escaping
2021-04-21 21:14:39 -07:00
Chris Smowton
06c958e61f
Extractor: tolerate curly braces in struct field tags, directory names
...
These previously produced malformed TRAP. I have checked the other uses of GlobalID and don't see any others that should require escaping.
2021-04-21 21:14:39 -07:00
Sauyon Lee
466d87684d
Merge pull request #528 from sauyon/tuple-map-read
2021-04-21 08:50:40 -07:00
Chris Smowton
9ab1a8d144
Reword change note
...
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com >
2021-04-21 15:28:28 +01:00
Chris Smowton
e50ad90856
Elaborate comment and change-note a little
2021-04-21 12:36:43 +01:00
Chris Smowton
a152eec9f2
Add test for ExtractTupleElementInstruction.getResultType()
2021-04-21 12:33:51 +01:00
Chris Smowton
4fb714f445
Simplify implementation of ExtractTupleElementInstruction.getResultType
2021-04-21 12:33:00 +01:00
Sauyon Lee
7efbcec50d
Add change note
2021-04-20 23:27:03 -07:00
Sauyon Lee
50bb6187b8
Revert ReflectedXss.go to example
2021-04-20 23:27:03 -07:00
Sauyon Lee
d1daca541e
Add types for more tuple extractions
...
Specifically, extractions where the RHS is a map element read or a channel receive
will now have types.
2021-04-20 14:23:31 -07:00
Sauyon Lee
ba2da6d9a9
Add test exercising channel data flow
2021-04-20 14:23:31 -07:00
Chris Smowton
0cef5fb5d0
Add test case for map extraction
2021-04-20 14:23:29 -07:00
Chris Smowton
f40211bd20
Merge pull request #527 from smowton/smowton/fix/http-request-taint-tracking
...
Improve net/http taint-tracking fidelity
2021-04-20 12:40:19 +01:00
Chris Smowton
b2e92fa084
Remove needless model of Part.Read
...
Read already gets a model as an implementation of the `Reader` interface.
2021-04-20 11:05:36 +01:00
Chris Smowton
948e064440
Fix mis-modelling Part.Read
2021-04-20 11:03:17 +01:00
Chris Smowton
027a540c67
Update test expectations now that tuple-extracts not method calls are sources
2021-04-19 17:05:50 +01:00
Chris Smowton
a367950014
Restore OpenRedirect's exclusion of POST-only request components
2021-04-19 17:05:23 +01:00
Chris Smowton
685f4fa2a6
Add change note
2021-04-19 16:13:16 +01:00
Chris Smowton
7d258ae722
Improve net/http taint-tracking fidelity
...
* Don't taint error returns from http.Request methods
* Track taint across mime/multipart.Part methods
2021-04-19 16:05:23 +01:00
Chris Smowton
dbcf1e1cfa
Merge pull request #520 from sauyon/add-diagnosticfile
...
Add a new diagnostics file class and use it for errors
2021-04-09 15:48:57 +01:00
Sauyon Lee
80fe7384cd
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2021-04-09 14:30:23 +01:00
Sauyon Lee
4462948cfc
Add a new diagnostics file class and use it for errors
2021-04-09 14:30:23 +01:00
Chris Smowton
46b5f11457
Merge pull request #438 from gagliardetto/clevergo
...
Pilot #0 : Add web framework `clevergo`
2021-04-09 09:48:58 +01:00
Slavomir
8e839f376e
Put all tests file in to the CleverGo folder instead of having dedicated folders for each test.
2021-04-09 08:38:37 +01:00
Slavomir
4ae5bdbbec
Improve naming of files and elements.
2021-04-09 08:38:37 +01:00
Slavomir
7ea0434514
Move clevergo framework to experimental
2021-04-09 08:38:37 +01:00
Slavomir
3915305361
Refactor and improve HTTP:ResponseBody models and tests
2021-04-09 08:38:37 +01:00
Slavomir
8c18aa6cbd
Simplify HTTP::HeaderWrite
2021-04-09 08:38:37 +01:00
Slavomir
7edf739602
Model HTTP::HeaderWrite; regenerate stubs
2021-04-09 08:38:37 +01:00
Slavomir
93ff2459d1
Use docs instead of comments for classes.
2021-04-09 08:38:36 +01:00
Slavomir
0fe7050e7e
Add models for HTTP::ResponseBody
2021-04-09 08:38:36 +01:00
Slavomir
98b3cc2dc4
Fix autoformatting
2021-04-09 08:38:36 +01:00
Slavomir
c53d8d3e56
Add http redirect model
2021-04-09 08:38:36 +01:00
Slavomir
55c8d9b22c
Make naming more consistent
2021-04-09 08:38:36 +01:00
Slavomir
1de7196060
Regenerate dep stubs
2021-04-09 08:38:36 +01:00
Slavomir
0c1ae62ce9
Use //go:generate depstubber --vendor --auto
2021-04-09 08:38:36 +01:00
Slavomir
f95f35387f
Cleanup comments
2021-04-09 08:38:36 +01:00
Slavomir
bdc5f90c97
Cleanup comments
2021-04-09 08:38:36 +01:00
Slavomir
d3d7d2d103
Simplify UntrustedSources struct fields
2021-04-09 08:38:36 +01:00
Slavomir
c01259ec2c
Simplify UntrustedSources interface methods
2021-04-09 08:38:36 +01:00
Slavomir
54abdf1a95
Regenerate tests
2021-04-09 08:38:36 +01:00
Slavomir
a6c1acfaba
Fix imports
2021-04-09 08:38:36 +01:00
Slavomir
a90f609c53
Manually add packagePath() predicate
2021-04-09 08:38:36 +01:00
Slavomir
928c12da57
Simplify UntrustedSources methods
2021-04-09 08:38:36 +01:00
Slavomir
34dcf83e11
Fix module doc
2021-04-09 08:38:36 +01:00
Slavomir
11326eb34c
Update ql/src/semmle/go/frameworks/CleverGo.qll
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2021-04-09 08:38:36 +01:00
Slavomir
c4ee6175b8
Add back bindingset to packagePath
2021-04-09 08:38:36 +01:00
Slavomir
7c62c63584
codeql: add packagePath predicate
2021-04-09 08:38:36 +01:00
Slavomir
dfbad0edb9
Regenerate code implementing the code review feedback
2021-04-09 08:38:36 +01:00
Slavomir
1bfe395662
Remove import DataFlow::PathGraph
2021-04-09 08:38:36 +01:00
Slavomir
6d9b7d3240
Add web framework: clevergo
2021-04-09 08:38:35 +01:00
Chris Smowton
7bf5abf6b0
Merge pull request #493 from gagliardetto/html-template-escaping-passthrough
...
Add CWE-79: HTML template escaping passthrough
2021-04-08 20:36:54 +01:00
Slavomir
68c0073c0b
Use PassthroughTypeName instead of string
2021-04-08 14:24:35 +01:00
Slavomir
7c35902724
Use DataFlow::Node as parameters
2021-04-08 14:24:35 +01:00
Slavomir
dc95902e56
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2021-04-08 14:24:35 +01:00
Slavomir
1a9b09e8bd
Add NumericType sanitizer
2021-04-08 14:24:35 +01:00
Slavomir
541c411086
Add isSanitizer predicate to FlowConfFromUntrustedToTemplateExecutionCall, and a test for it
2021-04-08 14:24:35 +01:00
Slavomir
8f124f8395
Add missing docs
2021-04-08 14:24:35 +01:00
Slavomir
e2b7c035ad
Use only one instance of TaintTracking.
2021-04-08 14:24:35 +01:00
Slavomir
280ffdf060
Fix test
2021-04-08 14:24:35 +01:00
Slavomir
5351a8eeb7
Use TaintTracking an TaintTracking2
2021-04-08 14:24:35 +01:00
Slavomir
b42d21f740
Improve comments and naming.
2021-04-08 14:24:35 +01:00
Slavomir
d5355eb6b4
Cleanup
2021-04-08 14:24:35 +01:00
Slavomir
cc31cd2fe2
Fix test
2021-04-08 14:24:35 +01:00
Slavomir
0bb5ef6af2
Fix test
2021-04-08 14:24:35 +01:00
Slavomir
7b4a748793
Remove DummySource
2021-04-08 14:24:35 +01:00
Slavomir
7e9f23ab8e
Refactor flow logic to ensure untrusted flows to conversion, and conversion flows to template-exec.
2021-04-08 14:24:35 +01:00
Slavomir
963631dedf
Improve naming.
2021-04-08 14:24:35 +01:00
Slavomir
687e556df6
Fixes from code review
2021-04-08 14:24:35 +01:00
Slavomir
ad91e4abcb
Remove DummySource
2021-04-08 14:24:35 +01:00
Slavomir
63d51205c9
Apply suggestions from code review
...
Co-authored-by: Sauyon Lee <sauyon@github.com >
2021-04-08 14:24:35 +01:00
Slavomir
49894341a8
Add CWE-79: HTML template escaping passthrough
2021-04-08 14:24:35 +01:00
Sauyon Lee
29bf388b83
Merge pull request #519 from sauyon/fix-consistency
...
Extract files for error locations
2021-04-02 01:37:11 -07:00
Chris Smowton
c742a131de
Remove filename containing hiragana
...
Good test, but unfortunately it turns out our ODASA build under Windows can't cope -- we get `make: *** No rule to make target 'language-packs/go/ql/test/library-tests/semmle/go/Files/�.go', needed by 'target/general/go-tools/output/tools/tokenizer.jar'. Stop.`
Evidently our windows Actions build *does* work, so this is possible in principle, but let's not delay this PR finding out the exact reasons why right now.
2021-04-01 08:57:15 +01:00
Sauyon Lee
4451920ada
fixup windows
2021-03-31 08:56:34 -07:00
Sauyon Lee
9b60aff45e
Sort extractor smoke test output
2021-03-31 08:12:19 -07:00
Sauyon Lee
44cb8f4f0f
Check database consistency in smoke tests
2021-03-31 03:37:55 -07:00
Sauyon Lee
cd6fb7d699
Extract files for error locations
...
Co-authored-by: Chris Smowton <smowton@github.com >
2021-03-31 03:37:55 -07:00
Sauyon Lee
7e3e2f9adf
Add file tests
2021-03-31 02:01:26 -07:00
Owen Mansel-Chan
2ef85291fd
Merge pull request #492 from owen-mc/promoted-field-data-flow-non-pointer-type
...
Add control flow nodes for implicit fields reads when reading a promoted field
2021-03-30 11:15:55 +01:00
Owen Mansel-Chan
2fce333a0b
Fix bad join order in getBaseInstruction
...
It was joining on the index first, rather than the selector expression
2021-03-30 10:13:31 +01:00
Owen Mansel-Chan
3e57ea0e75
Fix Revel template test
...
We want the controller, which is the type which embeds *Revel.Controller.
We have to skip the implicit field reads to get to the base of the selector
expression.
2021-03-30 10:13:30 +01:00
Owen Mansel-Chan
b507c0d584
Add implicit field reads for promoted method calls
2021-03-30 10:13:30 +01:00
Owen Mansel-Chan
a89a42df6f
Expand PromotedField to PromotedValueEntity
...
This includes promoted methods as well
2021-03-30 10:13:29 +01:00
Owen Mansel-Chan
770c770a8f
Add tests for promoted methods
...
We need implicit field reads for calls to promoted methods.
False negative flags have been added to make this pass on main.
2021-03-30 10:13:29 +01:00
Owen Mansel-Chan
42300819a5
Remove incorrect assumption
...
Now that we have implicit field reads, it is no longer the case
that the base of a field read instruction will be an eval
instruction.
2021-03-30 10:13:28 +01:00
Owen Mansel-Chan
44b4e211c1
Make ImplicitFieldReadInstruction extend ImplicitFieldReadInstruction
...
This avoids some code duplication.
2021-03-30 10:13:28 +01:00
Owen Mansel-Chan
00aac808d2
Address review comments
2021-03-30 10:13:27 +01:00
Owen Mansel-Chan
a5293fa835
Use index to determine selector base
2021-03-30 10:13:27 +01:00
Owen Mansel-Chan
015c0537c2
Add index to FieldReadInstruction
2021-03-30 10:13:27 +01:00
Owen Mansel-Chan
0d071b2119
Use depth for implicit field selection
2021-03-30 10:13:26 +01:00
Chris Smowton
204e313c3b
Improve documentation
2021-03-30 10:13:26 +01:00
Chris Smowton
6645613eb8
Deduplicate and document helper types
2021-03-30 10:13:25 +01:00
Chris Smowton
9a427931b7
Explicitly walk pointer types
...
In a previous draft these could use getBaseType*
2021-03-30 10:13:25 +01:00
Chris Smowton
660ba4e31c
Optimise selectorBase, similar to existing work on implicitFieldRead
2021-03-30 10:13:25 +01:00
Chris Smowton
8cde56dfc2
Neaten and fix documentation of selectorBase
2021-03-30 10:13:24 +01:00
Chris Smowton
9444774895
Add further hints that the range of possible addressed fields, and therefore the interesting selector expressions, are small
2021-03-30 10:13:24 +01:00
Chris Smowton
22a3fccf79
Use type to hint that constraining to embedded fields is a good first step
...
This improves the join order for `implicitFieldSelection`
2021-03-30 10:13:23 +01:00
Sauyon Lee
e1b4867a19
Refactor embedded field calculation to expose access chain
...
This allows us to reuse the embedded field calculation in the
logic for generating implicit field selection nodes.
2021-03-30 10:13:23 +01:00
Owen Mansel-Chan
c192a255c5
Add change note
2021-03-30 10:13:22 +01:00
Owen Mansel-Chan
f1b6139ace
Update expected results for ZipSlip to include implicit field reads
2021-03-30 10:13:22 +01:00
Owen Mansel-Chan
13cd19ee40
Make ImplicitFieldReadInstruction include implicit deref when needed
...
When an ImplicitFieldReadInstruction reads an embedded field which has
a pointer type, it now includes the implicit dereference.
It might be better to extend MkImplicitDeref to cover this case, so we have
an explicit instruction for this. Then it would be easier to see when
dereferences are happening, and hence when they might cause a nil pointer
dereference.
2021-03-30 10:13:22 +01:00
Owen Mansel-Chan
2d3caf48c1
Add implicit field reads for promoted fields
...
This may not work when the embedded fields are pointer types, as
we don't have anything corresponding to MkImplicitDeref
2021-03-30 10:13:21 +01:00
Owen Mansel-Chan
7ded91e81d
Make depth of promoted fields accessible
2021-03-30 10:13:21 +01:00
Owen Mansel-Chan
b6dddd36e1
Update FieldTarget.getBaseType()
...
It wasn't defined when `getBase()` was an EvalImplicitDerefInstruction.
Rewriting it like this means it should work no matter what type of
instruction `getBase()` is.
2021-03-30 10:13:20 +01:00
Owen Mansel-Chan
b32b3157d4
(Minor) Add missing this. to method call
2021-03-30 10:13:19 +01:00
Sauyon Lee
3045eec63d
Merge pull request #518 from smowton/smowton/fix/restore-extraction-under-codeql
...
Tolerate empty-string CODEQL_PLATFORM, and add smoke tests
2021-03-29 13:55:27 -07:00
Chris Smowton
87d8bc8d6f
Add basic extractor smoke test
...
This exercises the extractor via 'codeql', with and without tracing.
2021-03-29 14:53:44 +01:00
Chris Smowton
23b8af3a56
Tolerate empty-string CODEQL_PLATFORM
...
This is normal when invoked with tracing disabled, so we also don't log when this happens.
2021-03-29 11:34:50 +01:00
Chris Smowton
a8422ffe26
Merge pull request #517 from smowton/smowton/fix/restore-extraction-under-odasa
...
Unify two implementations of GetExtractorPath
2021-03-25 19:35:24 +00:00
Chris Smowton
aef0a07a50
Prefer CODEQL_* environment variables when set
2021-03-25 16:20:16 +00:00
Chris Smowton
244f66c358
Make diagnostics test platform-neutral
2021-03-25 14:44:18 +00:00
Chris Smowton
c2c88b0835
Unify two implementations of GetExtractorPath
...
This retains both their features:
* The new util.go one cached its result.
* The old go-autobuilder.go one worked under ODASA, where CODEQL_GO_EXTRACTOR_ROOT is unset but os.Executable is a useful substitute.
2021-03-25 11:24:39 +00:00
Aditya Sharad
a9235d4c76
Merge pull request #516 from github/adityasharad/actions/remove-docs-review-workflow
...
Actions: Remove docs-review workflow
2021-03-24 12:31:29 -07:00
Aditya Sharad
1937664c66
Actions: Remove docs-review workflow
...
Being replaced by internal automation that polls the repo for open labelled PRs, since this workflow currently cannot tag the docs team in a comment.
2021-03-24 11:25:08 -07:00
Tom Hvitved
ef50020cce
Merge pull request #514 from github/merge-rc/3.1
...
Merge branch 'rc/3.1' into 'main'
2021-03-23 10:28:50 +01:00
Tom Hvitved
e119e15f84
Merge branch 'rc/3.1' into 'main'
2021-03-23 09:10:20 +01:00
Sauyon Lee
5de362edd8
Merge pull request #510 from simon-engledew/patch-1
...
Add an example query for catching cases where defer is used in a loop.
2021-03-22 11:08:34 -07:00
Chris Smowton
af9c7c0dd9
Merge pull request #512 from smowton/smowton/admin/pick-performance-fix-onto-rc-31
...
Apply package perf fix to rc/3.1
2021-03-21 11:59:32 +00:00
Sauyon Lee
bcee55c402
Remove now-unnecessary bindingset annotations
2021-03-20 18:54:26 +00:00
Sauyon Lee
426a65b981
Restrict 'package' to real package paths
2021-03-20 18:54:26 +00:00
Simon Engledew
43b4cd69f8
Add review feedback
2021-03-19 14:21:45 +00:00
Simon Engledew
c6ae48f090
Create deferinloop.ql
...
Add example query for highlighting defers inside loops.
2021-03-19 13:16:21 +00:00
Sauyon Lee
d73d0f3b79
Merge pull request #499 from sauyon/extractor-profiling
...
Extract diagnostic information
2021-03-19 05:36:30 -07:00
Sauyon Lee
92c5999c4d
Update stats
2021-03-19 04:34:16 -07:00
Sauyon Lee
394feb03f1
Add tests for extractor diagnostics
2021-03-19 04:34:16 -07:00
Sauyon Lee
104b9cffbd
Extract extractor diagnostic information
2021-03-19 04:34:15 -07:00
Sauyon Lee
1ca2164058
Add GetExtractorPath util function
2021-03-19 04:34:14 -07:00
Sauyon Lee
95f93b8641
Add FileFor utility function for trap files
2021-03-19 04:34:14 -07:00
Sauyon Lee
d8885c580a
Add extractor diagnostic tables to the database
2021-03-19 04:34:13 -07:00
Sauyon Lee
25cc1b451d
Add support for float dbscheme columns
2021-03-19 04:30:01 -07:00
Sauyon Lee
104f58151c
Merge pull request #473 from sauyon/revel
...
Add models for Revel and HTML templates
2021-03-18 18:21:53 -07:00
Sauyon Lee
f2b390af5f
Force git not to modify line endings for HTML test files as well
2021-03-18 10:54:34 -07:00
Sauyon Lee
870fcb4531
Explicity pass working directory to index-files
2021-03-18 10:54:33 -07:00
Sauyon Lee
012825323d
Add change note
2021-03-18 10:54:33 -07:00
Sauyon Lee
68dca955a8
Rework tests and fix output
2021-03-18 10:54:32 -07:00
Sauyon Lee
c2321bd365
Add support for XSS sink kinds
2021-03-18 10:51:16 -07:00
Sauyon Lee
9f5a9cf7b8
Add HTTP template response body concept
2021-03-18 10:51:15 -07:00
Sauyon Lee
844f0e49a6
Add getEnclosingTextNode to template statements
2021-03-18 10:51:15 -07:00
Sauyon Lee
96d2777431
Add models for Revel raw templates
2021-03-18 10:51:14 -07:00
Sauyon Lee
4932574083
Add HTML template variable model
2021-03-18 10:51:14 -07:00
Sauyon Lee
e3f68771fc
Add VariableWithFields
2021-03-18 10:51:13 -07:00
Sauyon Lee
8438b893ec
Add HTML tracing capability
2021-03-18 10:51:12 -07:00
Sauyon Lee
ff2034d122
Merge pull request #506 from sn00pyd0g3/add-transport-roundtrip
...
Add Transport.RoundTrip()
2021-03-18 09:40:24 -07:00
sn00py
22c3110602
Update change-notes/2021-03-16-nethttp-updated.md
...
Co-authored-by: Sauyon Lee <sauyon@github.com >
2021-03-18 23:32:23 +08:00
snoopywu
4abf6bbbff
Merge branch 'add-transport-roundtrip' of https://github.com/sn00pyd0g3/codeql-go into add-transport-roundtrip
2021-03-16 23:55:16 +08:00
sn00py
263d813b58
Merge branch 'main' into add-transport-roundtrip
2021-03-16 23:54:53 +08:00
snoopywu
af60a448ad
Merge branch 'add-transport-roundtrip' of https://github.com/sn00pyd0g3/codeql-go into add-transport-roundtrip
2021-03-16 23:53:52 +08:00
snoopywu
161ce91159
Add changenote for #506
2021-03-16 23:51:26 +08:00
Chris Smowton
772b9b8178
Merge pull request #507 from owen-mc/cache-tcontrolflownode
...
Cache TControlFlowNode
2021-03-16 14:45:35 +00:00
Owen Mansel-Chan
f9c4e12c95
Make this. explicit
2021-03-16 13:40:58 +00:00
Owen Mansel-Chan
ea7ecbaa55
Add hint so optimizer doesn't choose bad join order
2021-03-16 13:40:58 +00:00
Owen Mansel-Chan
c940eb61e7
Cache TControlFlowNode
2021-03-16 13:40:58 +00:00
Chris Smowton
ea2b3906b9
Merge pull request #508 from sauyon/change-note-fix
...
Fix change note checker
2021-03-16 13:37:19 +00:00
Sauyon Lee
645e9867a4
Fix change note checker
2021-03-16 06:23:54 -07:00
sn00py
4318ffee3e
Merge branch 'main' into add-transport-roundtrip
2021-03-16 16:52:37 +08:00
Owen Mansel-Chan
8318dcf971
Merge pull request #502 from owen-mc/find-latest-codeql-cli-automatically
...
Find latest release of the CLI automatically
2021-03-16 06:22:50 +00:00
snoopywu
cee30cfde4
fix: autoformat
2021-03-16 01:43:33 +08:00
sn00py
00f12f9210
Update ql/src/semmle/go/frameworks/stdlib/NetHttp.qll
...
Co-authored-by: Sauyon Lee <sauyon@github.com >
2021-03-16 00:41:52 +08:00
Owen Mansel-Chan
52a535463d
Find latest release of the CLI automatically
...
Also download OS-specific zip files while we're at it.
There are two files in `codeql-win64.zip` called `codeql/codeql` and
`codeql/codeql.exe`. Because of the order they were put into the zip,
they come out in the order `codeql/codeql.exe` followed by
`codeql/codeql`, and something on Windows thinks that the second file
has the same name as the first. It's because it's trying to emulate
linux and running `codeql/codeql` could run either one of them. We need
to make sure we definitely have the `.exe` file, so we explicitly
extract it again afterwards. This workaround is already used in some
other places. The order that the zip file is made in has now been fixed
so this shouldn't be a problem for future releases, so this workaround
can be removed in future.
2021-03-15 09:25:51 +00:00
snoopywu
e1219480d8
Add Transport.RoundTrip()
2021-03-13 03:17:58 +08:00
Owen Mansel-Chan
4b004b8f25
Merge pull request #501 from owen-mc/add-problem-matchers-to-ci
...
Highlight error messages in CI
2021-03-12 15:22:33 +00:00
Cornelius Riemenschneider
1f4b91dcb0
Merge branch 'main' into add-problem-matchers-to-ci
2021-03-12 14:53:20 +01:00
Chris Smowton
c58ae845e0
Merge pull request #497 from sauyon/package-restrict
...
Fix performance issue with 'package'
2021-03-12 11:17:38 +00:00
Owen Mansel-Chan
ea7af2e4a2
Highlight error messages in CI
...
Copied problem-matchers from github/semmle-code, which is used for
running CI for github/codeql.
2021-03-11 17:14:38 +00:00
Owen Mansel-Chan
dcc1de4797
Merge pull request #500 from owen-mc/add-missing-qldoc
...
Add missing QLDoc for public declarations
2021-03-11 15:52:39 +00:00
Owen Mansel-Chan
5b09d35668
Add missing QLDoc for public declarations
2021-03-11 15:36:31 +00:00
Sauyon Lee
db20119267
Remove now-unnecessary bindingset annotations
2021-03-10 08:58:45 -08:00
Sauyon Lee
8ad1010860
Restrict 'package' to real package paths
2021-03-10 08:58:41 -08:00
Aditya Sharad
fecf265641
Merge pull request #496 from github/adityasharad/actions/docs-review-fix
...
Actions: Fix comment that tags the Docs team
2021-03-08 10:53:28 -08:00
Aditya Sharad
86052520a5
Actions: Fix comment that tags the Docs team
2021-03-08 09:18:59 -08:00
Chris Smowton
2752505e84
Merge pull request #495 from owen-mc/fix-evanphxjsonpatch-test
...
Model Apply methods correctly
2021-03-05 18:03:28 +00:00
Owen Mansel-Chan
0a48fef0e7
Model Apply methods correctly
...
They were accidentally modeled as functions
2021-03-05 15:55:44 +00:00
Aditya Sharad
769fddeb38
Merge pull request #491 from adityasharad/actions/docs-review
...
Actions: Add workflow to request docs review
2021-03-03 07:40:26 -08:00
Aditya Sharad
348f8c16d1
Actions: Add workflow to request docs review
...
When a PR is labelled with 'ready-for-docs-review',
this workflow comments on the PR to notify the GitHub CodeQL docs team.
Runs on `pull_request_target` events so it can write comments to the PR.
Since this runs in the context of the base repo, it must not check out the PR
or use untrusted data from the event payload.
2021-03-02 18:05:02 -08:00
Chris Smowton
530b791529
Merge pull request #490 from sauyon/gomoduleauto
...
Explicitly set GO111MODULE to auto
2021-03-01 12:45:39 +00:00
Sauyon Lee
0684143291
Merge pull request #483 from owen-mc/sync-dataflow-libraries
...
Sync dataflow libraries
2021-02-25 11:40:50 -08:00
Sauyon Lee
be14df042d
Explicitly set GO111MODULE to auto
2021-02-25 08:22:06 -08:00
Owen Mansel-Chan
f6ff3c009e
Merge branch 'main' into sync-dataflow-libraries
2021-02-24 14:14:44 +00:00
Owen Mansel-Chan
e1402b3881
Merge pull request #486 from owen-mc/add-missing-licences-for-stubbed-libraries
...
Add license files for stubbed dependencies
2021-02-23 18:32:42 +00:00
Owen Mansel-Chan
6c0fe2ed45
Merge branch 'main' into add-missing-licences-for-stubbed-libraries
2021-02-23 17:14:28 +00:00
Owen Mansel-Chan
b7323bf9b6
Merge pull request #487 from sauyon/add-shati
...
Add shati-patel to CODEOWNERS
2021-02-23 17:11:28 +00:00
Sauyon Lee
f3969372a4
Add shati-patel to CODEOWNERS
2021-02-23 09:00:10 -08:00
Owen Mansel-Chan
4728b7a866
Add license files for stubbed dependencies
2021-02-23 16:29:17 +00:00
Sauyon Lee
a4b701d2c5
Merge pull request #480 from sauyon/go116
...
Add preliminary support for go 1.16
2021-02-23 08:16:12 -08:00
Owen Mansel-Chan
7e37c2b63a
Merge pull request #485 from owen-mc/add-new-location-for-beego
...
Add new module path for beego and xmlpath
2021-02-23 11:06:47 +00:00
Owen Mansel-Chan
ff317e63de
Remove http:// in package path
2021-02-22 15:11:59 +00:00
Owen Mansel-Chan
f32b4883bf
Make use of URLs in comments more consistent
2021-02-22 15:08:20 +00:00
Owen Mansel-Chan
370afe3383
Fix incorrect calls to package()
2021-02-22 15:08:20 +00:00
Owen Mansel-Chan
083512acef
Add extra module path for xmlpath package
2021-02-22 15:08:20 +00:00
Owen Mansel-Chan
2bcf73c9fb
Add new module path for beego
...
Beego moved from astaxie/beego to beego/beego on 13 Dec 2020. The
old location still works but is not being updated.
2021-02-22 11:38:13 +00:00
Sauyon Lee
9e45b08178
Merge pull request #484 from sauyon/change-note-action
...
Actions: Add change note checker
2021-02-19 20:12:59 -08:00
Sauyon Lee
17cd04c6b2
Avoid attempting to build i386 darwin binaries
2021-02-19 10:20:29 -08:00
Sauyon Lee
65e6da9b0e
Actions: Add change note checker
...
Co-authored-by: Taus <tausbn@github.com >
2021-02-19 09:40:50 -08:00
Sauyon Lee
23103fd8e0
Add support for 'path/filepath.WalkDir'
2021-02-19 07:59:13 -08:00
Sauyon Lee
82849fe91a
Explicitly set GO111MODULE=off
2021-02-19 07:59:13 -08:00
Sauyon Lee
41cacd579f
Model moved io/ioutil functions
2021-02-19 07:59:12 -08:00
Sauyon Lee
4056ac4ab5
os.FileInfo -> io/fs.FileInfo
2021-02-19 06:25:52 -08:00
Sauyon Lee
adc2f08b76
Add tests for go 1.16 libraries
2021-02-19 06:25:51 -08:00
Sauyon Lee
a327fb7e97
Add support for go 1.16 frameworks
2021-02-19 06:25:51 -08:00
Owen Mansel-Chan
fbbe4692d8
Re-add call to defaultTaintSanitizerGuard()
2021-02-19 14:16:19 +00:00
Owen Mansel-Chan
1c1ebf817f
Rename default taint sanitizer predicate
...
`defaultTaintSanitizer()` is referenced in one of the files that
gets synced, so it is better for us to not change its name. We should
also keep `defaultTaintSanitizerGuard()` consistent.
2021-02-19 14:14:12 +00:00
Sauyon Lee
62ae3ec7c5
Add extractor test for go 1.16
2021-02-18 14:52:54 -08:00
Sauyon Lee
fc9bc68829
Add change note for go 1.16
2021-02-18 11:49:00 -08:00
Sauyon Lee
42939a70b8
Update go.mod to 1.16
2021-02-18 11:48:48 -08:00
Sauyon Lee
fee0355ea0
Update actions to use go 1.16
2021-02-18 11:48:36 -08:00
Owen Mansel-Chan
24d35c35a1
Add Unit class to DataFlowPrivate
2021-02-17 16:42:17 +00:00
Owen Mansel-Chan
4f55ecc995
Sync dataflow libraries
2021-02-17 16:32:16 +00:00
Sauyon Lee
e6d11fc99e
Merge pull request #475 from sauyon/yaml
...
Add models for gopkg.in/yaml
2021-02-16 15:11:47 +00:00
Chris Smowton
2be66d1d74
Merge pull request #479 from smowton/smowton/admin/add-missing-change-notes
...
Add missing change notes
2021-02-16 09:58:29 +00:00
Owen Mansel-Chan
1c6a68ae93
Merge pull request #478 from owen-mc/update-logrus-model
...
Simplify Logrus model
2021-02-16 07:35:44 +00:00
Sauyon Lee
1acbfaafcc
Add models for gopkg.in/yaml
2021-02-15 18:27:09 +00:00
Chris Smowton
95008d1ccb
Update change-notes/2021-02-09-html-templates.md
...
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com >
2021-02-15 14:39:24 +00:00
Chris Smowton
6f5f1c4829
Add missing change notes
2021-02-15 14:07:10 +00:00
Owen Mansel-Chan
46cc9e9fa4
Add change note
2021-02-15 13:51:01 +00:00
Owen Mansel-Chan
a2c0b6ade6
Merge pull request #464 from owen-mc/list-constants-sanitizers
...
List of constants sanitizer guards (switch statement in function only)
2021-02-15 11:39:40 +00:00
Owen Mansel-Chan
6d29a35ac9
Factor the duplicate code in LogCall
...
Co-authored-by: Chris Smowton <smowton@github.com >
2021-02-15 11:20:19 +00:00
Owen Mansel-Chan
68c54d43e6
Move code to TaintTrackingUtil.qll
2021-02-15 10:18:00 +00:00
Owen Mansel-Chan
ef94cde0b3
Simplify Logrus model
...
Make methods which add data to entries sinks in their own right, rather
than trying to track the data flow of the entry to a later logging call.
This may cause some false positives, but only in the situation that
tainted data is added to an entry and that entry is never logged. It will
save us from false negatives when tainted data is added to an entry
which flows across a function boundary to a logging call.
2021-02-15 09:18:34 +00:00
Owen Mansel-Chan
4a2a1871f7
Merge pull request #476 from owen-mc/model-zap
...
Model zap
2021-02-13 13:15:06 +00:00
luchua-bc
6bfe2f2ba6
Add more sinks
2021-02-11 17:53:42 +00:00
Owen Mansel-Chan
1dc474650a
Model zap
2021-02-11 14:35:36 +00:00
Chris Smowton
b9a1d9a17e
Merge pull request #474 from sauyon/update-codeql
...
Update actions codeql to 2.4.3
2021-02-11 12:34:51 +00:00
Chris Smowton
2d08173631
Merge pull request #442 from monkey-junkie/main
...
[CWE-369] Query for divide by zero detection
2021-02-11 12:11:45 +00:00
Chris Smowton
b84aef6b83
Prevent getACalleeSource() from sharing magic with other users of getASuccessor*
...
This avoids recursion through the magic side-condition as each discovery of a ListOfConstantsComparisonSanitizerGuard expands the set of things whose getASuccessor* is wanted, which in turn enlarges the set of transitive successors and causes getACalleeSource() to be pointlessly recomputed (pointlessly because all exprNode(getCalleeExpr())s were already computed)
2021-02-11 10:29:30 +00:00
luchua-bc
f1788ed04e
Revamp the query to handle more cases
2021-02-11 04:33:42 +00:00
Sauyon Lee
9452df1a5c
Update actions codeql to 2.4.3
2021-02-10 22:43:02 +00:00
Chris Smowton
617b5510d9
Merge pull request #465 from smowton/smowton/feature/less-equality-test-panic-edges
...
Remove panicking edges leading from an equality test where possible
2021-02-10 08:20:27 +00:00
user
c29ab8958f
tests and docs updated
2021-02-10 00:26:46 +03:00
Your Name
4b24e5641e
formatting + example
...
fix
test fix
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.qhelp
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.qhelp
Co-authored-by: Chris Smowton <smowton@github.com >
2021-02-10 00:26:46 +03:00
Your Name
bd09868686
test fixed, comments added
...
Update ql/src/experimental/CWE-369/DivideByZero.qhelp
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.qhelp
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.qhelp
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
2021-02-10 00:26:46 +03:00
Your Name
8c5e0a42b3
test fixed
...
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
2021-02-10 00:26:40 +03:00
Your Name
41e808dab4
conversion detect + tests
2021-02-10 00:26:40 +03:00
Your Name
a77f36fba8
formatting fix
...
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
Update ql/src/experimental/CWE-369/DivideByZero.ql
Co-authored-by: Chris Smowton <smowton@github.com >
2021-02-10 00:26:33 +03:00
Chris Smowton
ef658b292a
Fix join order for ListOfConstantsComparisonSanitizerGuard
2021-02-09 19:42:23 +00:00
Chris Smowton
1b9abc5310
Merge pull request #470 from sauyon/go116flagadd
...
Add -overlay to recognized go build flags
2021-02-09 18:31:41 +00:00
Sauyon Lee
8c60c614db
Add -overlay to recognized go build flags
2021-02-09 17:09:48 +00:00
Owen Mansel-Chan
abf59ec98f
Merge pull request #469 from github/owen-mc-code-owners-file
...
Create CODEOWNERS
2021-02-09 17:04:29 +00:00
Owen Mansel-Chan
5cab5b2912
Create CODEOWNERS
...
This is so that `@codeql-go` is automatically suggested as a reviewer for PRs
2021-02-09 17:02:29 +00:00
Chris Smowton
9a919cc6c8
Merge pull request #466 from smowton/smowton/fix/remove-html-template-models
...
Remove models for html/template execution
2021-02-09 11:55:13 +00:00
Chris Smowton
02d21cfce8
Remove models for html/template execution
...
These escape HTML and JavaScript anyhow; because they don't write to their return value they don't quite fit the form of EscapeFunction, so to be expedient I've simply removed their models entirely. Presumably the case where someone HTML-templates something and then uses it for a purpose where HTML sanitisation is insufficient is very rare anyhow.
2021-02-08 19:55:04 +00:00
Sauyon Lee
a325161819
Merge pull request #455 from sauyon/insecure-rng
...
Promote Insecure RNG Query
2021-02-06 08:42:26 -08:00
Sauyon Lee
00e5b7cdfc
InsecureRNG: Select first result in fn only
2021-02-05 22:51:09 -08:00
Chris Smowton
42ff256c42
Remove panicking edges leading from an equality test where possible
...
These exist because an equality comparison of explicitly-incomparable interface values can panic, as can comparisons of arrays or structs containing them. Other type comparisons cannot panic.
2021-02-04 15:58:54 +00:00
Owen Mansel-Chan
d75cc40483
Make test with multiple switch statements pass
...
Made various changes to make it work when there are multiple
switch statements.
Also addressed performance problems.
2021-02-04 14:30:06 +00:00
Owen Mansel-Chan
36fafadda5
Add fallthrough statements to switch statement tests
2021-02-03 15:26:07 +00:00
Owen Mansel-Chan
a7545cd11b
Add test with multiple switch statements
2021-02-03 14:38:53 +00:00
Owen Mansel-Chan
760d89b0d3
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2021-02-03 14:34:28 +00:00
Owen Mansel-Chan
5ec25de1fc
Add change note
2021-02-02 16:27:44 +00:00
Owen Mansel-Chan
08c59f0f48
Add a default sanitizer guard for list of constants comparison
...
Currently it only deals with the case of a switch statement in
a function.
2021-02-02 16:25:25 +00:00
Owen Mansel-Chan
4c30ed9054
Add predicate to get return statement from return instruction
2021-02-02 15:57:02 +00:00
Owen Mansel-Chan
c4eaf791e6
Add predicate for cast test passing edge in switch statement
2021-02-02 15:57:02 +00:00
Owen Mansel-Chan
dd079d4e51
(clean-up) Make use of this explicit
2021-02-02 11:04:16 +00:00
Owen Mansel-Chan
f279fa17af
(clean-up) Move comment
2021-02-02 11:03:52 +00:00
Sauyon Lee
73dc135480
Move insecure randomness query to cwe-338
...
Also give it a precision
2021-02-02 08:04:12 +00:00
Sauyon Lee
82bd293e5c
Polish insecure randomness query
2021-02-02 08:04:11 +00:00
Sauyon Lee
cfb9593af8
Move InsecureRandomness out of experimental
2021-02-01 15:54:51 +00:00
Sauyon Lee
48a52cfd2f
Merge pull request #437 from sauyon/goproxy
...
Model elazarl/goproxy
2021-01-28 06:05:52 +00:00
Chris Smowton
93aaa74c8c
Merge pull request #451 from sauyon/gokit
...
Add gokit models
2021-01-27 17:47:22 +00:00
Sauyon Lee
fb84df241a
Add change note for goproxy modeling
2021-01-27 17:38:23 +00:00
Sauyon Lee
53b468174f
Make InsecureHostnameRegex check for rejecting handlers
2021-01-27 17:38:22 +00:00
Sauyon Lee
4712afae83
Add models for github.com/elazarl/goproxy
2021-01-27 17:38:02 +00:00
Sauyon Lee
b0ddf4b68b
Add model for net/http.Error
2021-01-27 17:38:02 +00:00
Sauyon Lee
bf9bba79c2
Add getHeaderValue predicate to HTTP::HeaderWrite
2021-01-27 17:38:01 +00:00
Sauyon Lee
39c33c5db1
Add HTTP handler concept
2021-01-27 17:38:01 +00:00
luchua-bc
8ed2bc59ad
Add the c# program to src and address the issue with algorithm type
2021-01-26 17:29:52 +00:00
Owen Mansel-Chan
b76ff0d233
Merge pull request #461 from owen-mc/avoid-unused-barrier-guards-in-scope
...
Move reused barrier guards into separate files
2021-01-26 06:08:29 +00:00
Owen Mansel-Chan
bf0f0aff5e
Move reused barrier guards into separate files
...
This way only the barrier guards that are used will be imported.
This is important because of the comment above BarrierGuard, which
warns about the potential danger of having classes that extend
BarrierGuard in scope which are not used.
2021-01-25 17:07:18 +00:00
Owen Mansel-Chan
e55db63184
Merge pull request #462 from owen-mc/make-path-containment-check-more-specific
...
Make PathContainmentCheck more specific
2021-01-25 16:46:33 +00:00
Sauyon Lee
3ed9e66c7a
Add gokit models
2021-01-25 08:15:14 -08:00
Owen Mansel-Chan
71d52500f7
Make PathContainmentCheck more specific
...
Recent changes to Property.checkOn mean that in the code
err == nil && <unrelated-condition>
PathContainmentCheck matches the first condition and the whole &&
expression. Originally it would have only matched the first condition,
and this commit restores that behaviour. This pattern appears 3 times in
the tests, which all still pass.
2021-01-25 15:05:57 +00:00
Max Schaefer
bc74bcec21
Merge pull request #459 from owen-mc/update-barrier-guard-comment
...
Make comment on BarrierGuard more specific
2021-01-25 14:34:20 +00:00
Owen Mansel-Chan
f8c3fbf845
Merge pull request #454 from owen-mc/default-taint-sanitizer-guard-equality-test-guard
...
Make EqualityTestGuard a default taint sanitizer guard
2021-01-25 14:24:08 +00:00
Owen Mansel-Chan
06c6ceda50
Make comment on BarrierGuard more specific
...
The problem that this comment is trying to warn about is the following:
say you have two subclasses of BarrierGuard BG1 and BG2, both of which
contain some node g. Also assume that you have a configuration C which
specifies BG1 as a barrier guard, but not BG2. Because g is contained in
both classes, you will then still get the barrier guard definition from
BG2 due to the way dynamic dispatch works in QL.
2021-01-25 13:16:23 +00:00
Owen Mansel-Chan
8acf572283
Add change note
2021-01-22 17:38:26 +00:00
Owen Mansel-Chan
71f2ed36f2
Make EqualityTestGuard a default taint sanitizer guard
...
It will apply to all configurations, not just those involving Xss.
2021-01-22 17:38:26 +00:00
Owen Mansel-Chan
7dfe5d9f07
Merge pull request #457 from owen-mc/cleanup-avoid-code-duplication
...
Reuse existing class instead of repeating it
2021-01-21 10:56:14 +00:00
Owen Mansel-Chan
7f00ab1f08
Merge pull request #456 from owen-mc/add-guarding-function-test
...
Add tests for guarding functions proxied by a variable
2021-01-21 10:55:54 +00:00
Your Name
ad22445d16
refactor
2021-01-21 01:52:00 +03:00
monkey-junkie
c8da633d7b
Update ql/src/experimental/CWE-369/DivideByZero.ql
...
Co-authored-by: Chris Smowton <smowton@github.com >
2021-01-21 00:54:00 +03:00
Owen Mansel-Chan
7339f3e095
Reuse existing class instead of repeating it
...
This is already done elsewhere.
2021-01-20 16:11:33 +00:00
Owen Mansel-Chan
b623a4c8ec
Add tests for guarding functions proxied by a variable
...
Negation doesn't appear to be handled correctly, so one
of the lines is marked as a false positive.
2021-01-20 14:36:53 +00:00
luchua-bc
46fd5bd92e
Move test files to the test folder
2021-01-20 03:51:46 +00:00
Owen Mansel-Chan
e2a79f400e
Make use of this explicit
...
It makes it easier to understand the code.
2021-01-19 15:55:02 +00:00
Owen Mansel-Chan
903ff33b0d
Add class for default taint sanitizer guards
...
This allows us to specify taint sanitizer guards that apply in
all configurations.
2021-01-18 10:51:59 +00:00
Owen Mansel-Chan
83c26a3594
Improve predicate name
...
Renamed `defaultTaintSanitizer` to `isDefaultTaintSanitizer`.
2021-01-18 10:50:26 +00:00
Your Name
3251fb5c07
updated
2021-01-18 02:37:53 +03:00
Owen Mansel-Chan
fbe0474d0c
Merge pull request #453 from owen-mc/update-architectures
...
Update Architectures.qll
2021-01-15 16:01:52 +00:00
Owen Mansel-Chan
6219a28b13
Update Architectures.qll
2021-01-15 14:01:01 +00:00
Owen Mansel-Chan
2f9c1a6049
Merge pull request #452 from owen-mc/package-path
...
Use `package()` for package paths not in the standard library
2021-01-15 07:25:06 +00:00
Owen Mansel-Chan
5e2c066e8b
Use package() for package paths not in the standard library
...
This has the advantage that it deals with versioning. For example,
`package("a.io", "b")` matches "a.io/v2/b"
as well as "a.io/b".
At the same time I have created `packagePath()` predicates where they
seemed useful and tried to standardise them a bit.
2021-01-14 17:11:23 +00:00
Owen Mansel-Chan
62052a8772
Merge pull request #449 from owen-mc/model-couchbase-gocb
...
Model Couchbase Go library
2021-01-14 17:00:05 +00:00
Owen Mansel-Chan
a6b5e8b1db
Remove distinct between package paths for v1 and v2
2021-01-14 15:48:21 +00:00
Owen Mansel-Chan
5cd984f3ca
Merge pull request #450 from owen-mc/misc
...
Miscellaneous clean-ups
2021-01-13 12:33:21 +00:00
Owen Mansel-Chan
b5dfef894b
Add change note
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
d8105a5be0
Add tests for Couchbase v2 NoSQL queries
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
b02fc16dfc
Add tests for Couchbase v1 NoSQL queries
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
2ee20b3026
Add tests for Couchbase v1
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
d2164e16d1
Switch NoSQL tests to use inline expectations
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
a5ac947d16
Model Couchbase v2 NoSQL queries
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
7fc88ad85b
Model Couchbase v1 NoSQL query sinks
2021-01-13 09:18:54 +00:00
Owen Mansel-Chan
a973ce4539
Model Couchbase gocb v1
2021-01-13 09:18:54 +00:00
luchua-bc
07f45a51f8
Query to detect hash without salt
2021-01-13 02:49:00 +00:00
Owen Mansel-Chan
9a51de56de
Add comment explaining \Q and \E in regex
2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
9236ad752b
Improve formatting and style in Gin.qll
2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
71774ed2d4
Remove redundant code
...
RawMessage implements Marshaler and Unmarshaler, so these methods are
covered by the two sections below
2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
57ee3a8a64
Use set literal
2021-01-12 16:56:04 +00:00
Owen Mansel-Chan
fe1f08fb12
Use existing predicate
...
There already exists the predicate
implements(string pkg, string tp, string name)
which does exactly what this code does
2021-01-12 16:55:51 +00:00
Sauyon Lee
3f1197d605
Merge pull request #448 from sauyon/autoformat
...
Autoformatter update
2021-01-12 14:29:45 +00:00
Sauyon Lee
c11028229a
Bump codeql version
2021-01-12 13:15:31 +00:00
Sauyon Lee
7a4dbc6fa7
Autoformatter update
2021-01-12 13:13:15 +00:00
Chris Smowton
c79e4f7836
Merge pull request #447 from smowton/smowton/admin/git-change-note
...
Add change-note for addition of `git` to the list of known interpreters for the go/command-injection query
2021-01-12 11:33:49 +00:00
Chris Smowton
a9cff82161
Add change-note for addition of git to the list of known interpreters for the go/command-injection query.
2021-01-11 18:48:54 +00:00
Chris Smowton
45635b67c6
Merge pull request #445 from smowton/smowton/feature/git-as-shell
...
Add 'git' as a possible command-interpreter, unless arguments are sanitized using "--"
2021-01-07 15:01:25 +00:00
Chris Smowton
83cee4a334
Add 'git' as a possible command-interpreter, unless arguments are sanitized using "--"
...
This is because some git flags can specify arbitrary commands to execute, but its positional arguments cannot, and "--" like in many commands instructs git to consume no further flags.
2021-01-07 11:54:41 +00:00
Chris Smowton
2dffd3e261
Merge pull request #443 from smowton/smowton/admin/missing-change-notes-2021-01
...
Add change-notes for recent PRs that were missing them
2021-01-05 11:41:35 +00:00
Chris Smowton
e6327f502c
Merge pull request #444 from smowton/smowton/admin/merge-rc-126
...
Merge rc/1.26 back into `main`
2021-01-05 11:40:34 +00:00
Chris Smowton
19921ed115
Add change-notes for recent PRs that were missing them
2021-01-05 11:39:26 +00:00
Chris Smowton
2b608e5822
Merge remote-tracking branch 'origin/rc/1.26' into HEAD
2021-01-04 15:32:15 +00:00
monkey-junkie
de566da91c
Update DivideByZero.ql
2021-01-03 00:55:10 +03:00
monkey-junkie
d81ec15990
Update DivideByZeroBad.go
2021-01-03 00:54:42 +03:00
Your Name
4b36a62834
divide by zero rule
2021-01-03 00:51:34 +03:00
Sauyon Lee
ace9271cc4
Merge pull request #441 from twpayne/contributing-building-and-testing
...
Docs: Add building and testing to contributing guide
2020-12-29 11:13:37 -08:00
Tom Payne
06721ce189
Docs: Add building and testing to contributing guide
2020-12-29 00:28:17 +01:00
Sauyon Lee
2ba26f69c0
Merge pull request #440 from twpayne/regexp-anchors
...
Support more regexp anchors
2020-12-23 11:42:06 -08:00
Tom Payne
9bbdf86487
Support more regexp anchors
2020-12-23 14:04:33 +01:00
Chris Smowton
5647a47bd4
Merge pull request #436 from sauyon/InVisionApp/main
...
Refactor HTTP tests
2020-12-18 12:08:46 +00:00
Jason Rogers
baa169cc77
Refactored HTTP tests
...
This will align test location with the library.
2020-12-17 08:10:06 -08:00
Owen Mansel-Chan
e3d0ccabae
Merge pull request #435 from owen-mc/use-implements-where-possible
...
Use `implements` for interface methods
2020-12-17 16:02:14 +00:00
Owen Mansel-Chan
d184f245ed
Use implements for interface methods
...
This means we will find more things.
2020-12-17 12:42:18 +00:00
Owen Mansel-Chan
dcb6cc3a7c
Merge pull request #434 from owen-mc/model-kubernetes-secret
...
Model Secret and SecretList from k8s.io/api/core/v1
2020-12-16 17:17:21 +00:00
Chris Smowton
8060993b3b
Merge pull request #430 from smowton/smowton/feature/model-beego-orm
...
Model the Beego ORM subpackage
2020-12-16 16:08:18 +00:00
Owen Mansel-Chan
0cb0879381
Model Secret and SecretList from k8s.io/api/core/v1
2020-12-16 16:03:48 +00:00
Chris Smowton
44a63b2f94
Model the Beego ORM subpackage
2020-12-16 14:39:58 +00:00
Owen Mansel-Chan
87f2cad475
Merge pull request #427 from owen-mc/model-kubernetes-secret
...
Model kubernetes SecretInterface
2020-12-15 17:12:45 +00:00
Chris Smowton
de93b59245
Merge pull request #419 from smowton/smowton/feature/model-beego
...
Model Beego web framework
2020-12-15 16:15:59 +00:00
Owen Mansel-Chan
0980a50627
Remove erroneous import from stub
2020-12-15 16:00:58 +00:00
Owen Mansel-Chan
676ca529b5
Add tests
2020-12-15 16:00:58 +00:00
Owen Mansel-Chan
6ca2e0e38e
Add SecretInterface as source for cleartext logging query
2020-12-15 16:00:58 +00:00
Owen Mansel-Chan
8fd055bc60
Model SecretInterface from k8s.io/client-go/kubernetes/typed/core/v1
2020-12-15 16:00:51 +00:00
Chris Smowton
8e7abbac0a
Model Beego web framework
...
This excludes the ORM, email and validation components, which I will follow up with seperately.
2020-12-15 14:04:36 +00:00
Chris Smowton
8b6f229bd3
SafeUrlFlow: allow libraries to add sources
2020-12-15 14:01:59 +00:00
Sauyon Lee
3617a801db
Merge pull request #429 from sauyon/smowton/admin/refactor-http-module
...
Refactor HTTP module
2020-12-14 09:25:43 -08:00
Jason Rogers
3a83fbd765
Refactor HTTP module
...
This makes it easier to identify related classes and support future expansion.
2020-12-14 07:16:24 -08:00
Owen Mansel-Chan
e4316768ef
Merge pull request #426 from owen-mc/model-k8s-io-apimachinery-pkg-runtime
...
Model k8s.io/apimachinery/pkg/runtime
2020-12-09 09:16:47 +00:00
Owen Mansel-Chan
c17f1618e0
Add change note
2020-12-09 06:45:08 +00:00
Owen Mansel-Chan
4d3eb47784
Fix stubbing
...
Depstubber can only stub one package at a time. We have to do some
manual editing to make a stubbed package use another stubbed package.
2020-12-09 06:45:08 +00:00
Owen Mansel-Chan
e5fb401d50
Model runtime
2020-12-09 06:45:08 +00:00
Owen Mansel-Chan
290a4dcdf4
Merge pull request #414 from owen-mc/model-evanphx-json-patch
...
Model evanphx/json-patch
2020-12-08 17:36:10 +00:00
Owen Mansel-Chan
0b50ee7755
Change to Inline Expectations Test
2020-12-08 16:38:13 +00:00
Owen Mansel-Chan
e786fa07ee
Add change note
2020-12-08 16:15:01 +00:00
Owen Mansel-Chan
5ebd637ca7
Model evanphx/json-patch
2020-12-08 16:15:01 +00:00
Chris Smowton
6b8003b0f2
Merge pull request #420 from smowton/smowton/admin/upgrade-codeql-240-and-autoformat
...
Upgrade CI toolchain to CodeQL 2.4.0
2020-12-07 14:16:19 +00:00
Chris Smowton
563f74bd45
Upgrade CI toolchain to CodeQL 2.4.0
...
Also reformat code (the autoformatter has changed slightly)
2020-12-07 12:35:07 +00:00
Chris Smowton
a794e05c74
Merge pull request #417 from smowton/smowton/fix/reduce-symlink-loop-finding-cost
...
Unsafe-unzip-symlinks: reduce cost of `getAnEnclosingLoop`
2020-12-03 12:21:38 +00:00
Chris Smowton
c1669d732b
Unsafe-unzip-symlinks: reduce cost of getAnEnclosingLoop
...
This used to get the closest enclosing loops of all expressions; now it is restricted to those surrounding interesting expressions.
2020-12-02 14:33:38 +00:00
Chris Smowton
f9fc01bd73
Merge pull request #415 from smowton/smowton/feature/errorf-returns-non-nil
...
Note that `fmt.Errorf` returns non-nil
2020-12-01 12:04:23 +00:00
Chris Smowton
63079b3e9d
Merge pull request #416 from smowton/smowton/admin/cherrypick-suspicious-char-fix
...
Cherry-pick #395 (suspicious-char-in-regex FP fix) onto rc/1.26
2020-12-01 11:45:14 +00:00
Owen Mansel-Chan
8c33979425
Merge pull request #388 from owen-mc/untrusted-data-flow-to-external-api
...
Untrusted data flow to external API
2020-12-01 11:25:58 +00:00
Sauyon Lee
b2ae6550ec
Add additional tests for suspicious character in regexp regexp
2020-11-30 19:15:17 +00:00
Sauyon Lee
09d41952dc
SuspiciousCharacterInRegexp: Add fix for raw string literals
2020-11-30 19:15:17 +00:00
Sauyon Lee
568b365575
Add isRaw to StringLit
2020-11-30 19:15:17 +00:00
Chris Smowton
5d17b27770
Note that fmt.Errorf returns non-nil
...
This enables recognising more guarding functions that return nil/non-nil conditional on a barrier guard.
2020-11-30 19:10:58 +00:00
Chris Smowton
3338a0b10d
Merge pull request #402 from smowton/smowton/feature/zipslip-more-generous-sanitisers
...
ZipSlip: redefine sources closer to their origin, and make sanitizers more generous
2020-11-27 18:25:07 +00:00
Owen Mansel-Chan
bfbf102408
Remove restriction on void and boolean-returning methods
...
When the taint was in the receiver, we were excluding methods which
return nothing or a boolean.
2020-11-27 16:51:24 +00:00
Owen Mansel-Chan
7730d66d76
Apply suggestions from code review
...
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com >
2020-11-27 16:17:54 +00:00
Chris Smowton
70015b2c32
Add tests for zipslip using a utility function to check that the archive header is safe
...
Note this currently contains some cases that are safe but are still flagged, because of weaknesses in the guardingFunction predicate.
2020-11-27 15:11:57 +00:00
Sauyon Lee
627241aaa5
Merge pull request #401 from sauyon/stored-command
...
Add stored command query
2020-11-27 06:37:02 -08:00
Chris Smowton
1eb8fff7e1
ZipSlip: redefine sources closer to their origin, and make sanitizers more generous.
...
Previously we considered certain fields of `tar` or `zip` file headers to be sources, but this meant subsequent references to the same field were not considered sanitized. For example, at least some real-world projects used a pattern like `if isIllegalPathTraversal(hdr.Name) { return nil; } ... /* other code using hdr.Name */`. By associating a source with the field-read `.Name` rather than the header itself, we were unable to see that the subsequent read was guarded by the sanitizer function.
Relatedly, it is common to use some intermediary taint-propagating function, as in `clean(s string) { if strings.HasPrefix("..", filepath.Clean(filepath.Join(target, s))) ...`, in the implementation of a sanitizer. We now follow the taint propagation (locally) backwards towards the function parameter, marking the predecessor functions and ultimately the parameter `s` as sanitized in addition to the direct argument to `strings.HasPrefix`. Existing sanitizing-function logic can then sometimes lift this out into the caller too.
2020-11-27 13:57:25 +00:00
Chris Smowton
f775adf306
Merge pull request #404 from smowton/smowton/feature/improved-guarding-function
...
Recognise many more guarding functions
2020-11-27 13:56:31 +00:00
Chris Smowton
c6f14de065
Merge pull request #413 from smowton/smowton/admin/document-cond-root-etc
...
Clarify naming and add documentation around `hasSemantics` and cousins
2020-11-26 16:59:07 +00:00
Owen Mansel-Chan
0ee00d8647
Apply suggestions from code review
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-11-26 16:49:02 +00:00
Owen Mansel-Chan
bf78189e21
Make two separate queries
2020-11-26 14:59:13 +00:00
Owen Mansel-Chan
dec7967c7a
Update qhelp files
2020-11-26 14:57:56 +00:00
Owen Mansel-Chan
e7697963d3
Exclude local function pointers
2020-11-26 14:57:56 +00:00
Owen Mansel-Chan
05fe388ba3
Mark hashing functions as safe
...
See https://github.com/github/codeql-go-team/issues/219 for issue to
model this better
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
d3bef7fc4f
Model safe external APIs
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
4184a6ecd8
Add testing frameworks
...
Add "github.com/golang/mock/gomock", several packages under
"github.com/stretchr/testify", £gotest.tools/assert",
"k8s.io/client-go/testing" and "testing"
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
410cf49af8
Shorten function using set literal
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
18c66e84f7
Make more package paths accessible
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
171e433593
Exclude test files
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
fe5822ae3a
Exclude functions in packages which have some modeled functions
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
ff542508aa
Exclude sinks from common queries
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
b698276e3a
Update function name to give better text output
2020-11-26 14:57:55 +00:00
Owen Mansel-Chan
50a32f47d5
First draft
2020-11-26 14:57:50 +00:00
Chris Smowton
fb814e949d
Clarify naming and add documentation around hasSemantics and cousins
2020-11-26 13:34:58 +00:00
Chris Smowton
2377337564
Treat functions that directly return a BarrierGuard like BarrierGuards themselves
2020-11-26 13:27:53 +00:00
Chris Smowton
387a13f22a
Add support for barrier guards in functions that indicate success by returning nil
...
Typically these are returning a nil error when sanitization succeeds.
2020-11-24 12:39:05 +00:00
Chris Smowton
7bbf9ed860
Merge pull request #410 from github/lgtm.com
...
Merge lgtm.com into main
2020-11-23 17:17:42 +00:00
Chris Smowton
ed6804859a
Merge pull request #409 from smowton/smowton/admin/missing-change-notes-rc126
...
Add change notes for PRs that omitted them
2020-11-23 11:11:56 +00:00
Sauyon Lee
0bf09307cf
Add StoredCommand query
2020-11-23 02:11:44 -08:00
Chris Smowton
62c51f9125
Merge pull request #408 from smowton/smowton/admin/add-missing-doc-strings
...
Add docstrings to all public elements
2020-11-20 17:37:47 +00:00
Chris Smowton
e241f8469b
Add change notes for PRs that omitted them
2020-11-20 16:15:12 +00:00
Chris Smowton
af432c71ff
Add docstrings to all public elements.
2020-11-20 15:35:42 +00:00
Sauyon Lee
793d6f6053
Merge pull request #399 from sauyon/stored-xss
...
Add stored XSS query
2020-11-19 23:23:21 -08:00
Chris Smowton
93a7cc944a
Merge pull request #403 from smowton/smowton/fix/type-assertion-dataflow
...
Add data-flow edge `from -> to` in the context `to, ok := from.(*Type)`
2020-11-19 16:13:55 +00:00
Chris Smowton
c93b2b709d
Merge pull request #407 from smowton/smowton/fix/isunreachableincall-slowness
...
Improve join order in `isUnreachableInCall`
2020-11-19 11:22:48 +00:00
Chris Smowton
38e383858e
Merge pull request #394 from smowton/smowton/feature/unsafe-unzip-symlink
...
Add query checking for unpacking of symlinks without using EvalSymlinks to spot existing ones.
2020-11-18 19:10:18 +00:00
Chris Smowton
d1f607ccd8
Improve join order in isUnreachableInCall
2020-11-18 19:06:52 +00:00
Owen Mansel-Chan
7433d448d9
Merge pull request #406 from owen-mc/update-dataflow-libs-2
...
Update dataflow libs 2
2020-11-17 21:17:52 +00:00
Chris Smowton
3d8470e1e2
Add and use TypeCastNode::getResultType
...
This can differ from `getType` when a `TypeAssertExpr` returns a (result, ok) pair.
2020-11-17 16:03:33 +00:00
Owen Mansel-Chan
ce67418cdc
Update tests
...
These changes match those in https://github.com/github/codeql/pull/4440
2020-11-17 15:48:50 +00:00
Owen Mansel-Chan
d3154d0aa7
Sync dataflow libraries
...
`make sync-dataflow-libraries`
2020-11-17 15:48:50 +00:00
Owen Mansel-Chan
4bfe088c0f
Update dataflow branch from master to main
2020-11-17 15:48:50 +00:00
Chris Smowton
1d850873f3
Add data-flow edge from -> to in the context to, ok := from.(*Type)
2020-11-17 10:59:59 +00:00
Chris Smowton
79c010a601
Move unsafe-unzip-symlink query into qll file and give it customization points.
2020-11-16 09:57:26 +00:00
Chris Smowton
500d78dafa
Include os.Readlink as a probable sanitiser.
...
A couple of projects seem to walk links one unit at a time, rather than just throwing `EvalSymlinks` at the whole potentially suspect path.
2020-11-16 09:57:26 +00:00
Chris Smowton
2193642c6e
Expand query to notice Symlink and archive iterator calls that do not directly share a loop
...
We look across function-call boundaries to check there is some common enclosing loop, but false-positives are more likely if in practice there is no control-flow path from the archive iterator to the Symlink call and back.
2020-11-16 09:57:26 +00:00
Chris Smowton
1a2c209259
Add query checking for unpacking of symlinks without using EvalSymlinks to spot existing ones.
...
This is usually dangerous because (if the archive is untrusted) the intent is usually to permit within-archive symlinks, e.g. dest/a/parent -> .. -> dest/a is an acceptable link to unpack. However if EvalSymlinks is not used to take already-unpacked symlinks into account, it becomes possible to sneak tricks like dest/escapes -> dest/a/parent/.. through, which create links leading out of the archive for later abuse.
2020-11-16 09:57:26 +00:00
Chris Smowton
43f9351094
Merge pull request #405 from igfoo/igfoo/portability
...
Use more portable syntax in codeql-tools/autobuild.sh
2020-11-13 14:59:54 +00:00
Ian Lynagh
f5223bae4c
Use more portable syntax in codeql-tools/autobuild.sh
2020-11-13 14:30:04 +00:00
Sauyon Lee
7279d4090d
Apply suggestions from code review
...
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com >
2020-11-12 21:26:53 -08:00
Sauyon Lee
f129949a38
Apply review comments
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-11-11 23:49:23 -08:00
Sauyon Lee
efddef7fa2
Add tests for stored XSS query
2020-11-11 23:13:12 -08:00
Sauyon Lee
d517125507
Add tests for SQL framework
2020-11-11 23:13:12 -08:00
Sauyon Lee
30b17d9762
Add StoredXSS query
2020-11-11 23:13:11 -08:00
Sauyon Lee
36bbf1eeb9
Improve models for database/sql
2020-11-11 22:10:16 -08:00
Chris Smowton
82a5b5f264
Merge pull request #369 from sauyon/checkdeps
...
Check dependencies before skipping dependency installation
2020-11-11 09:54:33 +00:00
Chris Smowton
04cec8b542
Merge pull request #400 from sauyon/autoformat
...
Autoformat tests
2020-11-11 09:51:50 +00:00
Nick Rolfe
c7e03cbd98
Merge pull request #398 from github/nickrolfe/getFileBySourceArchiveName
...
Replace getEncodedFile with getFileBySourceArchiveName predicate
2020-11-10 18:19:00 +00:00
Sauyon Lee
5a9b8a5465
Autoformat
2020-11-10 09:35:29 -08:00
Sauyon Lee
80c2fcdbb8
Autoformat tests
2020-11-10 09:35:16 -08:00
Nick Rolfe
17b6401c22
Replace getEncodedFile with getFileBySourceArchiveName predicate
...
While also making it work with paths for databases created on Windows.
2020-11-10 16:43:21 +00:00
Chris Smowton
235b7c0bc5
Merge pull request #395 from sauyon/regexp
...
SuspiciousCharacterInRegexp: Add fix for raw string literals
2020-11-10 12:18:38 +00:00
Sauyon Lee
0950baf4b7
Add additional tests for suspicious character in regexp regexp
2020-11-09 10:36:27 -08:00
Sauyon Lee
eb26b0abd1
SuspiciousCharacterInRegexp: Add fix for raw string literals
2020-11-09 10:10:47 -08:00
Sauyon Lee
52d253a95b
Add isRaw to StringLit
2020-11-09 10:08:51 -08:00
Chris Smowton
33f43626b3
Merge pull request #396 from sauyon/remove-code-scanning
...
Remove code scanning temporarily
2020-11-09 10:58:55 +00:00
Sauyon Lee
920f7153c8
autobuilder: Add dependency check
...
Sometimes build scripts succeed without installing dependencies, for
example if they are unrelated to Go or if they simply always exit
successfully. Therefore, added a check that dependencies at least
resolve before skipping dependency installation.
2020-11-09 02:13:48 -08:00
Sauyon Lee
4a53bfdebf
autobuilder: Only set mod mode when go.mod exists
2020-11-09 02:13:47 -08:00
Sauyon Lee
cc0a40e712
Remove code scanning until build tracing is implemented.
2020-11-09 02:11:05 -08:00
Chris Smowton
0938437d13
Merge pull request #373 from smowton/smowton/feature/golang-x-net-html
...
Add models for the read side of golang.org/x/net/html
2020-11-06 16:20:45 +00:00
Calum Grant
b54e76bdc7
Merge commit '3c84f11d5bf344cf5a667a04ccabcfb30f677c9c' into lgtm.com
...
# Conflicts:
# extractor/cli/go-autobuilder/go-autobuilder.go
2020-11-06 15:55:16 +00:00
Sauyon Lee
a78c35b95e
Simplify net/http ResponseBody logic
2020-11-06 11:18:46 +00:00
Sauyon Lee
8a306af77b
Make HTTP::ResponseWriter handle PostUpdateNodes in getANode
2020-11-06 11:18:46 +00:00
Chris Smowton
3817ae80e5
Add support for html.Render method.
...
This entails generalising Http::ResponseBody to account for any modelled function writing to a ResponseWriter.
2020-11-06 11:04:53 +00:00
Chris Smowton
02f353eabd
Add models for the read side of golang.org/x/net/html
...
This covers cases where an HTML document is retrieved and then parts of its structure are output without proper escaping.
2020-11-06 11:04:53 +00:00
Chris Smowton
03bbef7286
Add models for the read side of golang.org/x/net/html
...
This covers cases where an HTML document is retrieved and then parts of its structure are output without proper escaping.
2020-11-06 11:04:53 +00:00
Chris Smowton
e4aa252d6b
Merge pull request #381 from sauyon/gomodfix
...
Update dependencies and clean go.mod
2020-11-06 10:14:22 +00:00
Chris Smowton
582f8e444b
Merge pull request #393 from smowton/smowton/fix/cfg-assignment-underscores
...
CFG: fix lastNode relating to assignments with underscores on the LHS
2020-11-03 14:32:57 +00:00
Chris Smowton
3b927f3b6b
CFG: fix lastNode relating to assignments with underscores on the LHS
...
For example, "x, _ := a, b" would produce an incorrect CSV that branched to the next statement after evaluating "b", skipping the assignment to 'x'. We already had test coverage for function returns, so I'm reasonably confident this only affects parallel assigns, not destructuring ones like "x, y := f()".
2020-11-03 12:00:54 +00:00
Sauyon Lee
3c84f11d5b
Merge pull request #385 from github/sauyon-patch-1
...
Enable code scanning
2020-10-29 11:00:08 -07:00
Chris Smowton
cbc2443236
Merge pull request #390 from smowton/smowton/admin/links-master-to-main
...
Docs: replace master with main and QL4E with VSCode
2020-10-29 11:06:33 +00:00
Chris Smowton
1c75c9d1e9
Docs: Master -> main and Semmle/ql -> github/codeql everywhere
...
Also fix a reference to QL for Eclipse, and remove some incidental trailing whitespace
2020-10-29 11:04:49 +00:00
Chris Smowton
0f637c5887
Merge pull request #379 from smowton/model-revel
...
Model Revel
2020-10-28 09:56:25 +00:00
Chris Smowton
7ddb289910
Merge pull request #389 from github/aibaars/fix-broken-links
...
Update links in ql/docs/experimental.md
2020-10-28 09:55:21 +00:00
Arthur Baars
31cd26fded
Update links in ql/docs/experimental.md
2020-10-28 10:12:52 +01:00
Chris Smowton
0bf80641e8
Revel: mark header reads as user-controlled data
2020-10-26 12:26:37 +00:00
Chris Smowton
f0c0a890a5
Move OpenUrlRedirect customisation into the query's qll file
2020-10-26 12:25:56 +00:00
Chris Smowton
4a2c4bf1b8
Merge pull request #387 from sauyon/testing-framework
...
Add a testing framework
2020-10-26 10:32:22 +00:00
Sauyon Lee
64ac49a618
Merge pull request #380 from sauyon/funtionmodel-shortcuts
...
Add utility predicates to FunctionModel
2020-10-23 02:26:51 -07:00
Chris Smowton
e9278b5477
Merge pull request #386 from smowton/smowton/admin/improve-error-messages
...
Improve error messages
2020-10-23 08:27:03 +01:00
Chris Smowton
26b7deccf5
Autobuilder: fall back when os.Executable fails
...
This can happen under tracing, perhaps because of https://github.com/github/codeql-tracer/issues/29
2020-10-22 20:04:47 +02:00
Sauyon Lee
47f40d5f3e
Add tests for log frameworks
2020-10-22 09:18:53 -07:00
Sauyon Lee
671b427e1e
Add shared testing framework
...
It has been modified to use `hasLocation` instead of `Location`
2020-10-22 09:18:52 -07:00
Sauyon Lee
1e034a1dd5
Add logrus to go.qll
2020-10-22 09:18:52 -07:00
Chris Smowton
82de513764
Merge pull request #384 from sauyon/gobuild
...
extractor: Extract the working directory if no packages are passed
2020-10-22 15:43:48 +01:00
Chris Smowton
3716f6d7e9
Improve error messages
2020-10-22 14:42:23 +01:00
Chris Smowton
6122223b37
Merge pull request #383 from smowton/smowton/feature/work-around-broken-os-executable
...
Autobuilder: fall back when os.Executable fails
2020-10-22 14:41:37 +01:00
Sauyon Lee
ec52bdd536
Enable code scanning
2020-10-22 06:07:15 -07:00
Sauyon Lee
e22bf96ba3
extractor: Extract the working directory if no packages are passed
2020-10-22 05:22:33 -07:00
Chris Smowton
5cc695f1d5
Autobuilder: fall back when os.Executable fails
...
This can happen under tracing, perhaps because of https://github.com/github/codeql-tracer/issues/29
2020-10-22 13:19:55 +01:00
Sauyon Lee
4356f38b8f
Update dependencies and clean go.mod
2020-10-22 04:57:21 -07:00
Chris Smowton
62c6b0dc37
Add support for more Revel untrusted sources
2020-10-21 17:28:28 +01:00
Chris Smowton
2818da4df9
Advance to latest codeql-cli release
2020-10-21 17:27:18 +01:00
Sauyon Lee
e823712adf
Add utility predicates to FunctionModel
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-10-21 09:16:04 -07:00
Chris Smowton
9aceae8bd6
Revel: add support and tests for Render and Redirect sinks.
2020-10-20 10:00:05 +01:00
Owen Mansel-Chan
b2b8f10418
Fix stub for Revel
...
Embedded fields aren't stubbed correctly
2020-10-19 15:47:08 +01:00
Owen Mansel-Chan
4dfa9d58c0
Model Revel
2020-10-19 15:47:07 +01:00
Owen Mansel-Chan
f4f29be8ac
Add ability to specify default taint sanitizers
...
This allows library models to specify taint sanitizers.
2020-10-19 15:46:33 +01:00
Owen Mansel-Chan
01ad7acb6f
Remove unnecessary import
2020-10-19 15:46:33 +01:00
Owen Mansel-Chan
f49ff279b8
Merge pull request #375 from owen-mc/spew
...
Model Spew logging framework
2020-10-16 13:20:13 +01:00
Owen Mansel-Chan
b89775ac65
Update change-notes/2020-10-14-spew.md
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-10-16 10:56:27 +01:00
Chris Smowton
2b07e6a0f4
Merge pull request #324 from sauyon/tracing
...
Build tracing
2020-10-15 11:27:34 +01:00
Chris Smowton
4746789fe8
Merge pull request #224 from sauyon/no-vendor
...
Skip vendor directories for go.mod extraction
2020-10-15 11:03:26 +01:00
Sauyon Lee
e5afd1dcb6
go-extractor: clarify --mimic error message
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-10-14 09:43:10 -07:00
Sauyon Lee
25eebe95e4
autobuilder: Clarify error message
2020-10-14 09:42:12 -07:00
Sauyon Lee
3c6626c604
Don't trace through problem binaries on OS X
...
See https://github.com/github/semmle-code/pull/37764
2020-10-14 09:42:12 -07:00
Sauyon Lee
3addb962a9
Add change note for build tracing
2020-10-14 09:42:12 -07:00
Sauyon Lee
2e73f3efd1
Add change note for go.mod extraction change
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-10-14 09:25:39 -07:00
Sauyon Lee
1ba1029a13
Use comment-based tests for GoModExpr
2020-10-14 09:25:38 -07:00
Sauyon Lee
34837c10ce
Fix tests for go.mod files
2020-10-14 09:25:38 -07:00
Sauyon Lee
3242df4177
Use package root directory to find go.mod files
2020-10-14 09:13:57 -07:00
Owen Mansel-Chan
8811758e44
Add change note
2020-10-14 14:49:50 +01:00
Owen Mansel-Chan
4b76966a49
Model Spew logging framework
2020-10-14 14:47:22 +01:00
Chris Smowton
b2fef01d28
Merge pull request #378 from smowton/smowton/admin/change-note-typo
...
Fix changenote typo
2020-10-14 13:33:21 +01:00
Chris Smowton
72ee460a64
Fix changenote typo
2020-10-14 13:32:26 +01:00
Chris Smowton
0afa0e75c4
Merge pull request #374 from smowton/smowton/feature/more-accurate-allocation-overflow
...
Improve accuracy of allocation-size-overflow by excluding len(...) calls that never see a large operand
2020-10-14 13:25:45 +01:00
Chris Smowton
83a7411a05
Improve accuracy of allocation-size-overflow by excluding len(...) calls that never see a large operand
...
This is achieved by splitting the query into two pieces: (1) trace flow from indefinitely large object creation to len(...) calls, then (2) considering those particular len(...) calls as taint propagators, trace taint from the same sources all the way to an allocation call. This is more accurate than the previous solution, which considered any len(...) call to propagate taint, potentially confusing an array that stored a large value in one of its cells for an array which is itself of large size.
2020-10-14 10:16:08 +01:00
Chris Smowton
59f8717ca2
Merge pull request #372 from smowton/smowton/feature/golang-x-net-context
...
Extend `context` models to cover its old `golang.org/x/net/context` home.
2020-10-13 10:33:36 +01:00
Chris Smowton
40869480e1
Extend context models to cover its old golang.org/x/net/context home.
2020-10-12 12:27:19 +01:00
Chris Smowton
b370a865f1
Merge pull request #370 from max-schaefer/fix-formatting-targets
...
Fix escaping in Makefile targets.
2020-10-09 10:56:07 +01:00
Max Schaefer
9db478aa03
Fix escaping in Makefile targets.
...
Previously, invoking `make autoformat` would run a command of this form:
```sh
... | grep \\.go$ | ...
```
Note that the `$` is not escaped. This probably wasn't intended, even though it happens to work anyway, since the shell doesn't try to expand lone `$`s.
More problematically, invoking `make check-formatting` would run a command of this form:
```sh
... | grep \\.go| ...
```
Note that the `$` is gone, so it matches `.go` anywhere in the file name. In particular, it matches `ql/test/library-tests/semmle/go/frameworks/Protobuf/vendor/google.golang.org/protobuf/LICENSE`, which I think is responsible for the somewhat mysterious "expected 'package', found Copyright" errors we've been seeing from CI.
This PR fixes both targets to run
```sh
... | grep '\.go$' | ...
```
Because of the single quotes we only need a single backslash, and the `$` gets left alone.
2020-10-09 09:07:24 +01:00
Sauyon Lee
85c92251d6
Add a new binary for tracing
2020-10-08 23:31:06 -07:00
Sauyon Lee
de0582a67f
autobuilder: extract out attempted build commands
2020-10-08 23:31:05 -07:00
Sauyon Lee
cd63ea84aa
extractor: revamp argument parsing
2020-10-08 23:31:05 -07:00
Sauyon Lee
2da89c6527
extractor: factor out run from autobuilder
2020-10-08 23:31:05 -07:00
Sauyon Lee
eaf5342b7d
Enable Go modules while determining module directory
2020-10-08 23:31:05 -07:00
Sauyon Lee
16796529fc
Add package directory as a wanted root
2020-10-08 23:31:05 -07:00
Chris Smowton
024e8ef715
Merge pull request #368 from sauyon/xpath-fix
...
Update XPathExpressionString to match the Range pattern
2020-10-08 09:24:04 +01:00
Sauyon Lee
43de6ea836
Update XPathExpressionString to match the Range pattern
...
Fixes #367
2020-10-07 14:29:05 -07:00
Chris Smowton
c8a2d30e39
Merge pull request #360 from smowton/smowton/feature/stack-trace-exposure
...
Add stack-trace exposure query
2020-10-07 11:08:37 +01:00
Chris Smowton
d7dcf27f57
Merge pull request #362 from smowton/smowton/admin/refactor-function-node
...
Refactor DataFlow::FunctionNode as a concrete class
2020-10-06 15:08:54 +01:00
Chris Smowton
0eb7ac94cc
Add stack-trace exposure query
...
This is a port of `java/stack-trace-exposure`, and does the same job: warn that a stack dump is written to an HTTP response.
2020-10-06 14:42:59 +01:00
Chris Smowton
68bb7b02fe
Refactor DataFlow::FunctionNode as a concrete class
...
This makes it easier to refine FunctionNode without having to define abstract members.
2020-10-06 14:02:57 +01:00
Chris Smowton
5bdff0f9d3
Merge pull request #363 from smowton/smowton/fix/use-realpath-for-gopath
...
Autobuilder: Use fully resolved path for GOPATH
2020-10-05 10:53:17 +01:00
Chris Smowton
6b6c862274
Autobuilder: Use fully resolved path for GOPATH
...
Otherwise on systems where /tmp is a symlink (e.g. default OSX setup), GOPATH does not match the current working directory after os.Chdir'ing to that directory (os.Chdir resolves symlinks, unlike a shell's 'cd' command), which causes `dep` to fail complaining that it is being run from outside GOPATH.
2020-10-02 17:05:47 +01:00
Chris Smowton
e8710612d8
Merge pull request #361 from smowton/smowton/admin/fix-broken-qhelp-links
...
Fix OWASP broken links
2020-10-01 14:28:30 +01:00
Chris Smowton
4af5765275
Fix OWASP broken links
2020-10-01 13:06:03 +01:00
Chris Smowton
1be34c0c90
Merge pull request #359 from smowton/smowton/fix/suspicious-regex-qhelp
...
Improve variable names in example code
2020-09-30 11:03:10 +01:00
Max Schaefer
3490d35926
Merge pull request #358 from smowton/smowton/admin/qhelp-action
...
Add Action to build and upload qhelp
2020-09-29 17:31:07 +01:00
Chris Smowton
1cfad846c8
Improve variable names in example code
...
These were inherited from the JS version of the example, which concerns HTML.
2020-09-29 16:37:06 +01:00
Chris Smowton
6b28c0705a
Add Action to build and upload qhelp
2020-09-29 16:16:25 +01:00
Max Schaefer
3dde501b54
Merge pull request #356 from max-schaefer/api-cleanup
...
Add and move around a few convenience predicates
2020-09-29 08:32:53 +01:00
Max Schaefer
97fb967d5c
Add a few tests.
2020-09-28 10:58:28 +01:00
Max Schaefer
56f295f741
Add a few useful shortcuts.
2020-09-25 16:58:28 +01:00
Sauyon Lee
2ba9bbfd8b
Merge pull request #355 from sauyon/moddir-fix
...
Improve extractor logging and a minor readability fix
2020-09-25 05:44:35 -07:00
Sauyon Lee
7ea3b34e4b
extractor: Reorganize code to be in a slightly more sensible order
2020-09-25 04:23:35 -07:00
Sauyon Lee
e158b39287
Improve extractor logging
...
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-09-25 04:23:31 -07:00
Max Schaefer
8667b64a1c
Make result variables aware of their index.
2020-09-25 10:51:32 +01:00
Chris Smowton
88c740bbbc
Merge pull request #353 from gagliardetto/remove-duplicate-models
...
Remove duplicate models (the end)
2020-09-24 13:31:18 +01:00
Slavomir
4f7edb85da
Fix package count
2020-09-24 12:41:14 +02:00
Slavomir
1f5da54ac9
Update change-notes/2020-09-23-stdlib.md
...
Co-authored-by: Chris Smowton <smowton@github.com >
2020-09-24 12:40:39 +02:00
Arthur Baars
575c56c426
Merge pull request #354 from github/aibaars/lgtm-go-lines-of-comment
...
LGTM: add Metrics/FLinesOfComment.ql to go-lgtm-full.qls
2020-09-24 12:22:07 +02:00
Arthur Baars
240f3ed7dc
LGTM: add Metrics/FLinesOfComment.ql to go-lgtm-full.qls
2020-09-24 11:04:15 +02:00
Max Schaefer
907ae20a16
Merge pull request #350 from smowton/smowton/feature/bad-regex-escape-query
...
Add query spotting probably-bad escapes in regular expressions.
2020-09-24 09:49:16 +01:00
Slavomir
8e007623ca
Improve change note
2020-09-23 18:03:11 +02:00
Slavomir
ef20f75cbe
Add change note
2020-09-23 17:52:52 +02:00
Slavomir
8b397c1eff
Remove this. from the generated method and interface models
2020-09-23 17:28:44 +02:00
Slavomir
539127b1d1
Remove models for methods for which there already is a models for the interface they implement.
2020-09-23 17:16:01 +02:00
Chris Smowton
59138048bb
Add query spotting probably-bad escapes in regular expressions.
...
Inspired by js/useless-regexp-character-escape, but much much simpler because the Go source code parser forbids unrecognised escapes and its regex engine refuses to compile \\x where x is not a character class or other special token (e.g. start-of-word).
2020-09-23 15:07:22 +01:00
Chris Smowton
a094ddb988
Merge pull request #349 from gagliardetto/stdlib-339-340-342-346-347
...
Merge #339 #340 #342 #346 #347
2020-09-23 14:38:04 +01:00
Chris Smowton
1a3589ac06
Merge pull request #352 from smowton/smowton/feature/http-newrequest
...
Add model for net/http.NewRequest
2020-09-23 09:56:17 +01:00
Max Schaefer
6130720e00
Merge pull request #348 from max-schaefer/functioninput_entrynode
...
Ensure `FunctionInput`s corresponding to results have an entry node
2020-09-23 09:15:18 +01:00
Chris Smowton
c1fbbfb05a
Add model for net/http.NewRequest noting that if the URL is tainted then the response should be considered tainted also.
2020-09-23 08:46:36 +01:00
Slavomir
364b6810ce
Sort stdlib imports
2020-09-22 18:50:12 +02:00
Slavomir
a7148638aa
Merge branch 'standard-lib-pt-6' into stdlib-339-340-342-346-347
2020-09-22 18:44:14 +02:00
Slavomir
61a0cfa06a
Merge branch 'standard-lib-pt-4' into stdlib-339-340-342-346-347
2020-09-22 18:43:30 +02:00
Slavomir
315514085f
Merge branch 'standard-lib-pt-9' into stdlib-339-340-342-346-347
2020-09-22 18:43:14 +02:00
Slavomir
0510404112
Merge branch 'standard-lib-pt-12' into stdlib-339-340-342-346-347
2020-09-22 18:42:46 +02:00
Slavomir
1a5d582750
Remove Regexp
2020-09-22 13:37:39 +02:00
Slavomir
e742525be5
Fix (*Logger).Writer() model
2020-09-22 13:35:55 +02:00
Slavomir
bff19d5a37
Move and extend Log module for package log with taint-tracking
2020-09-22 13:35:55 +02:00
Slavomir
3a7406b14c
Remove redundant Read and Write method models
2020-09-22 13:33:37 +02:00
Slavomir
3abf0e8d29
Add taint-tracking for crypto/x509 package
2020-09-22 13:33:37 +02:00
Slavomir
3acb7a5311
Add taint-tracking for crypto/tls package
2020-09-22 13:33:37 +02:00
Slavomir
5e0e3cc2cc
Add taint-tracking for crypto/rsa package
2020-09-22 13:33:37 +02:00
Slavomir
742319c071
Move to stdlib and expand crypto/cypher package taint-tracking
2020-09-22 13:33:37 +02:00
Slavomir
434c4bca9c
Add taint-tracking for crypto package
2020-09-22 13:33:37 +02:00
Max Schaefer
c61881acb3
Merge pull request #344 from smowton/smowton/feature/echo-models
...
Add models for the Echo framework
2020-09-22 10:45:02 +01:00
Max Schaefer
2d4f17c91c
Ensure result inputs always have an entry node.
2020-09-22 09:08:17 +01:00
Max Schaefer
4b56581122
Fix input nodes for results that are not assigned to an SSA variable.
2020-09-22 09:06:16 +01:00
Max Schaefer
9c640fff4f
Add a new test for FunctionInputsAndOutputs.
2020-09-22 09:04:49 +01:00
Max Schaefer
c905149579
Merge pull request #341 from gagliardetto/standard-lib-pt-10
...
Move to stdlib and extend the models for `fmt` package
2020-09-21 22:10:56 +01:00
Chris Smowton
7b917f9dd7
Add utility functions for getting FunctionInputs and FunctionOutputs.
2020-09-21 17:35:40 +01:00
Chris Smowton
397282f41a
Add models for the Echo framework
2020-09-21 17:35:40 +01:00
Chris Smowton
bdb3e54299
Add tests for stdlib-http fields that aren't supposed to cause open-redirect alerts
2020-09-21 16:26:46 +01:00
Chris Smowton
b6b7bd2717
Generalise model of HTTP libraries
...
* Allow for HTTP response methods that define a content-type without a corresponding header write
* Factor out stdlib-http-specific classification of fields that aren't vulnerable to an open-redirect exploit
2020-09-21 16:26:39 +01:00
Slavomir
0005775e2b
Apply suggestions from code review
...
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-09-21 16:23:21 +02:00
Slavomir
dedeb7bbf1
Add taint-tracking for container/ring package
2020-09-21 12:34:00 +02:00
Slavomir
75e3ee6e77
Add taint-tracking for container/list package
2020-09-21 12:32:39 +02:00
Slavomir
4ecf9b0f6b
Add taint-tracking for container/heap package
2020-09-21 12:30:47 +02:00
Chris Smowton
6770c74b7f
Merge pull request #345 from gagliardetto/from-331-to-337
...
Merge #331 , #332 , #333 , #334 , #335 , #336 , #337
2020-09-21 09:34:41 +01:00
Slavomir
a7dba54001
Merge branch 'standard-lib-pt-15' into from-331-to-337
2020-09-20 18:25:29 +02:00
Slavomir
ad53583b5e
Remove methods on IP
2020-09-20 18:23:56 +02:00
Slavomir
17868dd6b1
Merge branch 'standard-lib-pt-16' into from-331-to-337
2020-09-20 15:47:35 +02:00
Slavomir
ed965c7101
Merge branch 'standard-lib-pt-19' into from-331-to-337
2020-09-20 15:47:14 +02:00
Slavomir
53e0e3ffbf
Merge branch 'standard-lib-pt-20' into from-331-to-337
2020-09-20 15:46:47 +02:00
Slavomir
9d1381349f
Merge branch 'standard-lib-pt-23' into from-331-to-337
2020-09-20 15:46:26 +02:00
Slavomir
1d13ca58ff
Merge branch 'standard-lib-pt-22' into from-331-to-337
2020-09-20 15:46:02 +02:00
Slavomir
cd151fcdd1
Merge branch 'standard-lib-pt-5' into from-331-to-337
2020-09-20 15:45:46 +02:00
Slavomir
5e7b279569
Remove model for a method that satisfies an interface that already has its own model.
2020-09-20 15:38:37 +02:00
Slavomir
3fd6f9c400
Extend QueryString::Range with database/sql/driver interfaces' methods
2020-09-20 15:38:37 +02:00
Slavomir
24e8a18d22
Add database/sql/driver taint-tracking
2020-09-20 15:38:37 +02:00
Slavomir
5e4d75561c
Add database/sql/driver taint-tracking
2020-09-20 15:38:37 +02:00
Slavomir
6f0bfbfa96
Add taint-tracking to database/sql package in the SQL module
2020-09-20 15:38:37 +02:00
Slavomir
55a8e24055
Taint-track package expvar
2020-09-20 15:38:37 +02:00
Slavomir
29382744fe
Taint-track package errors
2020-09-20 15:38:37 +02:00
Slavomir
4127cb5cc4
Remove rune/byte read/write from TaintStep/io.go
2020-09-20 15:35:02 +02:00
Slavomir
07fdd3d17a
Fix TaintStep.expected: fix io.Pipe logic, remove rune/byte read/write
2020-09-20 15:33:11 +02:00
Slavomir
c4a493f003
Remove models for methods where there are already interface models
2020-09-20 15:13:48 +02:00
Slavomir
dc159eeee1
Remove io.Writer model from io/ioutil
2020-09-20 15:13:48 +02:00
Slavomir
f1cdfff331
Import IoIoutil module
2020-09-20 15:13:48 +02:00
Slavomir
073fae9ff8
Move to stdlib and extend the module for io/ioutil package
2020-09-20 15:13:48 +02:00
Slavomir
45dfc2bcf2
Move to stdlib, extend and refactor the Io module
2020-09-20 15:13:48 +02:00
Slavomir
a784a25a61
Remove (net.IP).UnmarshalText
2020-09-20 15:01:42 +02:00
Slavomir
1578a66731
Remove models for net.Parse*
2020-09-20 15:01:42 +02:00
Slavomir
e14f857761
Add taint-tracking for package net/textproto
2020-09-20 15:01:42 +02:00
Slavomir
75751d732b
Add taint-tracking for package net/mail
2020-09-20 15:01:42 +02:00
Slavomir
e6cb8fe5ce
Add taint-tracking for package net/http/httputil
2020-09-20 15:01:42 +02:00
Slavomir
85f9760662
Move existing net/http classes from private module StdlibHttp to stdlib.NetHttp
2020-09-20 15:01:41 +02:00
Slavomir
e66fcef396
Add taint-tracking for net/http package
2020-09-20 15:01:41 +02:00
Slavomir
fa04d5a74d
Add taint-tracking for package net
2020-09-20 15:01:41 +02:00
Slavomir
c89cfc8867
Use go 1.14.3
2020-09-20 14:52:40 +02:00
Slavomir
8eeb019b5c
Move existing OS (all caps name) module classes to stdlib.Os module (notice the camelcase name)
2020-09-20 14:52:40 +02:00
Slavomir
f811dff527
Add taint-tracking for package os
2020-09-20 14:52:40 +02:00
Chris Smowton
fee596ac83
Merge pull request #343 from smowton/smowton/feature/chi-models
...
Add models for the Chi web framework
2020-09-16 11:38:08 +01:00
Chris Smowton
1bf366c1e3
Add models for the Chi web framework
...
This is mostly simple as the framework uses ordinary net/http methods and ordinary Go contexts for most purposes.
2020-09-16 09:14:23 +01:00
Slavomir
b529cf4c86
Import Fmt module
2020-09-15 19:19:30 +02:00
Max Schaefer
88e03c3ee5
Merge pull request #322 from gagliardetto/standard-lib-pt-11
...
Add taint-tracking for packages in `html/*`
2020-09-15 17:54:35 +01:00
Slavomir
375ac63499
Move to stdlib and extend the models for fmt package
2020-09-15 17:27:56 +02:00
Slavomir
a340270dc1
Move html TemplateEscape out of Texttemplate module
2020-09-14 15:47:52 +02:00
Slavomir
9a560e994c
Remove redundant field
2020-09-14 15:47:51 +02:00
Slavomir
ce67720542
Add taint-tracking for html/template package.
2020-09-14 15:47:51 +02:00
Slavomir
35136bbb2c
Add escape function.
2020-09-14 15:47:51 +02:00
Slavomir
52d4c71ec2
Add taint-tracking for html package.
2020-09-14 15:47:51 +02:00
Chris Smowton
8d7cbe3aa5
Merge pull request #323 from gagliardetto/standard-lib-pt-8
...
Add taint-tracking for packages in `encoding/*`
2020-09-14 14:41:19 +01:00
Chris Smowton
3ba85576ea
Merge pull request #338 from smowton/smowton/admin/update-dataflow-libs-2020-09-14
...
Port codeql#4238 (Dataflow: small fixes for naming in taint tracking)…
2020-09-14 14:19:06 +01:00
Slavomir
6bbe0182ca
Rename Syscall_non_windows.go to Syscall_non_win.go
2020-09-14 13:34:24 +02:00
Slavomir
4c2537017f
Fix TaintStep.expected: add params to json.MarshalIndent
2020-09-14 13:10:25 +02:00
Slavomir
64a61bd648
Remove redundant taint-tracking from MarshalingFunction and UnmarshalingFunction classes in EncodingXml module.
2020-09-14 13:10:25 +02:00
Slavomir
947bbabf62
Extend MarshalingFunction and UnmarshalingFunction with encoding/pem
2020-09-14 13:10:25 +02:00
Slavomir
d472d5abe5
Remove redundant taint-tracking from MarshalingFunction and UnmarshalingFunction classes in EncodingJson module.
2020-09-14 13:10:25 +02:00
Slavomir
ed2e5b0f92
Extend MarshalingFunction and UnmarshalingFunction with encoding/asn1
2020-09-14 13:10:25 +02:00
Slavomir
afede9bde5
Remove encoder taint-tracking for encoding/hex
2020-09-14 13:10:25 +02:00
Slavomir
96a700becb
Remove encoder taint-tracking for encoding/base64
2020-09-14 13:10:25 +02:00
Slavomir
0baca5fa6c
Remove encoder taint-tracking for encoding/base32
2020-09-14 13:10:25 +02:00
Slavomir
828d3863a0
Remove encoder taint-tracking for encoding/ascii85
2020-09-14 13:10:25 +02:00
Slavomir
f3a61ed65c
Add MarshalFunction and UnmarshalFunction classes to EncodingXml module.
2020-09-14 13:10:25 +02:00
Slavomir
b4ff653071
Add taint-tracking for encoding/xml
2020-09-14 13:10:25 +02:00
Slavomir
e7fc3c5039
Add taint-tracking for encoding/pem
2020-09-14 13:10:25 +02:00
Slavomir
669ed91b0b
Move EncodingJson to stdlib; add Escape class.
2020-09-14 13:10:25 +02:00
Slavomir
24c23ba333
Add taint-tracking for encoding/json
2020-09-14 13:10:25 +02:00
Slavomir
f5fc9494fc
Remove old EncodingHex module
2020-09-14 13:10:25 +02:00
Slavomir
74fdfba85c
Add taint-tracking for encoding/hex
2020-09-14 13:10:25 +02:00
Slavomir
7a42992850
Add taint-tracking for encoding/gob
2020-09-14 13:10:25 +02:00
Slavomir
57518c7e3d
Add taint-tracking for encoding/csv
2020-09-14 13:10:25 +02:00
Slavomir
df55bb459f
Add taint-tracking for encoding/binary
2020-09-14 13:10:25 +02:00
Slavomir
20b4826e8e
Add taint-tracking for encoding/base64
2020-09-14 13:10:25 +02:00
Slavomir
7060367de5
Add taint-tracking for encoding/base32
2020-09-14 13:10:24 +02:00
Slavomir
ba78eda277
Add taint-tracking for encoding/asn1
2020-09-14 13:10:24 +02:00
Slavomir
412ba1263b
Add taint-tracking for encoding/ascii85
2020-09-14 13:10:24 +02:00
Slavomir
a47842d1c3
Add taint-tracking for package encoding
2020-09-14 13:10:24 +02:00
Slavomir
27ba893ba2
Add taint-tracking for context package
2020-09-14 13:09:45 +02:00
Slavomir
eb3a18f172
Add taint-tracking for package sort
2020-09-14 13:08:54 +02:00
Slavomir
71dbb244f9
Move existing Regexp module to stdlib
2020-09-14 13:08:16 +02:00
Slavomir
7f3a911f86
Add taint-tracking for package regexp
2020-09-14 13:08:16 +02:00
Slavomir
c2fc26a96a
Remove Range method on sync.Map
2020-09-14 13:04:52 +02:00
Slavomir
d51518f411
Add taint-tracking for sync/atomic package
2020-09-14 13:04:52 +02:00
Slavomir
e47715b2a9
Add taint-tracking for sync package
2020-09-14 13:04:52 +02:00
Chris Smowton
86ed037fd3
Port codeql#4238 (Dataflow: small fixes for naming in taint tracking) to Go's local copy of the dataflow libs
2020-09-14 12:01:30 +01:00
Slavomir
d929e8313a
Build syscall.StringSlicePtr only on non-windows OS
2020-09-14 12:49:41 +02:00
Slavomir
702a984dc0
Comment out test for syscall.StringSlicePtr because it's not present on windows.
2020-09-14 12:49:41 +02:00
Slavomir
72ef65f257
Add taint-tracking for syscall
2020-09-14 12:49:41 +02:00
Chris Smowton
362d210bc5
Merge pull request #330 from smowton/smowton/admin/standard-lib-pt-21-with-sanitiser
...
Move `strconv` and `strings` packages' taint-tracking to stdlib, and expand them + sanitise substrings of the HTTP Authorization header
2020-09-14 11:25:57 +01:00
Chris Smowton
b9b306aade
CleartextLogging: sanitize strings.Split(authheader, ":")[0] and similar
...
These can represent a username, method name or other non-sensitive component of an Authorization header. For greater precision we could split the query into one investigating Authorization headers and one investigating other sources of sensitive data that can't be sanitized by splitting this way.
2020-09-14 09:46:14 +01:00
Slavomir
cf29f9dede
Remove taint-tracking on single bytes and runes
2020-09-14 09:46:14 +01:00
Slavomir
6d3e6ded26
Fix: the Append* functions do not modify the dst slice argument.
2020-09-14 09:46:14 +01:00
Slavomir
9293bcde1d
Fix ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected: calls to strings.NewReader are a step now.
2020-09-14 09:46:14 +01:00
Slavomir
3075294cd8
Move strings module to stdlib, and add more taint-tracking classes to it.
2020-09-14 09:46:13 +01:00
Slavomir
42c7f8cc0d
Add taint-tracking for strconv package; rename module StrConv to Strconv and move into stdlib
2020-09-14 09:44:25 +01:00
Max Schaefer
b8d36b936e
Merge pull request #321 from gagliardetto/standard-lib-pt-14
...
Add taint-tracking for packages inside `mime/*`
2020-09-14 09:26:29 +01:00
Max Schaefer
c10942d044
Merge pull request #320 from gagliardetto/standard-lib-pt-24
...
Add taint-tracking for packages inside `text/*`
2020-09-11 15:57:14 +01:00
Max Schaefer
c889bc3dae
Merge branch 'main' into standard-lib-pt-24
2020-09-11 14:09:50 +01:00
Chris Smowton
84def5f6c2
Merge pull request #327 from smowton/smowton/feature/more-post-update-nodes
...
Add PostUpdateNodes for nested structs and arrays
2020-09-11 12:47:20 +01:00
Max Schaefer
903cffe7ed
Merge pull request #317 from gagliardetto/standard-lib-pt-18
...
Add taint-tracking for `reflect` package
2020-09-11 11:26:48 +01:00
Chris Smowton
650bc1d38f
Add PostUpdateNodes for derferenced expressions on an access path to a field- or element-write
2020-09-11 10:46:58 +01:00
Max Schaefer
e9bf3317b5
Merge pull request #328 from owen-mc/gorm-exec
...
Update GORM model
2020-09-11 08:41:09 +01:00
Max Schaefer
3758c6b7d8
Merge pull request #329 from smowton/smowton/feature/xss-detect-more-json-encoding
...
Reflected XSS query: exclude more uses of encoding/json.Marshal
2020-09-11 08:38:30 +01:00
Owen Mansel-Chan
13e82de53d
Add change note
2020-09-10 17:29:06 +01:00
Chris Smowton
405babf5af
Reflected XSS query: exclude more uses of encoding/json.Marshal
...
Previously we only detected these if the marshalling directly fed the request body within the same function; now it's a general sanitiser for the purposes of XSS.
2020-09-10 16:52:06 +01:00
Owen Mansel-Chan
3af90c9fc8
Update GORM tests
2020-09-10 13:48:12 +01:00
Owen Mansel-Chan
d807e8de75
Add more methods from GORM as sinks
...
Cf. https://gorm.io/docs/security.html
2020-09-09 16:18:41 +01:00
Owen Mansel-Chan
95c1f754c6
Add alternative package locations
2020-09-09 14:52:26 +01:00
Max Schaefer
baf048f293
Merge pull request #326 from owen-mc/change-note-for-allocation-size-overflow-sanitizers
...
Add change note for #296
2020-09-08 16:53:05 +01:00
Owen Mansel-Chan
cd6020810a
Add change note for #296
2020-09-08 16:32:12 +01:00
Chris Smowton
5068b8b195
Add PostUpdateNodes for nested structs and arrays
...
This creates a PostUpdateNode for x in the contexts `x.field[element]`, `x.field.otherfield`, `x[element].field` and so on.
Most uses of PostUpdateNode implicitly assume its old definition, but our protobuf model benefits.
2020-09-08 16:28:02 +01:00
Max Schaefer
65c449cff0
Merge pull request #325 from max-schaefer/revert-237
...
Revert "Revert "autobuilder: Add support for GITHUB_REPOSITORY environment variable""
2020-09-08 08:04:58 +01:00
Max Schaefer
52a659183d
Merge pull request #314 from smowton/smowton/admin/bump-golang-tools
...
Bump to latest version of golang.org/x/tools
2020-09-07 16:02:55 +01:00
Max Schaefer
655e229d1e
Revert "Revert "autobuilder: Add support for GITHUB_REPOSITORY environment variable""
...
This reverts commit ccfccb4828 .
2020-09-07 15:14:52 +01:00
Max Schaefer
1821cca5d2
Merge pull request #285 from smowton/protobufs
...
Protobuf modelling
2020-09-07 11:42:37 +01:00
Slavomir
25e3f75ddc
Add taint-tracking for mime/quotedprintable package.
2020-09-06 17:45:09 +02:00
Slavomir
99b251d4f0
Add taint-tracking for mime/multipart
2020-09-06 17:42:57 +02:00
Slavomir
c44d426794
Add taint-tracking for mime package.
2020-09-06 17:39:41 +02:00
Slavomir
3b2e16e292
Move text/template classes to TextTemplate module inside stdlib.
2020-09-06 17:32:34 +02:00
Slavomir
0d5c7e3132
Add taint-tracking for text/template template.
2020-09-06 17:32:34 +02:00
Slavomir
db0b09beb4
Add taint-tracking for text/tabwriter package.
2020-09-06 17:32:34 +02:00
Slavomir
4df363d2ce
Add taint-tracking for text/scanner package.
2020-09-06 17:32:34 +02:00
Chris Smowton
cfba0896f0
Improve code style
...
No behavioural changes
2020-09-04 17:05:32 +01:00
Chris Smowton
fb85ccb2a5
Look through implicit deref operations when propagating taint down a chain of field- and element-access instructions.
...
This enables us to use PostUpdateNode properly. Also introduce a test showing a case where this doesn't work, because the underlying variable doesn't have a post-update node.
2020-09-04 17:03:52 +01:00
Chris Smowton
3635d7d007
Introduce and use writeComponent
2020-09-04 17:03:52 +01:00
Chris Smowton
2a863fbbe7
Abbreviate protobuf package names
2020-09-04 17:03:52 +01:00
Chris Smowton
18ed6bd1ee
Add missing qldoc
2020-09-04 17:03:52 +01:00
Chris Smowton
90915284ba
Move getUnderlyingNode into Protobuf.qll
...
This is its only user for now.
2020-09-04 17:03:52 +01:00
Chris Smowton
59f9c6073d
Introduce instruction type for component access
...
This is the union of a field-access and an element-access instruction
2020-09-04 17:03:52 +01:00
Chris Smowton
455cf0c502
Add support and tests for protobuf messages with map fields
2020-09-04 17:03:52 +01:00
Chris Smowton
b2d4e2692f
Taint underlying aggregates of protobuf messages when an element is written
...
For example, writing to a[b].c[d] taints 'a'.
2020-09-04 17:03:52 +01:00
Chris Smowton
3d82308e07
Introduce common base class for ElementReadNode and FieldReadNode
2020-09-04 17:03:52 +01:00
Chris Smowton
56f6e67671
Protobufs: improve comment and code style
...
No functional changes
2020-09-04 15:14:49 +01:00
Chris Smowton
65dc6272d1
Remove prototype tests
...
I don't think we need these when we have the end-to-end taintFlows test.
2020-09-04 15:14:49 +01:00
Chris Smowton
b639b6ec6a
Remove redundant copies of the generated protoc output
2020-09-04 15:14:49 +01:00
Chris Smowton
8058d096d2
Model and test UnmarshalOptions.Unmarshal
...
Support for UnmarshalOptions.UnmarshalState is dropped for now as too hard to model.
2020-09-04 15:14:49 +01:00
Chris Smowton
c2ff2df403
Add test showing false-negative for MarshalState
2020-09-04 15:14:49 +01:00
Chris Smowton
42d6250b8d
Add modern-API variants of tests
2020-09-04 15:14:49 +01:00
Chris Smowton
8682eb9dec
Add tests showing imprecision of our current implementation
2020-09-04 15:14:49 +01:00
Chris Smowton
a832342ecb
Add test for unmarshalling submessages
2020-09-04 15:14:49 +01:00
Chris Smowton
596204f79d
Add (currently-failing) expectations for submessage tainting
2020-09-04 15:14:49 +01:00
Chris Smowton
c9296abe25
Restrict tainting from field-writes to Message types
2020-09-04 15:14:49 +01:00
Chris Smowton
95798590ce
Implement MarshalState method
...
Currently relies on blanket field-write propagation.
2020-09-04 15:14:49 +01:00
Chris Smowton
c34fc3c9ad
Add tests for MarshalAppend and MarshalState
...
The MarshalState test doesn't work yet, because we don't know to read taint from the Message field of the input or write it to the Buf field of the output
2020-09-04 15:14:49 +01:00
Chris Smowton
2ca6157836
Protobuf: support both legacy and modern APIs
2020-09-04 15:14:49 +01:00
Chris Smowton
df0238a352
Fix proto.Clone method
...
This is top-level, not a member.
2020-09-04 15:14:49 +01:00
Chris Smowton
e76c07d77b
Temporarily taint all structs from field writes
...
This should be either refined to just Message types, or else a macro taint step should be added conducting taint from field-write-of-argument to Marshal's result.
On the read-side we're currently fine: the bytes are tainted, so the object is tainted, so the field reads are tainted.
2020-09-04 15:14:49 +01:00
Chris Smowton
19e1dacced
WIP: add more (manual) protobuf models, and a test that checks various taint-flow cases
...
Only some of the cases are currently working.
2020-09-04 15:14:49 +01:00
Sauyon Lee
4ff325aa13
--wip-- [skip ci]
2020-09-04 15:14:49 +01:00
Slavomir
095baeb8b6
Remove taint-tracking of booleans and numbers (but keep uintptr)
2020-09-04 12:06:34 +02:00
Max Schaefer
25e4245568
Merge pull request #291 from smowton/smowton/admin/oauth2-query-polish
...
Promote OAuth2-misuse query to mainline
2020-09-04 10:50:31 +01:00
Chris Smowton
47958e6de8
Go.mod comments: trim newlines
...
These weren't previously reported as part of the comment text, but are as of the latest version of golang.org/x/tools
2020-09-03 15:54:56 +01:00
Slavomir
5e62b002ff
Fix: Append* does not modify the dst slice argument.
2020-09-03 15:43:16 +02:00
Slavomir
e7f2fb27eb
Add taint-tracking for reflect package
2020-09-03 15:43:16 +02:00
Chris Smowton
380410e687
Go autoformat: exclude vendor/ directory
2020-09-03 14:37:26 +01:00
Chris Smowton
e386346a25
Extractor: tolerate ast.File structures without a package declaration
...
In earlier versions of golang/x/tools these would be omitted entirely; now they can result in ast.File structures whose ast.Package field is zero (NoPos), and in my experience these contain no information in their other fields either.
2020-09-03 14:32:23 +01:00
Max Schaefer
c7b4db8d16
Merge pull request #319 from aeisenberg/patch-1
...
Update devcontainer memory settings
2020-09-03 14:31:11 +01:00
Andrew Eisenberg
2e8e970978
Update devcontainer memory settings
...
CodeQL CLI needs a minimum of 2G of memory. By default, the memory used is slightly less than that, leading to poor performance.
This change also removes two old, unused settings.
2020-09-02 12:07:05 -07:00
Chris Smowton
b487799f69
Oauth2 state query: avoid duplicate paths by excluding variable references as sources
2020-09-02 17:40:53 +01:00
Chris Smowton
6fea8abd82
Oauth2 state query: improve code style
...
No behavioural changes intended.
2020-09-02 15:06:23 +01:00
Chris Smowton
2f175e365e
Oauth2 state query: remove unnecessary isSource overload
2020-09-02 15:05:22 +01:00
Chris Smowton
8f99972833
OAuth2 CSRF query: improve documentation
2020-09-02 15:05:22 +01:00
Chris Smowton
0ba42f7f87
OAuth2 state query: set precision
2020-09-02 15:05:22 +01:00
Chris Smowton
406ea741f4
Improve comment style
2020-09-02 15:05:22 +01:00
Chris Smowton
faf43efb60
Promote OAuth2 constant-state query to mainline
2020-09-02 15:05:22 +01:00
Chris Smowton
0ee7bbbaa7
Extend oauth2 tests
2020-09-02 15:05:21 +01:00
Chris Smowton
f61c62d2d8
Generalise isReturnedWithError
...
It now recognises any function returning an Error alongside other return values
2020-09-02 15:05:21 +01:00
Chris Smowton
9e4ee0accf
OAuth2 constant state query: trace local URLs across reference operations and Sprintf calls
2020-09-02 15:05:21 +01:00
Chris Smowton
050a823397
OAuth2 exclusion: hide cases that clearly target an out-of-band process or private HTTP server
2020-09-02 15:05:21 +01:00
Chris Smowton
bcb65157e6
Oauth2-state query: treat log calls the same as stdout printers
...
These presumably get to the user somehow, and in conjunction with stdin use are enough to identify use of oauth at the terminal.
2020-09-02 15:05:21 +01:00
Chris Smowton
3d877fc67d
Oauth2 state: note bufio.NewScanner is also a sign of probable terminal-interactive use
2020-09-02 15:05:21 +01:00
Chris Smowton
6fee4f382f
Constant-oauth2-state: exclude strings returned alongside an error value
...
For example, getState() { ... return "", someError } is commonly seen in the wild.
2020-09-02 15:05:21 +01:00
Chris Smowton
aac303c0a2
Merge pull request #287 from smowton/smowton/feature/restore-repo-after-build
...
Restore repo layout post-autobuild
2020-09-02 13:38:36 +01:00
Chris Smowton
246e8b1b27
Make failure to restore a file to its original location non-fatal
2020-09-02 11:44:43 +01:00
Chris Smowton
8de188a6ca
Restore repo layout post-autobuild
2020-09-02 11:44:43 +01:00
Max Schaefer
be64f3ed22
Merge pull request #316 from gagliardetto/standard-lib-pt-17
...
Move `path` and `path/filepath` packages to stdlib
2020-09-02 08:26:11 +01:00
Slavomir
386005d361
Add path and path/filepath packages to stdlib
2020-09-01 13:09:41 +02:00
Sauyon Lee
976151c08f
Merge pull request #315 from max-schaefer/fix-frontend-errors
...
Fix frontend errors in test.
2020-08-28 12:40:11 -07:00
Max Schaefer
2fe8fb9d83
Fix frontend errors in test.
2020-08-28 12:01:33 +01:00
Max Schaefer
031a48ecd3
Merge pull request #296 from owen-mc/allocation-size-overflow-improve-sanitizers-easy
...
Add new sanitizer guard to Allocation size overflow query
2020-08-28 07:44:45 +01:00
Max Schaefer
b4550f244b
Merge pull request #313 from github/rc/1.25
...
Merge rc/1.25 into main
2020-08-27 14:27:26 +01:00
Sauyon Lee
1743dae7b0
Merge pull request #312 from smowton/smowton/autobuilder-fixes-fixed-further
...
Autobuilder: always check the vendor directory works and if go.mod exists
2020-08-27 04:16:04 -07:00
Chris Smowton
af1be2f465
Bump to latest version of golang.org/x/tools
2020-08-27 11:57:21 +01:00
Chris Smowton
4d084372b5
Fix autobuilder Go version comparison
...
The semver package requires versions of the form v1.2.3, and unhelpfully evaluates any malformed versions as equal.
2020-08-27 11:02:23 +01:00
Chris Smowton
c6dbb9fcb2
Tidy up -mod argument stringification
2020-08-27 10:46:36 +01:00
Chris Smowton
b13b54f7d7
Don't try to use -mod=... when go.mod doesn't exist
...
Also don't pass a blank argument to `go` when using an old version.
2020-08-26 13:56:36 +01:00
Chris Smowton
9ad2d6c119
Factor default and custom install paths
...
These now follow the same route:
* Run a default or custom build script
* If needed, check if vendor/ is usable
* If it isn't, or if their build failed, install dependencies using go get etc
This commit shouldn't cause any behavioural change.
2020-08-26 12:02:54 +01:00
Chris Smowton
859b427881
Check if the vendor/ directory is usable, even after a successful build
2020-08-26 11:53:50 +01:00
Sauyon Lee
8f6b25e0ac
autobuilder: Use -mod=mod for vendor directories wihtout modules.txt
2020-08-26 11:25:30 +01:00
Sauyon Lee
70d425d317
autobuilder: move vendor check before dependency installation check
...
This means dependency installation is still attempted when a vendor
directory is inconsistent.
2020-08-26 11:25:30 +01:00
Sauyon Lee
852ae9397b
autobuilder: Test for vendor inconsistency
2020-08-26 11:25:30 +01:00
Sauyon Lee
28c69743a4
Add workaround for go 1.14 explicit vendoring requirement
...
This only applies for module files for which no Go version has
been specified; Go will assume these should be parsed with the
latest Go version, which will cause them to fail if the vendor
directory has been generated with an old version of Go, as
the vendor/modules.txt will not meet the new requirements for
consistency.
2020-08-26 11:25:30 +01:00
Max Schaefer
34d5e970ff
Merge pull request #311 from owen-mc/add-missing-change-notes
...
Add missing change notes
2020-08-26 11:21:00 +01:00
Owen Mansel-Chan
7fd5e7e978
Add change note for https://github.com/github/codeql-go/pull/277
2020-08-26 10:54:18 +01:00
Owen Mansel-Chan
ad6c94e8f9
Add change note for https://github.com/github/codeql-go/pull/251
2020-08-26 07:58:19 +01:00
Owen Mansel-Chan
210208b003
Add change note for https://github.com/github/codeql-go/pull/226
2020-08-26 07:46:56 +01:00
Owen Mansel-Chan
d4a377b7cc
Add change note for https://github.com/github/codeql-go/pull/107
...
The model for websocket was included in another change note
2020-08-26 07:21:05 +01:00
Owen Mansel-Chan
944b69066e
Add change note for github/codeql-go#125
2020-08-26 07:20:24 +01:00
Max Schaefer
3376e45508
Merge pull request #309 from owen-mc/restore-gin-change-note
...
Add change note for Gin framework
2020-08-25 10:42:57 +01:00
Owen Mansel-Chan
dc99a62dca
Add change note for Gin framework
...
This was originally put in too early because the Gin framework was
accidentally not added to the default includes.
This reverts commit 41e98d6afc .
2020-08-25 10:29:42 +01:00
Sauyon Lee
0de8ac3b87
Merge pull request #305 from max-schaefer/consistency-queries
...
Enable consistency queries in tests
2020-08-25 01:01:11 -07:00
Max Schaefer
76f3bd63ac
Merge pull request #306 from max-schaefer/fix-stringops-magic
...
Prevent misoptimisation in `StringOps`.
2020-08-25 08:45:54 +01:00
Max Schaefer
b72c4f958c
Fix tests for ExprHasNoEffect on non-Linux systems.
2020-08-25 08:05:19 +01:00
Max Schaefer
4c82ad6064
Apply suggestions from code review
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2020-08-25 07:37:11 +01:00
Max Schaefer
bdcb1f233c
Prevent misoptimisation in StringOps.
2020-08-24 20:11:23 +01:00
Max Schaefer
ab19d40f4b
Merge pull request #304 from max-schaefer/fix-frontend-errors
...
Fix frontend errors in tests
2020-08-24 18:44:32 +01:00
Max Schaefer
57180c24c7
Simplify consistency query.
...
Unlike the old ODASA consistency queries, new consistency queries can have expected results, so there is no need to have special handling of files with expected errors.
2020-08-24 17:39:28 +01:00
Max Schaefer
d7cfcf46a5
Run tests with consistency queries.
2020-08-24 17:39:28 +01:00
Max Schaefer
181438b827
Bump CodeQL version for CI to 2.2.5.
2020-08-24 17:39:28 +01:00
Max Schaefer
42c1116ac7
Merge pull request #303 from github/rc/1.25
...
Merge rc/1.25 into main
2020-08-24 17:22:56 +01:00
Max Schaefer
c06531d9c0
Fix tests for InsecureHostKeyCallback.
2020-08-24 17:18:28 +01:00
Max Schaefer
4d4129313a
Fix tests for Gorestful.
2020-08-24 17:18:06 +01:00
Max Schaefer
aad9ce0c97
Fix tests for OpenUrlRedirect.
2020-08-24 17:06:26 +01:00
Max Schaefer
4e202666dc
Fix tests for InsecureHostKeyCallback.
2020-08-24 17:06:01 +01:00
Max Schaefer
368227fff5
Fix tests for NegativeLengthCheck.
2020-08-24 17:04:55 +01:00
Max Schaefer
149ceda636
Fix tests for Gorestful.
2020-08-24 17:04:31 +01:00
Max Schaefer
a0a8a584a4
Fix error in ellipsis.go.
2020-08-24 17:01:16 +01:00
Sauyon Lee
402b239520
Merge pull request #300 from srt32/patch-1
...
Update bad / good message for CWE 079
2020-08-24 08:57:26 -07:00
Owen Mansel-Chan
a669fa4aa1
Do not flow taint through remainder expressions
...
If the tainted operand is the first operand then it is being bounded above
by the remainder expression. If it is the second operand then
2020-08-24 16:18:08 +01:00
Owen Mansel-Chan
aed3ef4cde
Improve performance of new barrier guard
...
Some projects on lgtm were taking >1 hour, and with this commit they take
<10 minutes
2020-08-24 16:18:08 +01:00
Simon Taranto
bd9100eb4e
Update other file too
2020-08-24 09:00:26 -06:00
Max Schaefer
5dc822886b
Merge pull request #302 from max-schaefer/fix-qhelp
...
Fix qhelp for incorrect integer-conversion query.
2020-08-24 11:20:32 +01:00
Max Schaefer
111d2a745b
Fix qhelp for incorrect integer-conversion query.
...
It seems qhelp doesn't like `<code>` inside `<a>`.
2020-08-24 09:55:43 +01:00
Simon Taranto
7adf477e2d
Update bad / good message for CWE 079
...
Previously, the "good" example still had the "BAD: " comment in it which was confusing.
This change updates the good example to have a "GOOD: " comment instead.
2020-08-21 15:31:47 -06:00
Owen Mansel-Chan
caf77e2a44
Merge pull request #298 from smowton/smowton/admin/changenote-blank-lines
...
Remove blank lines from changenote
2020-08-20 16:05:29 +01:00
Chris Smowton
b983778cd1
Merge pull request #297 from ginsbach/noinferred
...
remove reliance on InferredBinding
2020-08-20 11:52:14 +01:00
Chris Smowton
cc2a153c57
Remove blank lines from changenote
2020-08-20 11:45:29 +01:00
Owen Mansel-Chan
dbf1d24e19
Add new barrier guard for second half of path
2020-08-20 11:37:07 +01:00
Chris Smowton
ce93a449fa
Merge pull request #295 from owen-mc/remove-gin-change-note
...
Remove gin change note
2020-08-20 10:39:13 +01:00
Owen Mansel-Chan
41e98d6afc
Remove change note so it isn't accidentally put into this release
2020-08-20 10:27:51 +01:00
Owen Mansel-Chan
53cc3621ad
Change date on Gin change note
...
The Gin model wasn't added to the default imports
till 2020-08-19
2020-08-20 10:27:41 +01:00
Philip Ginsbach
1149d43488
remove reliance on InferredBinding from InsecureFeatureFlag::getAFlagName
2020-08-20 10:26:46 +01:00
Chris Smowton
89e420d49f
Merge pull request #294 from smowton/smowton/admin/reenable-checkout-v2
...
Revert "Downgrade to checkout@v1 to work around https://github.com/actions/checkout/issues/237 "
2020-08-20 07:48:12 +01:00
Chris Smowton
9b9b0b217e
Revert "Downgrade to checkout@v1 to work around https://github.com/actions/checkout/issues/237 "
...
This reverts commit 8aaa7c8925 .
The bug it was working around (if it ever did) has been fixed.
2020-08-19 17:53:25 +01:00
Owen Mansel-Chan
0260438ff3
Merge pull request #293 from owen-mc/import-gin-framework-by-default
...
Import Gin framework by default
2020-08-19 17:24:29 +01:00
Chris Smowton
33d35112e1
Merge pull request #292 from smowton/smowton/admin/document-public-predicates
...
Document undocumented public symbols
2020-08-19 15:52:06 +01:00
Owen Mansel-Chan
35e336fe96
Add tests for sanitizers and sanitizer guards
2020-08-19 15:36:48 +01:00
Owen Mansel-Chan
17b3d56195
Remove unnecessary string concat
2020-08-19 15:36:48 +01:00
Owen Mansel-Chan
103e655395
Import Gin framework by default
2020-08-19 15:26:12 +01:00
Chris Smowton
60d3de1911
Document undocumented public symbols
2020-08-19 14:29:12 +01:00
Chris Smowton
1e7bbcc23a
Merge pull request #290 from sauyon/openredirect-uri
...
Open URL Redirect: make isValidURI and the like sanitizers
2020-08-18 10:07:43 +01:00
Sauyon Lee
5b9fb2a28b
openurlredirect: make isValidURI and the like sanitizers
2020-08-17 10:45:46 -07:00
Chris Smowton
c07db2a373
Merge pull request #289 from smowton/gorand
...
(admin) Slightly cleaned up version of Insufficient Randomness
2020-08-17 12:00:26 +01:00
dilanbhalla
986f3c3084
Add experimental query detecting use of an insecure PRNG in a cryptographic context
2020-08-17 10:52:36 +01:00
Max Schaefer
d675daa1d1
Merge pull request #284 from dilanbhalla/gocrypto
...
Adding Crypto Query/Library
2020-08-14 12:00:18 +01:00
dilanbhalla
a58070f920
fixed build test error
2020-08-14 01:56:30 -07:00
dilanbhalla
7f980a4901
pr fixes
2020-08-14 00:45:08 -07:00
Max Schaefer
fe6cf8c625
Merge pull request #275 from owen-mc/incorrect-integer-conversion
...
Incorrect integer conversion
2020-08-13 20:19:47 +01:00
Owen Mansel-Chan
951d59752a
Address review comments 7
2020-08-13 18:22:58 +01:00
dilanbhalla
40d3f22193
fixing commit error
2020-08-12 10:49:11 -07:00
Owen Mansel-Chan
2e60d40ccd
Address review comments 6
2020-08-12 17:07:29 +01:00
Owen Mansel-Chan
69212b9ad9
Deal with build constraints
...
Note that build constraints can be explicit (comments at the top of the
file) or implicit (part of the file name)
2020-08-12 17:07:29 +01:00
dilanbhalla
37eca95d44
restructured library
2020-08-11 23:53:50 -07:00
dilanbhalla
79002b0c38
pr fixes
2020-08-11 10:34:45 -07:00
Owen Mansel-Chan
08d9af1bd7
Merge pull request #280 from owen-mc/negative-length-check-unsigned
...
Extend negativeLengthCheck query to unsigned integers
2020-08-11 11:59:24 +01:00
Owen Mansel-Chan
1e0b9cc6a3
Address review comments 5
2020-08-11 10:57:02 +01:00
Owen Mansel-Chan
97bbdca8a3
Extend negativeLengthCheck query to unsigned integers
...
Like return values from len and cap, unsigned integers are never negative
2020-08-11 10:48:03 +01:00
dilanbhalla
2ee654d643
attempting to fix autoformat build error
2020-08-11 01:07:53 -07:00
Max Schaefer
117fd686c4
Merge pull request #276 from gagliardetto/standard-lib-pt-3
...
Add taint tracking for the compress/* packages
2020-08-11 07:56:45 +01:00
Max Schaefer
cb5c596ab6
Merge pull request #283 from github/rc/1.25
...
Merge rc/1.25 into main
2020-08-11 07:51:17 +01:00
Owen Mansel-Chan
c7a8730c40
Improve tests of paths with more than one sink
2020-08-11 07:24:58 +01:00
Owen Mansel-Chan
4907f6529e
Address review comments 4
2020-08-11 07:24:58 +01:00
dilanbhalla
4433f193f9
pr fixes for typo and qldoc
2020-08-10 16:06:02 -07:00
dilanbhalla
7ce9e976c2
removing precision tag
2020-08-10 12:06:10 -07:00
dilanbhalla
95342cdea7
adding go crypto library
2020-08-10 11:56:41 -07:00
Owen Mansel-Chan
ed469a355e
Fix mistake in test
2020-08-10 17:32:49 +01:00
Max Schaefer
097775bf64
Merge pull request #282 from sauyon/tomain
...
Fix one use of master in README
2020-08-10 17:03:22 +01:00
Max Schaefer
61f4d8ddfc
Merge pull request #278 from max-schaefer/fix-upgrade-performance
...
Improve performance of upgrade script
2020-08-10 17:01:49 +01:00
Max Schaefer
d31b4d262f
Merge pull request #281 from max-schaefer/has_ellipsis
...
Teach extractor to distinguish calls with an ellipsis from calls without
2020-08-10 16:51:38 +01:00
Owen Mansel-Chan
30f176246a
Address review comments 3
2020-08-10 15:21:20 +01:00
Max Schaefer
6d35c60acb
Add pragma to prevent accidental inlining.
2020-08-10 14:51:28 +01:00
Max Schaefer
2ef421255a
Add a clarifying comment.
2020-08-10 14:49:19 +01:00
Max Schaefer
9385857c39
Add a regression test.
2020-08-10 14:48:13 +01:00
Owen Mansel-Chan
89eae10d96
Address review comments 2
2020-08-10 11:07:44 +01:00
Owen Mansel-Chan
4bfb2b4138
Address review comments 1
2020-08-10 11:04:25 +01:00
Owen Mansel-Chan
681ca9065a
Add change note
2020-08-10 11:04:25 +01:00
Owen Mansel-Chan
06d1eb9bdb
Add tests for incorrect integer conversion
2020-08-10 11:04:25 +01:00
Owen Mansel-Chan
329888e62c
Add query for incorrect integer conversion
2020-08-10 11:04:25 +01:00
Owen Mansel-Chan
34fa07267b
Add modeling to Stdlib.qll
...
Adds classes for some integer-parsing functions and a constant from
strconv, plus a class for calls to integer-parsing functions.
2020-08-10 11:04:25 +01:00
Owen Mansel-Chan
ac49aa2527
Delete experimental query and tests for it
2020-08-10 11:04:25 +01:00
Owen Mansel-Chan
3a6aa58e48
Fix typo in QLDoc
2020-08-10 11:04:25 +01:00
Max Schaefer
c2a26f8ec9
Don't allow varargs as function outputs.
...
In a call of the form `f(xs...)`, when we say that `f` taints its 0th argument its ambiguous whether that means that it taints the slice `xs` or its 0th element `xs[0]`.
In practice, it's usually the latter, but we have no way of expressing that using our current `FunctionOutput` implementation.
2020-08-10 07:30:23 +01:00
Max Schaefer
bdfd1d131f
Teach extractor to record the presence of an ellipsis in a call expression.
2020-08-10 07:30:23 +01:00
Sauyon Lee
0b97e486a2
Fix one use of master in README
2020-08-07 08:49:57 -07:00
Max Schaefer
97291e4c41
Merge pull request #279 from github/rc/1.25
...
Merge rc/1.25 into master
2020-08-06 11:18:11 +01:00
Max Schaefer
75795d80c4
Improve performance of upgrade script.
2020-08-06 09:51:36 +01:00
Max Schaefer
90bab34e88
Merge pull request #277 from sauyon/file-url-fix
...
autobuilder: Don't try to determine import paths for file URLs
2020-08-06 09:46:10 +01:00
Sauyon Lee
8e6c1835dd
autobuilder: Don't try to determine import paths for file URLs
...
Also improve logging
2020-08-05 23:21:34 -07:00
Slavomir
b0259632e1
Remove Read method
2020-08-05 18:37:35 +02:00
Slavomir
6fda46b565
Add compress/zlib taint tracking
2020-08-05 18:35:47 +02:00
Slavomir
441d29b2b7
Add compress/lzw taint tracking
2020-08-05 18:34:05 +02:00
Slavomir
053496dbcc
Add compress/gzip taint tracking
2020-08-05 18:32:51 +02:00
Slavomir
7e5077c174
Add compress/flate taint tracking
2020-08-05 18:31:13 +02:00
Slavomir
6e2af3ead1
Add compress/bzip2 taint tracking
2020-08-05 18:29:12 +02:00
Max Schaefer
4e409aa9fa
Merge pull request #274 from gagliardetto/standard-lib-pt-2
...
Add taint tracking for bufio and bytes packages
2020-08-05 17:10:08 +01:00
Slavomir
df71f0bf8b
Remove ReadByte, WriteByte, ReadRune, WriteRune
2020-08-04 17:53:50 +03:00
Slavomir
ff81ad622f
Fix back ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected
2020-08-04 17:22:40 +03:00
Slavomir
c1f2e77488
Fix generated codeql
2020-08-04 17:11:55 +03:00
Slavomir
6b1bbf16aa
Remove taint-tracking for objects that implement io.Reader
2020-08-04 16:01:30 +03:00
Slavomir
72254b7682
Fix ql/test/library-tests/semmle/go/frameworks/TaintSteps/TaintStep.expected
2020-08-04 15:36:34 +03:00
Slavomir
3fd6062b3d
Add taint-tracking for package "bytes"
2020-08-04 14:15:26 +03:00
Slavomir
dd8e1243a2
Add bufio taint-tracking
2020-08-04 14:11:00 +03:00
Max Schaefer
b057cbee7b
Merge pull request #256 from smowton/smowton/admin/cwe-327-cleanup
...
Polish CWE-327 (weak TLS config) query
2020-08-03 10:28:53 +01:00
Sauyon Lee
5de55d02d7
Merge pull request #273 from max-schaefer/unresolved-reference
...
Speed up `unresolvedReference`.
2020-08-02 22:31:13 -07:00
Max Schaefer
f6da34b546
Speed up unresolvedReference.
2020-07-31 14:13:05 +01:00
Chris Smowton
7e65575e95
Merge pull request #272 from smowton/smowton/admin/fix-makefile-escaping
...
Escape go-fmt file filter
2020-07-30 20:05:04 +01:00
Chris Smowton
2a7754af59
Factor ErrorType out of two duplicate tests
2020-07-30 17:25:53 +01:00
Chris Smowton
4b6810eefc
InsecureFeatureFlag: make getAFlag a member of FlagKind
2020-07-30 17:23:01 +01:00
Chris Smowton
7dd20107fe
Insecure-TLS query: trivial style and typo fixes
2020-07-30 17:18:54 +01:00
Chris Smowton
3c1daf08f8
Escape go-fmt file filter
...
This should have been looking for \.go$, but I forgot to escape the dollar sign in a Makefile
2020-07-30 17:06:01 +01:00
Max Schaefer
2134757ebf
Merge pull request #261 from smowton/smowton/admin/cleanup-cwe-322
...
Polish CWE-322: detect and exclude cases where host-checking is optional
2020-07-30 10:38:57 +01:00
Chris Smowton
cce3a70412
Insecure-TLS: restrict sources to potentially interesting integers.
2020-07-29 16:46:36 +01:00
Chris Smowton
d7c0671ea1
Add test using SSH host-key checker factory knownhosts.New
...
This produces a secure host-key checker; we assume by default that an opaque function not otherwise specified returns an acceptable checker, but we need to particularly cope with its multiple return values to handle this factory function.
2020-07-29 16:30:51 +01:00
Chris Smowton
d0e86f787d
SSH host checking: Expand definition of a host-key checking function to include calls with multiple return types
...
For example, https://godoc.org/golang.org/x/crypto/ssh/knownhosts#New returns a host-key checker and an error value, and we previously didn't consider the first return value a candidate checker function.
2020-07-29 16:06:38 +01:00
Chris Smowton
e89cd16cb1
Move query-specific flag definitions into their respective .ql files
2020-07-29 15:21:49 +01:00
Chris Smowton
f31ed52943
Clean up InsecureFeatureFlag
...
Move the flag regexes inline, use `any` instead of a constructor function to select a particular flag kind, and remove explicit limitation on the common superclass FlagKind.
2020-07-29 15:15:50 +01:00
Chris Smowton
f162a5be94
Promote CWE-322 out of experimental status
2020-07-29 14:43:47 +01:00
Chris Smowton
99f08750f3
Polish CWE-322: detect and exclude cases where host-checking is optional
2020-07-29 14:43:47 +01:00
Max Schaefer
2831ffdad0
Merge pull request #270 from smowton/smowton/cleanup/ricterz-libraries
...
Add support for Gorm, Gorestful, Sqlx and Json-iterator
2020-07-29 14:21:41 +01:00
Max Schaefer
f8b8af5ac5
Merge pull request #269 from aibaars/lgtm-suites
...
CodeQL: complete LGTM suites
2020-07-29 07:19:41 +01:00
Arthur Baars
0db8ba881b
CodeQL: complete LGTM suites
2020-07-28 20:36:53 +02:00
Chris Smowton
abfae4365f
Move CWE-327 out of experimental
2020-07-28 15:47:44 +01:00
Chris Smowton
026dc5c97f
Add changelog notes regarding added library support
2020-07-28 14:57:14 +01:00
Chris Smowton
0e6feb923c
Add test for json-iterator package, and support more of its API
...
Specifically the top-level functions Unmarshal and UnmarshalFromString are just convenience wrappers around the type API, which is the usual documented way to use the library.
2020-07-28 14:52:10 +01:00
Chris Smowton
e19f476341
Add test for Sqlx
2020-07-28 14:52:10 +01:00
Chris Smowton
f5caf7e9e2
Add test for Gorm
2020-07-28 14:52:10 +01:00
Chris Smowton
a813607a76
go-restful model: Add support for ReadEntity method
2020-07-28 14:52:10 +01:00
Chris Smowton
3c4a1b90fe
Add test for Go-restful
2020-07-28 14:52:10 +01:00
Chris Smowton
b96546b0f8
Improve style of library models
2020-07-28 14:40:48 +01:00
Max Schaefer
e9ae697d0d
Merge pull request #251 from gagliardetto/standard-lib-pt-1
...
Add taint-tracking for archive/tar and archive/zip
2020-07-28 14:27:02 +01:00
Chris Smowton
88cb435843
Split security flags into more distinct categories
...
There are now three categories: general security or option flags, those related to TLS version selection, and those related to certificate configuration. The TLS and disabled-certificate-check queries use two categories each.
2020-07-28 13:54:37 +01:00
Chris Smowton
3c244e2235
Insecure-TLS: remove obsolete TODO
...
The case noted works fine.
2020-07-28 13:04:16 +01:00
Chris Smowton
9b4e189374
Insecure-TLS: Use DataFlow::Node::getRoot, and factor getEnclosingFunction
2020-07-28 11:55:58 +01:00
Chris Smowton
2751552cbe
Insecure-TLS: Reintroduce tests for InsecureCipherSuites()
...
These stopped producing an alert because they used a variable name that acknowledges an insecure setup
2020-07-28 11:55:58 +01:00
Chris Smowton
db9760082d
Insecure-TLS: simplify warning message
2020-07-28 11:55:58 +01:00
Chris Smowton
2a0642b67b
Insecure-TLS: remove is-test-file filter
2020-07-28 11:55:58 +01:00
Chris Smowton
5c8534f56e
EXCUSED -> OK
2020-07-28 11:55:58 +01:00
Chris Smowton
d0c76187da
Fix comment
2020-07-28 11:55:58 +01:00
Chris Smowton
a10db25b7d
Remove redundant constraint
2020-07-28 11:55:58 +01:00
Chris Smowton
779901cdbd
Reference Mozilla's TLS advice in qhelp
2020-07-28 11:55:58 +01:00
Chris Smowton
718c4e8531
Add change note for insecure-TLS query
2020-07-28 11:55:58 +01:00
Chris Smowton
db27f8477a
Update CWE-327 test
...
This now checks various carve-outs for probable feature / compatibility flags
2020-07-28 11:55:58 +01:00
Chris Smowton
21d107e0e9
Check for suspected feature-flags more uniformly
...
These are now checked of all source *and* sink nodes, and the checks are factored with similar paths for is-insecure and is-old flags.
2020-07-28 11:55:58 +01:00
Chris Smowton
7d294c5d81
Factor and generalise InsecureFeatureFlag
...
The same path is now used to classify flags relating to old/legacy versions.
2020-07-28 11:21:51 +01:00
Chris Smowton
34c8cc5019
Improve documentation and function naming
2020-07-28 11:21:51 +01:00
Chris Smowton
17200a8569
Use SsaWithFields to find similar good-tls-version flows
...
Note: if accepted, merge this into a previous commit before submitting the PR
2020-07-28 10:31:45 +01:00
Chris Smowton
a7e549e771
Exclude TLS version sources accompanied by a non-nil error
...
It is common to return 0 has a dummy value with an error; these are very likely not going to be used as a real TLS version.
2020-07-28 10:31:44 +01:00
Chris Smowton
af960ed2cd
Exclude more hits whose context suggests an intentionally old TLS configuration
2020-07-28 10:31:44 +01:00
Chris Smowton
8afa0c51d9
Filter out bad TLS versions where there is a converging flow supplying a good version
...
I'm supposing these usually indicate something configurable, rather than a hard-coded insecure choice. The *default* being insecure is still a problem, but probably not amenable to automated analyses.
2020-07-28 10:31:44 +01:00
Chris Smowton
b66a91bd5f
Exclude InsecureTLS problems guarded by feature flags
2020-07-28 10:31:44 +01:00
Chris Smowton
6058c90485
Factor predicates for identifying security-related feature flags from DisabledCertificateCheck
2020-07-28 10:31:44 +01:00
Chris Smowton
a6ab92bbca
Supress paths that extend beyond the first sink
...
For this particular query it's hardly ever interesting to complain about a bad cipher suite being configured, then read from the list and re-added elsewhere. In such a case the longer path will be detected when the shorter one is fixed in any case.
2020-07-28 10:31:44 +01:00
Chris Smowton
08ec017e4c
Cleanup: disjunction -> set literal
2020-07-28 10:31:44 +01:00
Chris Smowton
75d69efb15
Merge pull request #267 from smowton/smowton/feature/print-ast-label-package-node
...
PrintAst: Label File nodes' package-name children, and ensure that child comes before all declarations
2020-07-24 13:30:12 +01:00
Chris Smowton
b4e15fb17a
Merge pull request #268 from smowton/smowton/admin/downgrade-checkout-action
...
Downgrade to checkout@v1 to work around https://github.com/actions/checkout/issues/237
2020-07-24 13:28:06 +01:00
Chris Smowton
8aaa7c8925
Downgrade to checkout@v1 to work around https://github.com/actions/checkout/issues/237
2020-07-24 11:24:51 +01:00
Chris Smowton
454993fe64
PrintAst: Label File nodes' package-name children, and ensure that child comes before all declarations
2020-07-24 11:08:57 +01:00
Ricter Z
bb2d5ea6b5
add some sinks in commonly-used SQL libraries
2020-07-23 16:19:42 +01:00
Chris Smowton
b9e61115f3
Merge pull request #266 from sauyon/query-tags
...
Add correctness tag to MistypedExponentiation
2020-07-22 15:27:46 +01:00
Chris Smowton
6c4a1d0a34
Merge pull request #264 from smowton/smowton/feature/printast-restrict-files
...
PrintAst: improve support for restricting subsets of the AST to print
2020-07-22 15:20:14 +01:00
Chris Smowton
f8d141f7ff
PrintAst: Sort root File nodes by relative path.
...
This should make graphtext output deterministic, rather than depending on the order the results interpretation step happens to see the nodes.
2020-07-22 13:43:34 +01:00
Sauyon Lee
c9df4d81b4
Add correctness tag to MistypedExponentiation
2020-07-22 04:26:56 -07:00
Chris Smowton
c30d198f3d
Switch to using top-level function declarations to filter PrintAst
...
This means it's no longer possible to ask for the AST of a function literal, but this is hopefully a niche use-case that we can add if and when there is demand.
2020-07-22 10:40:41 +01:00
Owen Mansel-Chan
3018874f69
Merge pull request #259 from gagliardetto/oauth2-fixed-state
...
CWE-352: Use of constant `state` in Oauth2 flow
2020-07-21 17:11:46 +01:00
Chris Smowton
09990f9764
Configure plugin AST printer to ignore comments and only print one file
2020-07-21 17:01:07 +01:00
Chris Smowton
b8c4004c59
PrintAst: support excluding comments
2020-07-21 17:01:07 +01:00
Chris Smowton
e0aa59ced1
PrintAst: improve support for restricting subsets of the AST to print
...
* Exclude function definitions, not just their children, when excluded by configuration
* Allow excluding files
* Test both features
2020-07-21 17:00:28 +01:00
Chris Smowton
a625a4c7d5
Merge pull request #263 from smowton/smowton/feature/order-functypeexpr-children
...
PrintAst: order parameter and result declarations
2020-07-21 15:47:26 +01:00
Andrew Eisenberg
f35343e618
Merge pull request #262 from aeisenberg/aeisenberg/print-ast
...
Add the printAst contextual query
2020-07-20 11:11:42 -07:00
Slavomir
02b5fce67e
Add go.mod to CWE-352 test folder
2020-07-20 17:46:12 +03:00
Chris Smowton
ce0cc31b03
PrintAst: order parameter and result declarations
...
This adds support for generally overriding the default AstNode child ordering, and uses it to sort parameter and result declarations in the context of a FuncTypeExpr in left-to-right textual order.
2020-07-20 14:32:42 +01:00
Andrew Eisenberg
0ae1330c02
Add the printAst contextual query
...
This is similar to the cpp query for printing the AST in the
context of VS Code.
This PR also includes a small refactoring to extract the
`getEncodedFile` predicate to a new `qll` file.
2020-07-17 10:12:48 -07:00
Slavomir
27f62b0b3a
Fix examples
2020-07-17 13:12:18 +03:00
Slavomir
ee2804dfb1
Improve comments
2020-07-17 11:01:25 +03:00
Slavomir
ee4356501a
Apply suggestions from code review
...
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com >
2020-07-16 18:36:40 +03:00
Slavomir
fb78818db7
Fix .expected
2020-07-16 18:33:35 +03:00
Slavomir
ef7198c0cb
Improve query scenarios
2020-07-16 18:29:15 +03:00
Slavomir
282f7af6d9
Improve comments, naming, docs
2020-07-16 12:52:41 +03:00
Slavomir
8cc8b8ef47
Add CWE-352: CSRF because of constant oauth2 state value
2020-07-16 12:38:08 +03:00
Slavomir
437f4b7eab
Fix go autoformat
2020-07-15 19:12:33 +03:00
Slavomir
9cd86f9be8
Generated Go files: add what they were generated with
2020-07-15 19:05:12 +03:00
Slavomir
f7a03c0862
Update main.go
2020-07-15 19:05:12 +03:00
Slavomir
19348d2773
Simplify tests
2020-07-15 19:05:12 +03:00
Slavomir
1591ed3440
Implement code review feedback
2020-07-15 19:05:12 +03:00
Slavomir
5b63228690
Add StdlibTaintFlow.expected
2020-07-15 19:05:12 +03:00
Slavomir
19287fb5ff
Add taint-tracking for archive/tar and archive/zip
2020-07-15 19:05:12 +03:00
Chris Smowton
830f83f21a
Merge pull request #257 from smowton/smowton/fix/go-mod-comment-group-indices
...
Extractor: assign unique indices to comment-groups in go.mod files
2020-07-13 15:40:14 +01:00
Chris Smowton
3ab948f81c
Extractor: assign unique indices to comment-groups in go.mod files
...
The schema requires that (parent, index) is a key.
2020-07-13 11:28:28 +01:00
Sauyon Lee
32510eb2d0
Merge pull request #255 from max-schaefer/alias-types
...
Improve modelling of alias declarations
2020-07-10 21:07:48 -07:00
Max Schaefer
4eac5a1d4e
Add test to demonstrate that aliases have entities.
...
There are, however, no corresponding types.
2020-07-10 14:41:15 +01:00
Max Schaefer
1a8688a8f4
Extract enough information to distinguish type definitions from alias declarations.
2020-07-10 14:12:51 +01:00
Max Schaefer
4257a68c27
Include newlines in messages printed by go-gen-dbscheme.
2020-07-10 14:08:37 +01:00
Max Schaefer
9347413e77
Merge pull request #254 from smowton/smowton/admin/fix-go-autoformat
...
Make the gofmt CI test actually fatal
2020-07-10 14:01:44 +01:00
Chris Smowton
d05657ddff
Make the gofmt CI test actaully fatal
...
Turns out gofmt doesn't actually return 1 when it finds problems, only when it finds source files which don't compile (all of which are now excluded).
This also fixes existing overlooked inconsistencies as a result of this mistake.
2020-07-10 11:02:50 +01:00
Max Schaefer
302eb55d23
Merge pull request #245 from smowton/smowton/feature/missing-error-check-query-conservative
...
Add query searching for missing error checks on functions that return a (pointer, error) pair
2020-07-09 15:37:32 +01:00
Chris Smowton
429a385a20
Add query searching for missing error checks on functions that return a (pointer, error) pair
2020-07-09 13:06:31 +01:00
Max Schaefer
02920abc62
Merge pull request #249 from smowton/smowton/feature/comment-group-ast-node-parents
...
Make CommentGroups AST-children of Files
2020-07-08 19:58:13 +01:00
Chris Smowton
6bf3802b3f
Make CommentGroups AST-children of Files
...
Previously they were roots, with children hanging off them. Now they are children of Files, and both CommentGroups and Comments can be discovered using AstNode.getAChild.
The PrintAst pass is also adapted to account for their new position.
2020-07-08 17:49:47 +01:00
Max Schaefer
650cb5e626
Merge pull request #253 from smowton/smowton/admin/gofmt-in-ci
...
Add Go autoformatting to the 'autoformat' make target and to CI
2020-07-08 17:37:17 +01:00
Chris Smowton
ce94c68e0a
Add Go autoformatting to the 'autoformat' make target and to CI
...
Existing gofmt complaints are fixed, and files that specifically test queries that relate to badly formatting code are tagged as such.
2020-07-08 14:20:19 +01:00
Max Schaefer
26eeb3c658
Merge pull request #252 from gagliardetto/patch-3
...
taint-tracking: String() must return a string type
2020-07-08 12:01:20 +01:00
Slavomir
59071732a8
taint-tracking: String() must return a string type
...
Make sure that the taint-tracking class for the `String()` method checks that the result type is a string.
2020-07-08 12:34:13 +03:00
Max Schaefer
bc778b5899
Merge pull request #243 from max-schaefer/cve-2019-11250
...
Improvements to clear-text logging query
2020-07-07 16:03:40 +01:00
Max Schaefer
3a897a9dd0
Merge pull request #247 from shati-patel/docs
...
Docs: Editorial changes to library modeling topic
2020-07-07 13:37:51 +01:00
Max Schaefer
b4c56928c4
Merge pull request #248 from max-schaefer/location-doc
...
Port Location qldoc update.
2020-07-07 13:37:36 +01:00
Max Schaefer
47a858610d
Merge pull request #239 from smowton/smowton/feature/find-noreturn-user-functions
...
Switch from using mustPanic to mayReturnNormally to construct a call-expression's CFG
2020-07-07 13:37:18 +01:00
Chris Smowton
6e5ee47ade
Switch from using mustPanic to mayReturnNormally to construct a call-expression's CFG
...
We also use this to note that user-defined functions can only return normally if their CFG normal exit node is reachable, and annotate some well-known functions as noreturn.
For example, this will by fiat declare os.Exit noreturn (never returns normally), and will also notice that a user function `func myExit() { os.Exit(1) }` is also noreturn, because it doesn't have any control-flow edges that reach the normal return node.
2020-07-07 11:40:06 +01:00
Max Schaefer
842860d7ca
Port Location qldoc update.
...
cf https://github.com/github/codeql/pull/3907
2020-07-07 10:58:00 +01:00
Shati Patel
5ddcf92859
Editorial changes to library modeling topic
2020-07-07 10:02:33 +01:00
Max Schaefer
d8ff2d1641
Merge pull request #246 from smowton/smowton/feature/nuisance-dead-code-warnings
...
UnreachableStatement: tolerate more harmless unreachable return statements
2020-07-07 09:26:48 +01:00
Chris Smowton
5b34c05916
UnreachableStatement: tolerate more harmless unreachable return statements
...
The Golang compiler isn't particularly good at spotting paths that don't need a return statement due to a dominating noreturn statement (e.g. os.Exit(1)), so dead return statements are common. We already tried to tolerate some instances of this pattern; this additionally allows 'true' and 'false' literals, and anything of type 'error'.
The carte-blanche for error values aims to accommodate the pattern "abort(); return whateverErrorWouldOtherwiseBeAppropriate();", which is probably preferable to "return nil", a misleading no-error indication.
2020-07-06 17:02:26 +01:00
Max Schaefer
61bc51c133
Merge pull request #242 from max-schaefer/remove-experimental-precision
...
Remove `@precision` from experimental query.
2020-07-03 10:53:18 +01:00
Max Schaefer
5343315ad0
Remove @precision from experimental query.
...
We'll add it back when we take it out of experimental status.
2020-07-03 09:51:24 +01:00
Max Schaefer
570b232836
Merge pull request #235 from gagliardetto/bad-unsafe
...
Query to find wrong uses of package "unsafe"
2020-07-03 09:36:10 +01:00
Slavomir
94c0bc361d
Improve comments and alerts
2020-07-02 22:10:17 +03:00
Max Schaefer
534ab94067
Merge pull request #241 from max-schaefer/update-data-flow
...
Update shared data-flow libraries
2020-07-02 14:07:32 +01:00
Max Schaefer
b83076853f
Add change note.
2020-07-02 12:03:43 +01:00
Max Schaefer
89e9c6c2da
Teach clear-text logging query to ignore dummy passwords.
2020-07-02 12:02:56 +01:00
Max Schaefer
63187a0889
Make clear-text logging sources more precise.
2020-07-02 12:02:56 +01:00
Max Schaefer
7b903dd062
Teach CleartextLogging not to track through error.Error() and fmt.Stringer.String().
...
These two are very heavily overloaded and cause all sorts of false positives.
2020-07-02 12:02:56 +01:00
Max Schaefer
f807aa8b5e
Merge pull request #233 from owen-mc/library-modeling
...
Create guide for modeling go libraries
2020-07-02 12:01:45 +01:00
Max Schaefer
dc5813b159
Data flow: Remove big-step relation in flow-through code
...
cf https://github.com/github/codeql/pull/3857
2020-07-02 11:55:41 +01:00
Max Schaefer
09d2fe391e
Data flow: Replace getErasedRepr() and Node::getTypeBound() with getNodeType().
...
cf https://github.com/github/codeql/pull/3854
2020-07-02 11:55:41 +01:00
Max Schaefer
7925db7911
Merge pull request #240 from max-schaefer/fix-frontend-errors
...
Fix frontend errors
2020-07-02 10:14:39 +01:00
Max Schaefer
25c969d14c
Model message components for Fprintf and friends more precisely.
2020-07-02 09:41:03 +01:00
Max Schaefer
c80314a3fb
Treat non-sensitive header retrieval as a barrier.
2020-07-02 09:41:03 +01:00
Max Schaefer
29cbac429f
Fix stub for crypto/ssh.
2020-07-02 07:51:29 +01:00
Max Schaefer
5ac8ba9cef
Fix an error in Types test.
2020-07-02 07:51:16 +01:00
Max Schaefer
eeae713c2f
Dataflow: Refactor dispatch with call context.
...
cf https://github.com/github/codeql/pull/3804
2020-07-01 20:02:40 +01:00
Slavomir
b919ee03bf
Merge branch 'bad-unsafe' of https://github.com/gagliardetto/codeql-go into bad-unsafe
2020-07-01 17:36:50 +03:00
Slavomir
267057b4b2
Use Nodes instead of Expressions
2020-07-01 17:33:40 +03:00
Owen Mansel-Chan
4a002c3044
Address review comments and delete md file
2020-07-01 15:08:00 +01:00
Max Schaefer
f74a94e382
Merge pull request #170 from sauyon/tracing
...
Extract more dependency ASTs
2020-07-01 14:25:52 +01:00
Owen Mansel-Chan
3a2a33b956
Convert to reStructuredText
...
Annoyingly rst won't easily let you make some text monospace inside the
text for a link. The only other things I've changed from pandoc's output
are changing "code::" to "code-block::" and adding whitespace to get the
lists to format correctly.
2020-07-01 10:43:08 +01:00
Slavomir
62ccceb543
Apply suggestions from code review
...
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-07-01 12:16:40 +03:00
Slavomir
87c2ac3caf
Remove deprecated; plus aesthetic fix
2020-07-01 12:11:41 +03:00
Owen Mansel-Chan
126d214a2d
Address review comments
2020-07-01 10:04:55 +01:00
Slavomir
37af579f27
Implement code review feedback
2020-07-01 12:02:12 +03:00
Max Schaefer
05da78d0f2
Merge pull request #238 from owen-mc/tfunctionoutput-receiver-separate-case
...
Make receiver a separate case in TFunctionOutput
2020-07-01 09:53:13 +01:00
Slavomir
7475170ced
Fix getBaseType
2020-07-01 11:21:15 +03:00
Slavomir
7f65424556
Fix comments and tests
2020-07-01 10:40:34 +03:00
Slavomir
9421476bea
Add IndexExpr logic and example
2020-07-01 10:21:16 +03:00
Slavomir
036a1faffa
Remove redundancy
2020-06-30 23:00:19 +03:00
Slavomir
c5354a88f0
Update tests
2020-06-30 22:11:05 +03:00
Slavomir
22e9c75d68
If pointer is to an IndexExpr, the use base type of that index expression
2020-06-30 22:07:40 +03:00
Sauyon Lee
6e5e9ce5de
Improve comments for extractor utility functions
2020-06-30 11:44:10 -07:00
Sauyon Lee
c6dfcf7365
Merge pull request #237 from github/revert-165-support-actions
...
Revert "autobuilder: Add support for GITHUB_REPOSITORY environment variable"
2020-06-30 11:40:34 -07:00
Owen Mansel-Chan
83fffa6350
Address review comments
2020-06-30 18:37:00 +01:00
Owen Mansel-Chan
826603a396
Make receiver a separate case in TFunctionOutput
...
This is for consistency with TFunctionInput, which already does this
2020-06-30 17:15:52 +01:00
Owen Mansel-Chan
88e2ae1b2e
Address review comments
2020-06-30 17:00:05 +01:00
Remco Vermeulen
a89b87f643
CWE-322 InsecureHostKeyCallback ( #234 )
2020-06-30 15:38:21 +01:00
Max Schaefer
ccfccb4828
Revert "autobuilder: Add support for GITHUB_REPOSITORY environment variable"
2020-06-30 15:13:26 +01:00
Chris Smowton
595866a6d8
Extractor: give the go.mod comment groups a source location ( #232 )
...
The comment group is now omitted entirely if empty, and otherwise delimits the range of the comments ascribed to this group.
2020-06-30 14:59:13 +01:00
Max Schaefer
e374f92555
Merge pull request #236 from max-schaefer/update-data-flow
...
Update data-flow libraries
2020-06-30 14:32:56 +01:00
Slavomir
8238d111b5
Fix tests
2020-06-30 13:37:44 +03:00
Slavomir
c28e83a793
Add references
2020-06-30 12:53:51 +03:00
Slavomir
3181ac6ec8
Add qhelp file and examples
2020-06-30 12:43:42 +03:00
Slavomir
27ac4c3236
Fix comment
2020-06-30 12:12:03 +03:00
Max Schaefer
df4265e31b
Add more tests for clear-text logging.
2020-06-30 10:05:01 +01:00
Max Schaefer
ef340954e4
Add mask* as a heuristic name for an obfuscating function.
2020-06-30 10:05:01 +01:00
Max Schaefer
e6a44d4578
Add HTTP-request headers as a source for clear-text logging.
2020-06-30 10:05:01 +01:00
Max Schaefer
e692af21ac
Extend model of glog to also cover two API-compatible forks.
2020-06-30 10:05:01 +01:00
Slavomir
6f396b9ad8
Add comments to codeql query
2020-06-30 11:47:14 +03:00
Slavomir
8473ed0d81
Add tests
2020-06-30 11:31:24 +03:00
Slavomir
c71ecd678e
Initial commit for: wrong use of package unsafe
2020-06-30 10:45:03 +03:00
Owen Mansel-Chan
63b2afb4ce
Create guide for modeling go libraries
2020-06-29 11:46:09 +01:00
Max Schaefer
2b3e3bda8f
Data flow: Model field clearing.
...
cf https://github.com/github/codeql/pull/3762
2020-06-29 11:06:35 +01:00
Max Schaefer
f7ed65692f
Data flow: Use accessPathLimit() in partial flow as well.
...
cf. https://github.com/github/codeql/pull/3494
2020-06-29 11:02:35 +01:00
Max Schaefer
5275168253
Make target branch configurable for sync-dataflow-libraries.
...
You can now do `make DATAFLOW_BRANCH=<committish> sync-dataflow-libraries`; default is still `master`.
2020-06-29 10:02:59 +01:00
Max Schaefer
76f482682c
Merge pull request #182 from owen-mc/gin-framework
...
Move model for Gin framework out of experimental
2020-06-26 20:26:48 +01:00
Max Schaefer
91ca2bb434
Merge pull request #231 from max-schaefer/taint-through-range
...
Propagate taint through `range` statements
2020-06-26 19:58:53 +01:00
Sauyon Lee
468d9812c4
Merge pull request #227 from max-schaefer/cve-2018-15798
...
Teach `OpenUrlRedirect` to propagate out of `URL.Path` and a few other fields.
2020-06-26 06:21:59 -07:00
Max Schaefer
57f8b08568
Update expected test output.
...
The tests for `UnsafeTLS` now work as expected.
2020-06-26 11:30:26 +01:00
Max Schaefer
66ec160f64
Add change note.
2020-06-26 11:20:45 +01:00
Max Schaefer
258a276242
Propagate taint through range loops.
2020-06-26 11:20:45 +01:00
Max Schaefer
ce3007395f
Rename arrayStep to elementStep, which is more accurate.
2020-06-26 11:20:45 +01:00
Max Schaefer
ba82a76948
Merge pull request #229 from max-schaefer/getAPrimaryQlClass
...
Rename `describeQlClass` to `getAPrimaryQlClass`.
2020-06-26 07:51:04 +01:00
Max Schaefer
9904b9e926
Allow flow through more URL fields.
2020-06-26 07:50:08 +01:00
Max Schaefer
3bf934d64b
Add change note.
2020-06-25 22:23:49 +01:00
Owen Mansel-Chan
82361ce060
Fix modelling of Params part 2
2020-06-25 21:55:10 +01:00
Owen Mansel-Chan
cf47159a30
Change how Param and Params are modeled
...
Previously any read of type Param or Params was a source. Now reading
Context.Params is a source. This should reduce the number of duplicate
paths.
2020-06-25 21:55:10 +01:00
Owen Mansel-Chan
9fd892ab94
Fix context bind sources
...
Using FunctionOutput was recommended in the first PR but not implemented.
2020-06-25 21:55:00 +01:00
Owen Mansel-Chan
93399c6348
Add tests for bind methods with pointer-typed variables
2020-06-25 16:17:57 +01:00
Max Schaefer
d290bea39a
Rename describeQlClass to getAPrimaryQlClass.
2020-06-25 15:08:01 +01:00
Max Schaefer
a89e4971ac
Merge pull request #221 from gagliardetto/bad-tls
...
Add CWE-327 (unsafe TLS)
2020-06-25 09:18:42 +01:00
Sauyon Lee
380060c7e4
extractor: Refactor regexp compilation for the relative directory check
2020-06-24 23:29:55 -07:00
Sauyon Lee
9e8d386f3c
Clarify change note
2020-06-24 23:29:55 -07:00
Sauyon Lee
fa391b1516
extractor: Factor out common bits for running go list
2020-06-24 23:29:54 -07:00
Sauyon Lee
ebdd724b75
Simplify logic for deciding whether to extract a package
2020-06-24 23:29:53 -07:00
Sauyon Lee
e25b882e42
Clarify some comments
...
As suggested in code review
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-06-24 23:29:52 -07:00
Sauyon Lee
9bd1f87d66
Address review comments
2020-06-24 23:29:51 -07:00
Sauyon Lee
de2f407c69
Add change note for more dependency AST extraction
2020-06-24 23:29:50 -07:00
Sauyon Lee
7863bb656e
Use the -mod argument from the build when calling go list
2020-06-24 23:29:49 -07:00
Sauyon Lee
296d2d5fd3
extractor: modify FileExists to check that the path isn't a directory
2020-06-24 23:29:48 -07:00
Sauyon Lee
3513c352e6
extractor: Factor out FileExists utility function
2020-06-24 23:29:48 -07:00
Sauyon Lee
f197975c6e
Extract packages more intelligently
...
We now extract packages that have the same module root as the specified packages, as determined by
the `go list` command.
2020-06-24 23:29:47 -07:00
Slavomir
95b76dceca
Remove check
2020-06-24 21:39:23 +03:00
Slavomir
4dc1399385
Update comments on the lines that have incorrect flagging
2020-06-24 15:11:33 +03:00
Sauyon Lee
6883a97628
Merge pull request #223 from max-schaefer/update-data-flow
...
Data flow: Track precise types during field flow
2020-06-24 00:10:54 -07:00
Max Schaefer
8c27e16190
Merge pull request #226 from smowton/smowton/fix/remove-spurious-cfg-edge-from-expressionless-switch
...
Remove spurious control-flow edge around switch block without a test
2020-06-24 07:47:37 +01:00
Slavomir
3aa9b25673
Fix comment
2020-06-23 22:40:25 +03:00
Chris Smowton
4882f277f5
Remove spurious control-flow edge around switch block without a test-expression
...
Previously we thought it possible to get from top to bottom of a block like "switch { case f(): ... }", when in fact this is only possible if there are no case blocks to execute.
I also add tests for two possible corner cases of a switch without a test-expression: a completely empty switch (the 'true' is indeed the last node) and switch with an empty default block (a single 'skip' is generated for the default block and the 'true' is not the last node)
2020-06-23 17:46:08 +01:00
Chris Smowton
1dc427a2c5
Cleanup: use TypeSwitchStmt.getAssign, not a raw child accessor
2020-06-23 17:46:08 +01:00
Max Schaefer
4e6d9b3811
Teach OpenUrlRedirect to propagate out of URL.Path and a few other fields.
2020-06-23 15:29:18 +01:00
Slavomir
561c5b91d2
Implement code review feedback
2020-06-23 16:07:05 +03:00
Max Schaefer
95011cebc2
Merge pull request #225 from sauyon/unqualify-functioninput
...
Unqualify uses of FunctionInput and FunctionOutput
2020-06-23 11:24:46 +01:00
Slavomir
56727b220b
Try different ways of passing taint through a field
2020-06-23 12:14:49 +03:00
Sauyon Lee
ecff1e6a16
Unqualify uses of FunctionInput and FunctionOutput
2020-06-22 22:25:33 -07:00
Max Schaefer
d3e6e5c0b3
Data flow: Track precise types during field flow
...
cf https://github.com/github/codeql/pull/3456
2020-06-22 20:53:05 +01:00
Slavomir
4ab929a656
Simplify
2020-06-22 17:54:07 +03:00
Slavomir
29eba441d7
Determine TLS version from int value
2020-06-22 17:50:20 +03:00
Slavomir
70bc4c81a0
Fix typo
2020-06-22 17:15:56 +03:00
Slavomir
783f710188
Fix comments
2020-06-22 17:12:15 +03:00
Slavomir
e38d4ecd9c
Fix typos
2020-06-22 17:00:31 +03:00
Slavomir
bbf8d7306b
Add CWE-327
2020-06-22 16:54:14 +03:00
Max Schaefer
d8374adbde
Merge pull request #219 from max-schaefer/refine-virtual-dispatch
...
Refine potential targets for method call through interface
2020-06-22 13:47:48 +01:00
Max Schaefer
b2ea23685c
Merge pull request #220 from max-schaefer/master
...
Temporarily disable CodeQL analysis
2020-06-22 13:46:51 +01:00
Max Schaefer
b64d3467aa
Temporarily disable CodeQL analysis
...
https://github.com/github/codeql-go/pull/184 added a regression test for the non-termination it was fixing. The fix hasn't made it into Code Scanning yet, so for the time being it will fail with precisely that non-termination when analysing the regression tests.
2020-06-22 12:18:29 +01:00
Max Schaefer
1f68a32cdc
Add change note.
2020-06-22 09:22:47 +01:00
Max Schaefer
759e3d5632
Further refine potential call targets for interface calls.
...
The call target must belong to the method set of a type that implements the interface type of the method call receiver, if any.
For example, assume `h` has type `hash.Hash`, then `h.Write(...)` should only be resolved to implementations of `Write` in types implementing `hash.Hash`, not arbitrary other `Writer`s.
2020-06-22 09:22:47 +01:00
Max Schaefer
1c58028ae3
Expose receiver type in isInterfaceCallReceiver.
2020-06-22 09:22:47 +01:00
Max Schaefer
0e5e116217
Add a few more utility predicates to DataFlow::Node.
2020-06-22 09:22:47 +01:00
Max Schaefer
18db1fe79f
Merge pull request #184 from max-schaefer/lookup-fields-in-cyclic-struct
...
Fix field lookup in cyclic structs
2020-06-21 09:23:57 +01:00
Max Schaefer
47c4c55923
Merge pull request #185 from github/max-schaefer-patch-2
...
Set up Code Scanning
2020-06-20 10:41:25 +01:00
Sauyon Lee
8742f09343
Merge pull request #186 from max-schaefer/fix-test-compile-errors
...
Fix compiler errors in tests.
2020-06-19 08:28:34 -07:00
Chris Smowton
6c230980a3
Merge pull request #187 from max-schaefer/fill-in-qldoc
...
Add qldoc for three public predicates in `PrintAst.qll`.
2020-06-19 15:30:24 +01:00
Max Schaefer
0f4297ff5c
Add qldoc for three public predicates in PrintAst.qll.
...
It's bland, but we try to maintain a 100% documentation coverage for our public library elements.
2020-06-19 14:25:57 +01:00
Max Schaefer
314bda2a7f
Fix compiler errors in tests.
2020-06-19 14:21:10 +01:00
Max Schaefer
df02ad404e
Set up Code Scanning
2020-06-19 14:02:31 +01:00
Max Schaefer
79b0ea8d77
Merge pull request #183 from smowton/smowton/cleanup/field-parent
...
Clean up @field and @fieldparent usage
2020-06-19 11:30:52 +01:00
Chris Smowton
3c8153ca1e
Clean up @field and @fieldparent usage
...
* Centralise use of raw types and database predicates in FieldParent and FieldBase classes
* Deduplicate type predicates common to all fields
* Deduplicate predicates common to function parameters and results
2020-06-19 11:00:42 +01:00
Max Schaefer
c31a7fc228
Add a few more tests.
2020-06-19 09:28:12 +01:00
Max Schaefer
2df8c275e0
Fix field lookup in cyclic structs.
2020-06-19 08:16:09 +01:00
Max Schaefer
7c2358c1d0
Merge pull request #181 from sauyon/reflectedxss-fps
...
ReflectedXSS refinement
2020-06-18 11:14:13 +01:00
Max Schaefer
7af168fc3b
Merge pull request #179 from smowton/smowton/feature/printast
...
Add barebones PrintAST for Go
2020-06-17 17:02:53 +01:00
Owen Mansel-Chan
c5cb55afc6
Add a change note
2020-06-17 15:14:16 +01:00
Owen Mansel-Chan
2282def1e2
Merge pull request #180 from owen-mc/email-injection
...
Move email injection query out of experimental folder
2020-06-17 15:11:31 +01:00
Chris Smowton
1a823b21f1
PrintAst: Emit relative paths for file nodes
...
This is a workaround for codeql run test not itself truncating absolute paths
when comparing against actual output.
2020-06-17 15:03:29 +01:00
Owen Mansel-Chan
49abd0b9b1
Add test using hashing
2020-06-17 14:33:53 +01:00
Chris Smowton
80b9be1004
Add simple PrintAst test
...
This both checks that many common control-flow structures print as expected, and checks our unique child node numbering, which would otherwise give the same label to a file's package (its 0th child expression) and its 0th declaration.
2020-06-17 14:25:45 +01:00
Owen Mansel-Chan
83697f62ac
Address review comments on qhelp
2020-06-17 14:21:37 +01:00
Chris Smowton
bd7b7c06b5
Add AstNode.getCanonicalQlClass and use it in PrintAst
...
This gives those classes satisfied by an AstNode that are considered useful for developer understanding, cf. getAQlClass which returns all satisfied classes and hides overridden ones, even if they are interesting.
2020-06-17 13:47:23 +01:00
Owen Mansel-Chan
3a3fbfff45
Update moved files
2020-06-17 11:36:11 +01:00
Owen Mansel-Chan
d7c6391b41
Move Gin files out of experimental
...
No changes have been made to the files in this commit
2020-06-17 11:34:09 +01:00
Owen Mansel-Chan
f926808c8a
Address review comments
2020-06-17 10:11:41 +01:00
Sauyon Lee
ed87c346cf
Add tests for the ReflectedXSS HTML content type sniffing regexp
2020-06-17 00:28:03 -07:00
Sauyon Lee
95235c8415
Add change note for reflected xss regexp fixes
2020-06-17 00:28:03 -07:00
Sauyon Lee
4f3854c052
ReflectedXSS: Ignore whitespace for HTML content type detection
2020-06-17 00:28:02 -07:00
Chris Smowton
464773d99a
Add initial implementation of PrintAST for Go
...
Known shortcomings:
* Uses getAQlClass rather than tagging AST nodes with a canonical class, as the C++ version of the same query does
* Types and go.mod lines are not printed informatively (typically we just get a short description of the node kind, e.g. 'function type')
* Children are always named for their child indices; we should give informative names to the edges where an accessor is declared (e.g. IfStmt names its children 'init', 'cond', 'if', 'else')
2020-06-16 17:21:56 +01:00
Owen Mansel-Chan
a3bc094731
Add change note
2020-06-16 15:48:39 +01:00
Owen Mansel-Chan
1b49bcc3b3
Put code snippets from qhelp in test folder
2020-06-16 15:44:51 +01:00
Owen Mansel-Chan
336eba1be4
Add Hash.Write and similar as sanitizers
2020-06-16 12:48:43 +01:00
Sauyon Lee
1853e990a3
ReflectedXss: Allow regexp to match newlines
2020-06-16 00:43:12 -07:00
Owen Mansel-Chan
f27ecdabb8
Set precision to high
2020-06-15 17:42:19 +01:00
Owen Mansel-Chan
4f6ce61de2
Move EmailInjection query out of experimental
2020-06-15 17:42:19 +01:00
Max Schaefer
a88bf4c9fa
Merge pull request #177 from sauyon/whitelist
...
Use allow or allowlist instead of whitelist
2020-06-13 19:44:51 +01:00
Sauyon Lee
66f733d798
Use allow or allowlist instead of whitelist
2020-06-12 09:16:41 -07:00
Owen Mansel-Chan
282b8cb9e4
Merge pull request #175 from owen-mc/array-slice-literal
...
Add classes for array and slice literals
2020-06-12 12:12:02 +01:00
Owen Mansel-Chan
e6217d90d7
Provide better strings for map and struct literals
2020-06-12 11:23:58 +01:00
Owen Mansel-Chan
dc113ab19f
Update tests for new strings
2020-06-12 10:40:13 +01:00
Owen Mansel-Chan
e9c2958095
Add classes for array and slice literals
2020-06-12 10:40:13 +01:00
Max Schaefer
47804d68c7
Merge pull request #176 from max-schaefer/update-data-flow
...
Data flow: Allow nodes to be hidden from path explanations
2020-06-12 07:23:15 +01:00
Owen Mansel-Chan
f11b956583
Add a superclass for literals ( #172 )
2020-06-11 19:53:40 +01:00
Max Schaefer
40ffa221bc
Merge pull request #171 from owen-mc/typeexprs-extend-typeexpr
...
Make `ArrayTypeExpr` and so on extend `TypeExpr`
2020-06-11 17:20:29 +01:00
Max Schaefer
b164cf33c7
Merge pull request #174 from github/rc/1.24
...
Merge rc/1.24 into master
2020-06-11 17:19:23 +01:00
Max Schaefer
9e3681cda4
Merge pull request #173 from owen-mc/update-ast-class-reference
...
Update AST class reference
2020-06-11 16:47:43 +01:00
Owen Mansel-Chan
71005f19c6
Update AST class reference
...
To match https://github.com/github/codeql/pull/3685
2020-06-11 16:08:36 +01:00
Owen Mansel-Chan
c891d22f74
Make ArrayTypeExpr and so on extend TypeExpr
...
To avoid a recursive definition, need to replace ArrayTypeExpr with@arraytypeexpr and so on in isTypeExprBottomUp(Expr e).
2020-06-11 11:06:15 +01:00
Max Schaefer
c6537f6d3b
Data flow: Allow nodes to be hidden from path explanations
...
cf https://github.com/github/codeql/pull/3657
2020-06-11 09:59:40 +01:00
Max Schaefer
24e2a294ed
Merge pull request #169 from max-schaefer/rc/1.24
...
Merge rc/1.24 into master
2020-06-11 09:15:28 +01:00
Max Schaefer
d8f1873635
Merge branch 'master' into rc/1.24
2020-06-11 08:10:22 +01:00
Owen Mansel-Chan
c30893aba7
Add AST class reference ( #164 )
2020-06-10 15:59:48 +01:00
Max Schaefer
8787f0b4f0
Merge pull request #165 from sauyon/support-actions
...
autobuilder: Add support for GITHUB_REPOSITORY environment variable
2020-06-10 09:45:18 +01:00
Sauyon Lee
4cd3f89128
Merge pull request #168 from max-schaefer/make-autoformat
...
Add Make target to autoformat all QL.
2020-06-09 12:55:57 -07:00
Sauyon Lee
ba0f922a28
autobuilder: Add support for GITHUB_REPOSITORY environment variable
...
This is for use within GitHub actions
2020-06-09 11:52:23 -07:00
Max Schaefer
1342d8688e
Autoformat.
2020-06-09 17:38:18 +01:00
Max Schaefer
b4b78ff923
Use newer version of CodeQL.
2020-06-09 17:36:38 +01:00
Max Schaefer
6b5657b5fb
Add PR check to ensure everything is autoformatted.
2020-06-09 17:31:29 +01:00
Max Schaefer
04af08ca0d
Add Make target to autoformat all QL.
...
Use
```sh
make autoformat
```
to format all `.ql` and `.qll` files under `ql/src`.
Use
```sh
make AUTOFORMAT=--check-only autoformat
```
to check that all `.ql` and `.qll` files under `ql/src` are correctly formatted and fail if they are not.
2020-06-09 17:27:53 +01:00
Max Schaefer
524b11b81a
Merge pull request #163 from robertbrignull/more-suites
...
Add more code-scanning suites
2020-06-04 09:53:14 +01:00
Robert Brignull
9ee57374cb
add more code-scanning suites
2020-06-01 10:58:49 +01:00
Max Schaefer
b37bdec66c
Merge pull request #157 from owen-mc/isresult-consistency
...
Make FunctionOutput.isResult(0) and CallNode.getResult(0) match single results
2020-05-29 17:13:21 +01:00
Max Schaefer
2f7ff6b56c
Merge pull request #162 from max-schaefer/open-url-redirect-formvalue
...
Consider `Request.FormValue(...)` as a source for URL redirects.
2020-05-29 15:56:50 +01:00
Max Schaefer
8f0592a079
Consider Request.FormValue(...) as a source for URL redirects.
...
Despite its name, this method doesn't just handle form values but also query parameters.
2020-05-29 15:03:05 +01:00
Sauyon Lee
b1db53e733
Merge pull request #161 from max-schaefer/more-mutable-types
...
Broaden definition of mutable types for taint tracking
2020-05-29 06:55:16 -07:00
Max Schaefer
64c60f6153
Merge pull request #160 from sauyon/readme
...
Add links to the CodeQL CLI and LGTM.com
2020-05-29 07:13:20 +01:00
Sauyon Lee
51026a7142
Add links to the CodeQL CLI and LGTM.com
2020-05-28 22:38:23 -07:00
Owen Mansel-Chan
36fa2c29fa
Simplify more code
2020-05-28 17:40:23 +01:00
Owen Mansel-Chan
65608a2912
Address review comments
2020-05-28 17:24:37 +01:00
Max Schaefer
e3501ddb44
Introduce more post-update nodes.
...
To model (taint) flow through functions, we introduce post-update nodes for arguments (including receivers), but only if that argument is mutable.
However, previously our criterion for determining whether an argument is mutable was a little too restrictive. In particular, we would not consider a struct-typed argument as mutable, since structs are passed by value. While this is reasonable for data flow, it is unnecessarily restrictive for taint, since it makes perfect sense to track deep taint through structs.
So instead we now turn things round and instead consider _all_ types to be mutable except for primitive types (booleans, numbers, and strings).
2020-05-28 15:33:09 +01:00
Max Schaefer
0dd7676bd8
Add another function-model test.
2020-05-28 15:31:00 +01:00
Max Schaefer
1c5dd51992
Add codespaces configuration
2020-05-28 13:09:21 +00:00
Owen Mansel-Chan
bbce7d1f05
Simplify existing code
2020-05-28 13:07:08 +01:00
Owen Mansel-Chan
1c5a4605d6
Add CallNode.getAResult()
2020-05-28 12:49:05 +01:00
Owen Mansel-Chan
1580591b73
Address review comments
2020-05-28 12:49:05 +01:00
Max Schaefer
e7095baa39
Fix nonHtmlContentType.
2020-05-27 16:52:11 +01:00
Owen Mansel-Chan
f0e1147551
Make CallNode.getResult(0) match single results
2020-05-27 10:24:09 +01:00
Owen Mansel-Chan
4be805966f
Make FunctionOutput.isResult(0) match single results
2020-05-27 10:24:09 +01:00
Owen Mansel-Chan
ae2ed877ee
Add tests for CallNode.getResult
2020-05-27 10:24:09 +01:00
Owen Mansel-Chan
53cfbcc255
Add tests for FunctionOutput.isResult
2020-05-27 10:24:03 +01:00
Max Schaefer
8596a99f9d
Merge pull request #156 from max-schaefer/update-data-flow
...
Data flow: Remove deprecated predicates.
2020-05-26 16:16:44 +01:00
Max Schaefer
a59e754403
Data flow: Remove deprecated predicates.
...
cf https://github.com/github/codeql/pull/3515
2020-05-26 11:09:35 +01:00
Max Schaefer
1f54edfe99
Add make target for synchronising data-flow libraries.
2020-05-26 11:09:07 +01:00
Max Schaefer
63fddfc705
Merge pull request #155 from sauyon/dbscheme-binary
...
Create a new entry point for generating dbschemes
2020-05-26 10:17:39 +01:00
Sauyon Lee
aef7524f35
Add a go-gen-dbscheme for generating dbschemes
2020-05-22 08:04:40 -07:00
Max Schaefer
4206408826
Merge pull request #153 from max-schaefer/cleanup-107
...
More cleanup
2020-05-22 13:18:46 +01:00
Max Schaefer
223d0dbf0b
Fix missing </p> in qhelp.
2020-05-22 11:18:27 +01:00
Max Schaefer
bccf750e2e
Sort go.qll alphabetically.
2020-05-22 11:12:31 +01:00
Max Schaefer
1d479d9a73
Add change note.
2020-05-22 11:11:58 +01:00
Max Schaefer
3c8fa02356
Regularise a few comments.
2020-05-22 11:11:58 +01:00
Max Schaefer
adc3ce8274
Extend documentation for package and use it in two more places.
...
The predicate now works with an empty package path.
The way this is implemented is perhaps slightly non-obvious: the `($|/)\\Q" + path + "\\E"` part of the regular expression either matches the end of the string (and `path` must then be empty), or a slash followed by `path` (which may or may not be empty).
We do allow non-canonical import paths ending in `/`, which the compiler rejects. We could disallow that by putting a `(?!$)` assertion after the `/`, but that seems overkill.
2020-05-22 11:11:58 +01:00
Max Schaefer
31c636fa55
Standardise on capitalisation WebSocket.
2020-05-22 11:11:58 +01:00
Max Schaefer
1d910a9622
Merge pull request #148 from owen-mc/syntax-examples-for-ast-classes
...
Add syntax examples to qldoc comments for AST classes
2020-05-22 10:48:18 +01:00
Owen Mansel-Chan
df8bfab6d6
Address review comments
2020-05-22 10:06:23 +01:00
Max Schaefer
e7ad4f9308
Merge pull request #152 from github/jf205-patch-1
...
Link README.md to the CodeQL repo
2020-05-22 09:44:03 +01:00
Owen Mansel-Chan
2c8e4a2b34
Add syntax examples to qldoc comments for AST classes
2020-05-22 09:28:50 +01:00
James Fletcher
e596c988f1
Update README.md
2020-05-21 16:43:04 +01:00
Max Schaefer
27cab43448
Merge pull request #151 from sauyon/remove-binary
...
Remove accidentally committed binary
2020-05-20 22:24:42 +01:00
Max Schaefer
f1b5a18aa2
Merge pull request #109 from porcupineyhairs/WebsocketXss
...
Model websocket read and write functions.
2020-05-20 19:45:25 +01:00
Sauyon Lee
8b9abf1abb
Add main to .gitignore
2020-05-20 09:19:51 -07:00
Sauyon Lee
0b7eea7852
Remove accidentally added binary
2020-05-20 09:19:42 -07:00
Sauyon Lee
581a81ca1a
Add missing licenses for websocket libraries
2020-05-20 09:16:38 -07:00
Sauyon Lee
92aad7ea1e
Fix dependency stubs for websocket framework
2020-05-20 09:01:46 -07:00
Sauyon Lee
a2e2e260b2
Merge branch 'master' into WebsocketXss
2020-05-20 08:57:36 -07:00
Porcupiney Hairs
d1d4c2e492
Golang : Add WebSocket Read and Write Functions.
2020-05-20 20:48:43 +05:30
Sauyon Lee
f599a502fc
Merge pull request #150 from max-schaefer/cleanup-108
...
Various cleanups
2020-05-20 08:13:48 -07:00
Max Schaefer
4a5b29e78f
Add a missing qldoc comment.
2020-05-20 14:37:38 +01:00
Max Schaefer
ed3a06ea5d
Autoformat QL.
2020-05-20 14:35:01 +01:00
Max Schaefer
b871f54e4d
Fix frontend error in ql/test/query-tests/Security/CWE-079.
2020-05-20 14:34:36 +01:00
Max Schaefer
7773828347
Fix frontend errors in ql/test/library-tests/semmle/go/frameworks/Websocket.
2020-05-20 14:34:22 +01:00
Max Schaefer
7e314f037a
Fix frontend errors in ql/test/library-tests/semmle/go/Packages.
2020-05-20 14:27:00 +01:00
Max Schaefer
806cfc7c5e
Merge pull request #149 from max-schaefer/cleanup-130
...
Clean up NoSQL library
2020-05-20 13:55:54 +01:00
Max Schaefer
f5a8e07cf0
Merge pull request #107 from porcupineyhairs/ssrf
...
Add SSRF query to codeql-go
2020-05-20 13:55:07 +01:00
Max Schaefer
9a4bee9448
Add change note.
2020-05-20 10:10:28 +01:00
Max Schaefer
267416f61f
Rename a predicate to clarify that it is MongoDB specific.
2020-05-20 10:08:49 +01:00
Max Schaefer
cc24a8879f
Rewrite a taint step to make more idiomatic use of the data-flow library.
2020-05-20 10:05:43 +01:00
Max Schaefer
8cc76edee4
Rephrase a comment and split up some very long lines.
2020-05-20 10:05:26 +01:00
Max Schaefer
d7b82b2355
Rename a few modules and classes to reflect the fact that NoSQL queries are not usually strings.
2020-05-20 10:04:59 +01:00
Sauyon Lee
f2bbbe30e2
Stub WebSocket dependencies
2020-05-19 19:53:03 +05:30
Porcupiney Hairs
2b5989cff2
Add improvements for codeql-go SSRF query
2020-05-19 19:53:03 +05:30
Max Schaefer
6d93f48933
Merge pull request #147 from owen-mc/redundant-recover
...
Go: Add query for redundant calls to recover
2020-05-19 07:14:27 +01:00
Owen Mansel-Chan
275be36e4a
Update change-notes/2020-05-18-redundant-recover.md
...
Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com >
2020-05-19 06:31:47 +01:00
Owen Mansel-Chan
23a7db5d4d
Minor textual corrections
2020-05-18 17:05:49 +01:00
Owen Mansel-Chan
fbee7fe983
Add new query for redundant calls to recover
2020-05-18 16:13:46 +01:00
Sauyon Lee
e57edccdab
Merge pull request #145 from max-schaefer/allocation-size-overflow-is-big
...
Simplify logic in AllocationSizeOverflow query.
2020-05-15 11:20:01 -07:00
Max Schaefer
8a8082f6ad
Merge pull request #144 from max-schaefer/interface-method-implements
...
Refine `Method.implements` so that interface methods only implement themselves.
2020-05-15 17:01:28 +01:00
Max Schaefer
27cb92fb86
Use .pp() in a few tests selecting types.
2020-05-15 15:54:23 +01:00
Max Schaefer
9c7e46386f
Simplify logic in AllocationSizeOverflow query.
2020-05-15 11:20:11 +01:00
Max Schaefer
d300ec6324
Refine Method.implements so that interface methods only implement themselves.
...
Without this restriction, the two `m`s in the following example are considered to implement each other, even though they aren't logically related:
```go
type I interface {
m()
}
type J interface {
m()
}
type K struct {
I
J
}
```
Previously, interface methods would sometimes implement themselves and sometimes not (see changes to test output for examples).
2020-05-15 11:09:17 +01:00
Max Schaefer
87c1bcad0a
Merge pull request #143 from github/max-schaefer-patch-1
...
Clarify which types have a qualified name.
2020-05-15 08:40:13 +01:00
Max Schaefer
24d8c7ea17
Clarify which types have a qualified name.
2020-05-15 07:31:51 +01:00
Max Schaefer
d41e41812b
Merge pull request #141 from sauyon/reflectedxss-fps
...
ReflectedXss improvements
2020-05-15 07:23:39 +01:00
Sauyon Lee
5e633b2c74
Add EqualityTestNode.getPolarity
2020-05-14 14:38:59 -07:00
Sauyon Lee
5e2b973ac4
Update comment in ReflectedXss test
...
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-05-14 14:35:08 -07:00
Sauyon Lee
ee0f3c9fba
Address review comments
2020-05-14 02:30:14 -07:00
Sauyon Lee
804165c9ef
Fix comment in ReflectedXss nonhtmlcontenttype
...
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-05-14 02:28:15 -07:00
Max Schaefer
1fbf552ef5
Merge pull request #140 from sauyon/depstubber-update
...
Update dependency stubs
2020-05-14 09:29:17 +01:00
Sauyon Lee
97b3ec5cfc
Update dependency stubs
2020-05-13 10:07:14 -07:00
Sauyon Lee
ac55287210
Merge pull request #138 from max-schaefer/fix-tests
...
Fix frontend errors in two tests and a code example
2020-05-13 08:50:35 -07:00
Sauyon Lee
b8b9ff13f3
Merge pull request #139 from max-schaefer/cleanup-131
...
Cleanup of `io` model
2020-05-13 08:29:45 -07:00
Max Schaefer
d5fcf28e03
Add change note.
...
While we didn't see any new results in the evaluation, this is a fairly substantial amount of changes, so adding a change note is probably justified.
2020-05-13 15:55:52 +01:00
Max Schaefer
e852caea07
Cleanup of Io module.
...
- Undid rename from `Io` to `IO`
- Ensured function signatures in comments have leading `func`
- Removed superfluous `extends Function` clauses
- Renamed a few classes to be more consistent.
2020-05-13 15:55:52 +01:00
Max Schaefer
41b5fc17ab
Inline two single-use predicates.
...
This fixes a TODO.
2020-05-13 15:40:36 +01:00
Max Schaefer
6e58524b78
Fix a typo.
2020-05-13 15:40:31 +01:00
Max Schaefer
ec2314310e
Fix code example in query.
2020-05-13 15:38:48 +01:00
Max Schaefer
ac9e39120b
Fix unused variable in test.
2020-05-13 15:28:49 +01:00
Max Schaefer
e034458574
Fix MongoDB tests.
2020-05-13 15:25:54 +01:00
Sauyon Lee
83a3b6336f
Add change note
2020-05-13 04:31:23 -07:00
Sauyon Lee
748dd6801e
Handle HTTP response writers that are fields
2020-05-13 04:31:07 -07:00
Sauyon Lee
9e5645fa9d
Add similar predicate to SsaWithFields
2020-05-13 03:56:55 -07:00
Sauyon Lee
2089cb4543
Merge pull request #133 from max-schaefer/cleanup-conditional-bypass
...
Cleanup conditional-bypass query
2020-05-13 02:31:13 -07:00
Max Schaefer
005e49fe94
Merge pull request #130 from porcupineyhairs/MongoInjection
...
Golang : Add MongoDB injection support
2020-05-13 09:43:49 +01:00
Sauyon Lee
24e939730a
Merge pull request #134 from max-schaefer/fix-test-errors
...
Fix frontend errors in tests
2020-05-13 01:38:30 -07:00
Max Schaefer
89d633ac3f
Merge pull request #120 from porcupineyhairs/SensitiveActionBypass
...
User-controlled bypass of sensitive action
2020-05-12 19:48:24 +01:00
Max Schaefer
d438b5ec03
Merge pull request #131 from porcupineyhairs/IO
...
Model stdlib's IO package.
2020-05-12 19:41:40 +01:00
Slavomir
84e2a5ddd2
Add experimental library: gin web framework ( #117 )
2020-05-12 14:27:11 +01:00
Max Schaefer
6f21b4030e
Merge pull request #135 from sauyon/tempfile-test
...
Add support for ioutil TempFile and TempDir
2020-05-12 14:25:38 +01:00
Sauyon Lee
21bfaec0d3
TaintedPath: Add change note for tempfiles
2020-05-12 05:44:19 -07:00
Porcupiney Hairs
e51bc42bfb
fix metadata
2020-05-12 17:31:24 +05:30
Sauyon Lee
33e4961c95
ReflectedXss: Add an equality test guard
2020-05-12 04:53:18 -07:00
Sauyon Lee
1ef06e9e40
Add getType to SsaWithFields
2020-05-12 04:52:44 -07:00
Max Schaefer
5dac94d24c
Merge pull request #116 from gagliardetto/CWE-681
...
CWE 681
2020-05-12 11:59:08 +01:00
Slavomir
556f527193
Exclude results in test files
2020-05-12 13:12:47 +03:00
Slavomir
e5e74f34d7
Add note on why the zero is commented out in Lt32BitFlowConfig
2020-05-12 13:06:11 +03:00
Slavomir
623d5b3a97
Add comments
2020-05-12 13:00:50 +03:00
Slavomir
ea7c38c99c
Remove references section from qhelp file
2020-05-12 13:00:27 +03:00
Slavomir
67a7294d10
Simplify and remove deprecated; add severity
2020-05-12 12:51:13 +03:00
Sauyon Lee
58e41e9302
ReflectedXss: More broadly exclude values with a constant prefix
2020-05-11 15:49:37 -07:00
Max Schaefer
a55c828fe4
Update ql/src/experimental/CWE-840/ConditionalBypass.ql
...
Co-authored-by: porcupineyhairs <61983466+porcupineyhairs@users.noreply.github.com >
2020-05-11 15:26:30 +01:00
Porcupiney Hairs
d0061bfd4b
Golang : Add MongoDB injection support
...
This PR adds support for MongoDB injection to the existing SQL injection query.
This models the official Golang MongoDB driver.
A brief summary of changes made in this query are :
1. A `NoSQL.qll` files has been created to model a `NoSQLQueryString`.
2. An entry is added in `go.qll` by default as I find these changes may be generally useful.
3. Library tests along with there expected outputs are added.
4. Query tests are added. However, I am unable to add the expected output as qltest
can't find depstubber. However, these can be easily added. I have created a separate
codeql-go database with the same files and ran the query against the same. I can see
there should be 14 correct results added from this PR.
2020-05-11 19:55:48 +05:30
Porcupiney Hairs
9b53ad3b3c
model IO package
2020-05-11 19:39:01 +05:30
Porcupiney Hairs
c1856ba260
fix tests
2020-05-11 19:32:28 +05:30
Max Schaefer
4a7171d91e
Fix frontend errors in BadRedirectCheck tests.
2020-05-11 11:45:21 +01:00
Max Schaefer
17dd99d326
Fix frontend errors in Mux tests.
2020-05-11 11:45:08 +01:00
Max Schaefer
df9902512f
More cleanup in help and tests.
...
In particular, I have copied over the examples referenced in the qhelp into the test folder and made sure they compile.
2020-05-11 11:07:38 +01:00
Max Schaefer
287dda0ab5
Minor cleanup in query and tests.
2020-05-11 11:05:40 +01:00
Max Schaefer
78201a2c5f
Rename ConditionBypass* to ConditionalBypass* for consistency with other languages.
2020-05-11 10:47:00 +01:00
Max Schaefer
3e830b69b5
Merge pull request #121 from porcupineyhairs/conditionBypass
...
User-controlled bypass of a comparision
2020-05-11 10:41:33 +01:00
Slavomir
5df81d3210
Apply suggestions from code review
...
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-05-11 12:37:14 +03:00
Sauyon Lee
181c03ebf3
Add support for ioutil TempFile and TempDir
2020-05-10 18:25:55 -07:00
Porcupiney Hairs
b32ac2a47f
fix tests
2020-05-11 04:51:17 +05:30
Porcupiney Hairs
4aba80b0bd
include changes from review
2020-05-11 04:05:41 +05:30
Porcupiney Hairs
3d10ec7e51
remove some obvious false positives and include changes from review
2020-05-11 03:13:01 +05:30
Max Schaefer
0e779d0b64
Merge pull request #62 from max-schaefer/update-data-flow
...
Port recent data-flow improvements
2020-05-07 16:07:33 +01:00
Max Schaefer
994536e93b
Add change note.
2020-05-07 11:46:31 +01:00
Max Schaefer
70f87b59d2
Data flow: Support stores into nodes that are not PostUpdateNodes.
...
cf https://github.com/github/codeql/pull/3312
2020-05-06 19:43:27 +01:00
Max Schaefer
fd2e618be2
Data flow: No more summaries
...
cf https://github.com/github/codeql/pull/3110
2020-05-06 19:43:27 +01:00
Max Schaefer
968d4d9cdd
Revert the join order fix from https://github.com/github/codeql/pull/2872 .
...
cf https://github.com/github/codeql/pull/3202
2020-05-06 19:43:27 +01:00
Max Schaefer
f2b43f65f9
Data flow: Exclude param-param flow through identical params.
...
cf https://github.com/Semmle/ql/pull/3060
2020-05-06 19:43:27 +01:00
Max Schaefer
aabe2f2f82
Data flow: No magic in returnFlowCallableCand.
...
cf https://github.com/Semmle/ql/pull/3142
2020-05-06 19:43:27 +01:00
Max Schaefer
c9ba6dd672
Fix up hasLocationInfo predicate.
2020-05-06 19:43:27 +01:00
Max Schaefer
5cd9168e4d
Data flow: Refactoring + performance improvements
...
cf https://github.com/Semmle/ql/pull/2903
2020-05-06 19:43:27 +01:00
Max Schaefer
96120e1e35
Update expected output.
2020-05-06 19:43:27 +01:00
Max Schaefer
8d10a8dd5b
Fix bug in type pruning.
...
cf https://github.com/Semmle/ql/pull/3020
2020-05-06 19:43:27 +01:00
Max Schaefer
d008d2a6a8
Fix performance issue in partial paths exploration.
...
cf https://github.com/Semmle/ql/pull/3021
2020-05-06 19:43:27 +01:00
Max Schaefer
1d4a993d87
Merge pull request #132 from max-schaefer/extends-this-class
...
Fix copy-pasted typo.
2020-05-06 19:42:55 +01:00
Max Schaefer
d6a5a72c01
Fix copy-pasted typo.
2020-05-06 13:54:28 +01:00
Sauyon Lee
164149b29a
Merge pull request #129 from max-schaefer/fix-argument-post-update-nodes
...
Fix and improve taint-tracking through function arguments
2020-05-06 02:57:01 -07:00
Max Schaefer
08f5451fce
Address review comments.
2020-05-06 07:32:15 +01:00
Max Schaefer
9f59777cc9
Merge pull request #119 from jcreedcmu/jcreed/jump-to-def-ide
...
Add queries for ide search.
2020-05-05 15:10:58 +01:00
Jason Reed
5653889a39
Exclude IDE queries from query suites.
2020-05-05 09:22:44 -04:00
Max Schaefer
2fb3d39f61
Merge pull request #128 from sauyon/mux
...
Add support for Mux library
2020-05-05 13:57:37 +01:00
Max Schaefer
a79f2b4f44
Add change note for CleartextLogging.
2020-05-05 12:05:09 +01:00
Max Schaefer
b177d58c88
Tweak test.
...
The query under test isn't a `@problem` query, so we should refer to "alerts".
2020-05-05 12:05:09 +01:00
Max Schaefer
60a6c96863
Simplify modeling of NewContent.
2020-05-05 12:05:09 +01:00
Max Schaefer
5a96b0e8ac
Add two function models for handling MIME APIs.
2020-05-05 12:05:09 +01:00
Max Schaefer
be94f2b9e6
Improve and extend various standard-library function models.
2020-05-05 12:05:09 +01:00
Max Schaefer
ca0d9cc66e
Merge pull request #127 from max-schaefer/clean-up-email-injection
...
Clean up `EmailInjection.qll` and related libraries.
2020-05-05 11:56:43 +01:00
Sauyon Lee
a841077cbe
Add support for Mux library
2020-05-05 03:25:08 -07:00
Max Schaefer
54f10157b0
Update ql/src/semmle/go/frameworks/Email.qll
...
Co-authored-by: Sauyon Lee <sauyon@github.com >
2020-05-05 11:24:19 +01:00
Max Schaefer
e632c75de3
Add support for taint models involving "backwards" taint propagation from results to arguments.
2020-05-04 16:36:38 +01:00
Max Schaefer
5e8e51993e
Simplify SmtpData.
2020-05-04 16:36:38 +01:00
Max Schaefer
5b0c48e332
Add taint models for fmt.Fprintf and io.WriteString.
2020-05-04 16:36:38 +01:00
Max Schaefer
d0e8d6efda
Fix post-update nodes for function arguments.
2020-05-04 16:36:38 +01:00
Max Schaefer
b1899374b9
Merge pull request #126 from max-schaefer/new-style-change-notes
...
Switch to new-style change notes.
2020-05-04 15:42:24 +01:00
Max Schaefer
04a19b7150
Clean up EmailInjection.qll and related libraries.
2020-05-04 09:13:23 +01:00
porcupineyhairs
657108d598
Add Email Content Injection Query ( #108 )
...
This adds a query for Email content injection issues.
It models the Golang's net/smtp library as well as
the Sendgrid email library (581 stars).
2020-05-04 07:54:30 +01:00
Max Schaefer
980241603b
Switch to new-style change notes.
2020-05-01 07:57:13 +01:00
Sauyon Lee
cd1d699208
Improve BadRedirectCheck query
...
We now look for a path from the variable being checked to a redirect.
Additionally, several sources of false positives have been eliminated, and a model of relevant parts of the Macaron framework has been added.
2020-05-01 07:13:16 +01:00
Slavomir
836b8965e2
Beautify .qhelp file
2020-04-30 16:59:30 +03:00
Slavomir
127cd3d003
Refactor query
2020-04-30 16:46:19 +03:00
Slavomir
b9fae2e5d0
Add newline
2020-04-30 16:46:19 +03:00
Slavomir
6f1f60896a
autoformat
2020-04-30 16:46:19 +03:00
Slavomir
c9c7e6c0a9
Add more test cases: add negative cases
2020-04-30 16:46:19 +03:00
Slavomir
d713087364
Mention in qhelp file: CWE-190: Integer Overflow or Wraparound
2020-04-30 16:46:19 +03:00
Slavomir
4517d4513f
Update qhelp file and go examples
2020-04-30 16:46:19 +03:00
Slavomir
f093226dab
Move query to experimental
2020-04-30 16:46:19 +03:00
Slavomir
57ac636d60
Change alert message
2020-04-30 16:46:19 +03:00
Slavomir
fe661b227c
Improve alert message inside select statement
2020-04-30 16:46:19 +03:00
Slavomir
05314a19ee
Add comments, improve naming
2020-04-30 16:46:19 +03:00
Slavomir
b176c4ad19
Add ParseFloat, ParseInt, ParseUint
2020-04-30 16:46:19 +03:00
Slavomir
8ecc2b9523
add comments, improve naming, refactor
2020-04-30 16:46:19 +03:00
Slavomir
fd9e3a005e
fix comments
2020-04-30 16:46:19 +03:00
Slavomir
6d2c5be196
rename OverflowingConversionExpr to NumericConversionExpr
2020-04-30 16:46:19 +03:00
Slavomir
74481c4bad
CWE-681: initial commit
2020-04-30 16:46:19 +03:00
Max Schaefer
dd4f1ca70b
Merge pull request #125 from gagliardetto/exec-syscall
...
Add syscall functions to SystemCommandExecutors
2020-04-30 07:21:28 +01:00
Sauyon Lee
417102c120
Merge pull request #124 from github/rc/1.24
...
Merge rc/1.24 into master
2020-04-29 12:27:56 -07:00
Slavomir
a357121e89
Fix test by removing a unix-only func; add windows-only funcs
2020-04-29 19:17:24 +03:00
Slavomir
a93477c301
Add syscall functions to SystemCommandExecutors
2020-04-29 18:31:07 +03:00
Max Schaefer
d3fea0f171
Merge pull request #123 from sauyon/dependency-licenses
...
Add license files for dependency stubs
2020-04-29 14:45:25 +01:00
Sauyon Lee
157139bb46
Add license files for dependencies
2020-04-29 04:04:38 -07:00
Sauyon Lee
6953d3b2ba
Merge pull request #122 from max-schaefer/receiver-output
...
Fix `getExitNode` for receiver outputs.
2020-04-29 01:25:43 -07:00
Max Schaefer
a1222344eb
Add tests.
2020-04-29 07:55:24 +01:00
Max Schaefer
0546c527af
Fix getExitNode for receiver outputs.
2020-04-28 21:41:29 +01:00
Porcupiney Hairs
9948596e2c
User-controlled bypass of a comparision
2020-04-28 23:24:28 +05:30
Porcupiney Hairs
92576e9c11
User-controlled bypass of sensitive action
2020-04-28 23:18:58 +05:30
Jason Reed
6489538623
Add queries for ide search.
...
This enables jump-to-definition and find-references in the VS Code
extension, for golang source archives.
2020-04-28 12:00:24 -04:00
Max Schaefer
3a39085e62
Merge pull request #114 from sauyon/action-update
...
Use CodeQL version 2.1.1 for tests
2020-04-27 09:12:37 +01:00
Sauyon Lee
b3c363d1c2
Try setting destination for expand-archive
2020-04-23 22:39:19 -07:00
Sauyon Lee
38f744ddd6
Action: Use expand-archive on Windows
2020-04-23 20:04:19 -07:00
Sauyon Lee
78bffa96b3
Use CodeQL version 2.1.1
2020-04-23 18:41:42 -07:00
Sauyon Lee
b3beca0a1c
Merge pull request #111 from github/rc/1.24
...
Merge rc/1.24 into master
2020-04-23 17:46:12 -07:00
Sauyon Lee
ae21ac23c1
Merge pull request #105 from max-schaefer/fail-tests-with-errors
...
Add consistency query flagging tests with unexpected frontend errors
2020-04-20 01:31:43 -07:00
Max Schaefer
97b1d3a57c
Fix extraction of error positions for paths containing colon.
2020-04-20 08:04:16 +01:00
Max Schaefer
c19c16c655
Merge pull request #106 from github/1.24/SD-61-Go-finalize-notes
...
1.24 release: finalize change notes for Go
2020-04-17 15:03:47 +01:00
Felicity Chapman
70525d0e64
Minor editorial changes
2020-04-17 13:19:11 +01:00
Max Schaefer
c15094ab9e
Mark frontend errors as expected in ImposibleInterfaceNilCheck.
2020-04-17 09:51:06 +01:00
Max Schaefer
ef497afc20
Mark a frontend error in DeadStoreOfLocal tests as expected.
2020-04-17 09:51:06 +01:00
Max Schaefer
13762bd76c
Mark frontend errors in Types/unknownFunction.go as expected.
2020-04-17 09:51:06 +01:00
Max Schaefer
c6a37fdf1d
Add consistency query flagging unexpected frontend errors.
2020-04-17 09:51:06 +01:00
Max Schaefer
bf42271d14
Add convenience predicate to class Error.
2020-04-17 09:39:26 +01:00
Max Schaefer
05a6f21aea
Merge pull request #104 from github/rc/1.24
...
Merge rc/1.24 into master.
2020-04-16 10:53:50 +01:00
Max Schaefer
00546804e3
Merge pull request #103 from max-schaefer/fix-disabled-certificate-check-qldoc
...
Fix misformatted header comment for `DisabledCertificateCheck`.
2020-04-16 09:59:55 +01:00
Max Schaefer
245b99dd42
Fix misformatted header comment for DisabledCertificateCheck.
2020-04-16 08:43:33 +01:00
Max Schaefer
699208adae
Merge pull request #102 from marcogario/integeroverflow_qhelp
...
Integeroverflow.qhelp: use paragraphs within sections
2020-04-15 14:09:55 +01:00
Marco Gario
14e4e2d40f
Integeroverflow.qhelp: use paragraphs within sections
2020-04-15 12:15:25 +01:00
Sauyon Lee
882805207a
Merge pull request #98 from max-schaefer/extract-frontend-errors
...
Add support for extracting frontend errors
2020-04-15 01:40:31 -07:00
Sauyon Lee
777818e019
Merge pull request #99 from github/rc/1.24
...
Merge rc/1.24 into master
2020-04-15 01:33:46 -07:00
Max Schaefer
d452fc04ad
Merge pull request #101 from sauyon/bufio-change-note
...
Add change note for buffered i/o
2020-04-15 08:48:58 +01:00
Sauyon Lee
8ca310e6b6
Add change note for buffered i/o
2020-04-15 00:37:50 -07:00
Sauyon Lee
d3e62b0480
Merge pull request #100 from max-schaefer/add-missing-change-notes
...
Add two missing change notes.
2020-04-15 00:33:54 -07:00
Max Schaefer
95c2cb19cf
Add two missing change notes.
2020-04-15 07:57:47 +01:00
Max Schaefer
8341ce0d46
Merge pull request #97 from max-schaefer/fix-frontend-errors
...
Fix a few compiler errors in tests
2020-04-14 17:17:03 +01:00
Max Schaefer
dd9738f9a6
Better fix for frontend errors in DeadStoreOfLocal tests.
2020-04-14 16:07:23 +01:00
Max Schaefer
bc9c47ad5e
Merge pull request #96 from sauyon/stub-deps
...
Use the depstubber for test stubbing
2020-04-14 15:24:22 +01:00
Max Schaefer
013d88e511
Fix frontend errors in DisabledCertificateCheck tests.
2020-04-14 10:51:29 +01:00
Max Schaefer
cb2f15f770
Fix frontend errors in AllocationSizeOverflow test.
2020-04-14 10:51:29 +01:00
Max Schaefer
590f146477
Fix frontend errors in DeadStoreOfLocal tests.
2020-04-14 10:51:29 +01:00
Max Schaefer
1bedd9df5d
Fix frontend errors in MistypedExponentiation test.
2020-04-14 10:51:29 +01:00
Max Schaefer
127f232c3d
Fix frontend errors in FlowSteps test.
2020-04-14 10:51:29 +01:00
Max Schaefer
d565a26d5b
Add QL library for working with Go frontend errors.
2020-04-14 10:29:36 +01:00
Max Schaefer
f2d11538ce
Add upgrade script.
2020-04-14 10:29:36 +01:00
Sauyon Lee
a3ad54e8b9
Add tests for ginkgo test files
2020-04-13 22:59:23 -07:00
Sauyon Lee
385603a7a1
Use stubber for SQL tests
2020-04-13 22:59:22 -07:00
Sauyon Lee
06559e0ebf
Use stubber for SystemCommandExecution tests
...
Also remove redundant tests
2020-04-13 22:59:21 -07:00
Sauyon Lee
42d16ca80b
Use stubber for CWE-643 tests, and test example
2020-04-13 22:59:20 -07:00
Sauyon Lee
adc8730f1f
Use stubber for CWE-312 tests
2020-04-13 22:59:18 -07:00
Sauyon Lee
5e765a9ca1
Use stubber for CWE-089 tests
2020-04-13 20:15:24 -07:00
Max Schaefer
c38edf77ce
Update stats.
2020-04-09 16:39:47 +01:00
Max Schaefer
a837d5f4ce
Add support for extracting Go frontend errors.
2020-04-09 16:39:47 +01:00
Max Schaefer
cf8eff543c
Merge pull request #94 from max-schaefer/more-testing-frameworks
...
Recognise more testing frameworks
2020-04-09 11:57:46 +01:00
Max Schaefer
d344687f52
Add change note.
2020-04-09 09:41:09 +01:00
Max Schaefer
1bf835f156
Add tests.
2020-04-09 09:41:02 +01:00
Max Schaefer
d5c8570bfc
Recognise imports of well-known testing frameworks.
2020-04-09 09:40:53 +01:00
Max Schaefer
e30e5685b2
Fix recognition of Test, Benchmark, and Example as test cases.
2020-04-09 09:40:25 +01:00
Max Schaefer
be9e9720d5
Introduce class TestFile and use it.
2020-04-09 09:16:45 +01:00
Max Schaefer
43309b98fd
Merge pull request #93 from max-schaefer/autoformat
...
Autoformat QL and Go
2020-04-08 08:06:46 +01:00
Max Schaefer
96ee5f1c4e
Merge pull request #92 from max-schaefer/baselib-extractor
...
Add extractor field to QL packs.
2020-04-08 07:48:25 +01:00
Max Schaefer
1fe5e7f901
Autoformat Go files.
2020-04-08 07:32:43 +01:00
Max Schaefer
ddf2bdb44b
Autoformat all QL.
2020-04-08 07:32:43 +01:00
Max Schaefer
c9ef6f77a2
Merge pull request #91 from max-schaefer/disabled-certificate-check
...
Add new query DisabledCertificateCheck.
2020-04-08 07:11:15 +01:00
Max Schaefer
90dfebb4bd
Add extractor field to QL packs.
2020-04-07 14:41:54 +01:00
Max Schaefer
f074d89b54
Merge pull request #88 from max-schaefer/readsField
...
Improve handling of field reads through pointer
2020-04-07 09:02:10 +01:00
Max Schaefer
8fba9a98d4
Add new query DisabledCertificateCheck.
2020-04-07 09:01:41 +01:00
Max Schaefer
2ec335fb1a
Autoformat.
2020-04-07 07:16:50 +01:00
Max Schaefer
fb661aadcc
Merge pull request #90 from github/p0-patch-1
...
Delete outdated COPYRIGHT file
2020-04-06 15:32:50 +01:00
Max Schaefer
42bc5353e3
Refine our modelling of test functions and split it out into a separate library.
2020-04-06 14:46:13 +01:00
Pavel Avgustinov
c45a5cf1f2
Update copyright date
2020-04-06 14:37:09 +01:00
Pavel Avgustinov
291150a755
Delete outdated COPYRIGHT file
...
This seems to be copied from Semmle/ql, and it claims the wrong license.
2020-04-06 14:35:44 +01:00
Sauyon Lee
a663eaae23
Merge pull request #89 from max-schaefer/extractor-profiling
...
Add environment variables for dumping CPU and memory profiles.
2020-04-06 03:33:08 -07:00
Max Schaefer
1f7441e027
Make readsField and friends work modulo implicit dereferences, like writesField.
2020-04-06 11:06:46 +01:00
Max Schaefer
76f2748cbc
Teach SsaWithFields to properly handle implicit dereferences.
2020-04-06 09:23:07 +01:00
Max Schaefer
4a1071cac6
Merge pull request #77 from robertbrignull/code_scanning_suites
...
Add code-scanning suites
2020-04-06 09:14:58 +01:00
Max Schaefer
5721d1fb3e
Merge pull request #86 from sauyon/dependency-fix
...
Allow dependencies to match imports of subpackages
2020-04-03 20:35:07 +01:00
Max Schaefer
c240fdbd45
Merge pull request #87 from max-schaefer/more-qldoc
...
Add missing QlDoc.
2020-04-03 19:43:38 +01:00
Sauyon Lee
e1a7269a45
Allow dependencies to match imports of subpackages
2020-04-03 10:42:19 -07:00
Max Schaefer
d13d2f27e6
Add missing QlDoc.
2020-04-03 17:08:56 +01:00
Max Schaefer
407493094d
Merge pull request #75 from sauyon/ssrf-refinement
...
SSRF query refinements
2020-04-03 09:31:24 +01:00
Sauyon Lee
dcd6aaf69a
Alphabetize change notes
2020-04-03 00:01:19 -07:00
Sauyon Lee
ea3a7e8038
Apply suggestions from code review
...
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-04-02 23:58:39 -07:00
Sauyon Lee
e27947e280
Add comment for new url concatenation sanitizer
2020-04-02 23:58:39 -07:00
Sauyon Lee
3c02b3ab74
Add SafeUrlFlowCustomizations doc comment
2020-04-02 23:58:38 -07:00
Sauyon Lee
c68e509508
OpenUrlRedirect: Fix some comments
2020-04-02 23:58:37 -07:00
Sauyon Lee
4e5b17e18d
Sanitize hostname if there is a slash and a previous component
2020-04-02 23:58:36 -07:00
Sauyon Lee
4b3982154a
Add a SafeUrlFlow configuration
2020-04-02 23:58:35 -07:00
Sauyon Lee
4bcffe2d47
RequestForgery: Add a safe URL sanitizer
2020-04-02 23:58:34 -07:00
Sauyon Lee
1c859a8991
Address review comments
2020-04-02 23:58:33 -07:00
Sauyon Lee
3577d75607
RequestForgery: Add change note
2020-04-02 23:58:17 -07:00
Sauyon Lee
89a03c8b67
RequestForgery: Add high precision
2020-04-02 23:49:58 -07:00
Sauyon Lee
830c3fce2a
RequestForgery: Add tests
2020-04-02 23:49:57 -07:00
Sauyon Lee
314787956b
Allow write base to be inside an implicit dereference
2020-04-02 23:49:56 -07:00
Sauyon Lee
e9b0f88946
RequestForgery: Add taint step for URL Host assignment
2020-04-02 23:49:55 -07:00
Sauyon Lee
12928d9f17
HTTP: Add model for Client.Do
2020-04-02 23:49:55 -07:00
Sauyon Lee
6876eabf54
RequestForgery: Add query help
2020-04-02 23:49:54 -07:00
Sauyon Lee
b23c75afb6
RequestForgery: move query from experimental
2020-04-02 23:49:53 -07:00
Max Schaefer
77c282824e
Merge pull request #81 from gagliardetto/system-executors
...
Expand system executors (continuation of #70 )
2020-04-03 07:24:05 +01:00
Sauyon Lee
f9610f22e7
Merge pull request #85 from max-schaefer/codeql-stats
...
Use CodeQL for creating stats
2020-04-02 10:57:20 -07:00
Max Schaefer
b28cd112fe
Merge pull request #83 from max-schaefer/max-goroutines
...
Introduce official environment variable for goroutine limiting.
2020-04-02 13:49:21 +01:00
Max Schaefer
325bb7ca23
Merge pull request #84 from shati-patel/move-documentation
...
Docs: Move "CodeQL for Go" out of this repo
2020-04-02 13:48:51 +01:00
Shati Patel
3af3548c30
Remove "learn-ql" folder
2020-04-02 11:56:15 +01:00
Shati Patel
6126d32d82
Remove .rst files from this repo
2020-04-02 11:35:19 +01:00
Shati Patel
3a12c1c2d4
Docs: Add README with links to new docs location
2020-04-02 11:35:14 +01:00
Slavomir
b5f14d1296
Add awk and similar
2020-04-02 13:07:43 +03:00
Slavomir
81bc3c03a9
Add more commands
2020-04-02 13:03:22 +03:00
Max Schaefer
510b6070c9
Introduce official environment variable for goroutine limiting.
...
We've had to tell people how to do this, so we should have a name for it that doesn't refer to a defunct company.
2020-04-02 10:45:52 +01:00
Max Schaefer
ddb6f2ca6a
Update stats.
2020-04-02 10:15:20 +01:00
Max Schaefer
17a8c722cd
Use CodeQL for creating stats.
2020-04-02 10:15:10 +01:00
Slavomir
32beebd059
Apply suggestions from code review
...
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
Co-Authored-By: Sauyon Lee <sauyon@github.com >
2020-04-02 12:09:06 +03:00
Sauyon Lee
bc59fa40d7
Merge pull request #73 from intrigus-lgtm/make-CWE-643-supported
...
Make cwe 643 supported
2020-04-01 17:45:45 -07:00
Sauyon Lee
eba8dd0a36
Merge pull request #82 from github/max-schaefer-patch-1
...
Improve autobuilder logging
2020-04-01 09:07:55 -07:00
Sauyon Lee
c2eb3f5d6b
Merge pull request #80 from max-schaefer/build-command-env-var
...
Introduce `CODEQL_GO_EXTRACTOR_BUILD_COMMAND` as an alias for `LGTM_INDEX_BUILD_COMMAND`.
2020-04-01 09:07:31 -07:00
Max Schaefer
611751a9c3
Improve autobuilder logging
2020-04-01 15:31:50 +01:00
intrigus
be21d49cf2
Add precision to query
2020-04-01 16:15:24 +02:00
intrigus
3a381b2fbf
Add change note
2020-04-01 16:15:09 +02:00
intrigus
a524cc4716
Properly match methods defined in classes
2020-04-01 16:04:24 +02:00
intrigus
615fe09ed7
Format go test stubs
2020-04-01 15:52:55 +02:00
Slavomir
a25a21eb11
Add change-note
2020-04-01 15:14:22 +03:00
Slavomir
33c18b0d11
expand system executors
2020-04-01 15:12:48 +03:00
Max Schaefer
efc9ecefc8
Introduce CODEQL_GO_EXTRACTOR_BUILD_COMMAND as an alias for LGTM_INDEX_BUILD_COMMAND.
...
We've occasionally had to tell people to set this variable manually, so we might as well have an alias that doesn't refer to a soon-to-be obsolete product.
2020-04-01 09:35:57 +01:00
intrigus
4924be54a7
Fix one test method
2020-03-31 16:46:29 +02:00
intrigus
0586fe9235
Add missing stubs in vendor/
2020-03-31 16:46:08 +02:00
Max Schaefer
590f01d0c2
Add environment variables for dumping CPU and memory profiles.
...
These are intentionally undocumented for now.
2020-03-31 07:50:06 +01:00
Max Schaefer
1c40d6c1ce
Merge pull request #78 from sauyon/1.14-change-note
...
Add change notes for Go 1.14 support
2020-03-31 07:34:26 +01:00
intrigus
66451a776d
Add test cases for all libraries
...
Note: This is currently missing appropriate vendoring
so will probably fail for now.
2020-03-30 23:44:25 +02:00
intrigus
e18d15070a
Switch to jbowtie/gokogiri
2020-03-30 23:42:44 +02:00
intrigus
b097826dd8
Add missing class qualifiers
2020-03-30 23:42:13 +02:00
intrigus
051f17ce67
Fix class name
2020-03-30 23:37:37 +02:00
Sauyon Lee
3d3f35cc48
Add change notes for Go 1.14 support
2020-03-30 13:45:37 -07:00
Max Schaefer
487b1e3f80
Merge pull request #76 from max-schaefer/even-more-qldoc
...
Add Qldoc for the last few remaining predicates.
2020-03-30 11:58:28 +01:00
Max Schaefer
28ed803fae
Data flow: Add module doc comment for TaintTrackingImpl.qll
...
cf https://github.com/Semmle/ql/pull/3155
2020-03-30 11:21:53 +01:00
Max Schaefer
bb34c91b38
Add Qldoc for the last few remaining predicates.
...
Apart from a missing module doc comment for `TaintTrackingImpl.qll` which we'll need to synchronize with the other languages (https://github.com/Semmle/ql/pull/3155 ), this gets us to 100% Qldoc coverage.
2020-03-30 10:38:25 +01:00
intrigus
26cfa93947
Ignore type incompatible sinks
2020-03-27 21:32:53 +01:00
Robert Brignull
df4c686921
add code scanning suites
2020-03-27 17:14:28 +00:00
intrigus
8278dd358e
Try to fix test
2020-03-27 16:13:00 +01:00
intrigus
21feb9d996
Add byte slice type
2020-03-27 15:37:36 +01:00
intrigus
d609c0ca43
Shorten example code
2020-03-27 15:31:20 +01:00
intrigus
c5a1185939
Apply style suggestions
2020-03-27 15:29:21 +01:00
intrigus
b24c23389c
Don't match unexported functions
2020-03-27 15:21:00 +01:00
Max Schaefer
cf6e255a6d
Merge pull request #74 from sauyon/http-formvalue
...
HTTP Library Improvements
2020-03-27 14:07:30 +00:00
intrigus-lgtm
5eaaa4264a
Apply suggestions from code review
...
Co-Authored-By: Sauyon Lee <sauyon@github.com >
2020-03-27 13:42:30 +01:00
Sauyon Lee
080d14ea50
Add a test for the Read taint step
2020-03-27 04:22:13 -07:00
Sauyon Lee
4747524fee
Address review comments
...
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-03-27 04:15:30 -07:00
Sauyon Lee
05761bc2cd
Address review comments
2020-03-27 04:03:30 -07:00
Sauyon Lee
a4f1e2b527
Add a model for Read methods on io.Reader
2020-03-26 18:57:44 -07:00
intrigus
be50db1cc7
Move XPath injection query to supported query
...
The XPath injection query is moved to the supported queries.
Removed unnecessary code from the go test file
2020-03-26 20:19:58 +01:00
intrigus
03023e8205
Add XPath model to default imports
2020-03-26 20:19:19 +01:00
intrigus
35a6fdb589
Add XPath framework models
2020-03-26 20:18:16 +01:00
Sauyon Lee
1f4d67b77b
OpenUrlRedirect: Whitelist some more fields and methods
2020-03-26 07:20:51 -07:00
Sauyon Lee
541c82a7f3
HTTP: Add some more untrusted fields and methods
...
Also, fix up broken tests.
2020-03-26 07:20:14 -07:00
Sauyon Lee
e1b0bed6b3
Merge pull request #72 from max-schaefer/improve-virtual-call-resolution
...
Refine virtual call targets by local reasoning where possible
2020-03-26 06:00:59 -07:00
Max Schaefer
46a1a4e010
Add a test.
2020-03-25 20:34:34 +00:00
Max Schaefer
e6bdc1809b
Update ql/src/semmle/go/dataflow/internal/DataFlowDispatch.qll
...
Co-Authored-By: Sauyon Lee <sauyon@github.com >
2020-03-25 15:04:48 +00:00
Max Schaefer
13b61383e2
Merge pull request #65 from sauyon/openredirect-fps
...
OpenUrlRedirect: Expand safe URL flow configuration
2020-03-25 15:04:21 +00:00
Sauyon Lee
fbc2499118
OpenUrlRedirect: Add change note for fixed FPs
2020-03-25 04:01:17 -07:00
Sauyon Lee
f77d46f296
Address review comments.
2020-03-25 04:01:15 -07:00
Sauyon Lee
bd5f0b01cf
Fix tests
2020-03-25 04:01:14 -07:00
Sauyon Lee
9321ff9110
OpenUrlRedirect: Add support for url.Host reassignments
2020-03-25 04:01:14 -07:00
Sauyon Lee
5f83dbd07b
OpenUrlRedirect: Exclude header sources
2020-03-25 04:01:13 -07:00
Sauyon Lee
49aa43bd49
Make header Get and Values calls into taint steps
2020-03-25 04:01:12 -07:00
Sauyon Lee
83a417f52e
OpenUrlRedirect: Use a taint-tracking safe URLs
2020-03-25 04:01:11 -07:00
Sauyon Lee
932840b0a3
Address review comments.
2020-03-25 04:01:10 -07:00
Sauyon Lee
fd88d913f7
Fix tests
2020-03-25 04:01:09 -07:00
Sauyon Lee
cc13a5d618
OpenUrlRedirect: Expand safe URL flow configuration
...
Also add some more tests
2020-03-25 04:01:08 -07:00
Max Schaefer
6edbe74c09
Revert "Add queries to inspect and measure dispatch differences."
...
This reverts commit 752ee3909a .
2020-03-25 10:43:05 +00:00
Max Schaefer
4ca87b84db
Merge pull request #68 from adityasharad/go/request-forgery
...
Add experimental query for request forgery.
2020-03-25 09:09:34 +00:00
Aditya Sharad
c44e5379df
Experimental: Remove query precision for now.
...
Address review comment.
2020-03-24 10:57:51 -07:00
Aditya Sharad
4f32d6651c
Experimental: Add sanitiser edge for request forgery.
...
Consider a URL string sanitised if the hostname cannot be controlled.
This approach is used by URL redirection queries.
2020-03-24 10:57:51 -07:00
Aditya Sharad
f984532236
Experimental: Add query for request forgery.
...
Tracks the flow of tainted data from untrusted input to the URL of an HTTP request.
Ported from the corresponding query for JavaScript, though currently limited in scope.
Includes companion libraries for customisation.
2020-03-24 10:57:51 -07:00
Aditya Sharad
d41e6a9d85
Model HTTP request functions in net/http package.
2020-03-24 10:57:51 -07:00
Aditya Sharad
b057ce8d46
Concepts: Add HTTP::ClientRequest class and module.
...
Extensible model of client requests to a URL.
Ported from the CodeQL JavaScript library.
2020-03-24 10:57:51 -07:00
Max Schaefer
330f11c2a3
Merge pull request #71 from intrigus-lgtm/patch-1
...
Fix error in Qldoc
2020-03-24 16:55:22 +00:00
intrigus-lgtm
24b3133e0c
Fix error in Qldoc
2020-03-24 17:53:51 +01:00
Max Schaefer
8dda4bd97f
Merge pull request #66 from intrigus-lgtm/CWE-643
...
CWE-643 XPathInjection on Go
2020-03-24 10:53:57 +00:00
Sauyon Lee
81e13473db
Merge pull request #69 from max-schaefer/issue-72
...
Track taint through element writes.
2020-03-24 03:41:05 -07:00
Max Schaefer
752ee3909a
Add queries to inspect and measure dispatch differences.
2020-03-24 09:34:42 +00:00
Max Schaefer
084fa80a57
Refine virtual call targets by local reasoning where possible.
2020-03-24 09:34:42 +00:00
intrigus
1f635806b3
Fix copy-paste errors, remove debugging code
2020-03-23 16:49:45 +01:00
intrigus-lgtm
9187bacd3c
Apply suggestion from code review
...
Use getUnderlyingType() to account for named aliases.
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-03-23 16:45:56 +01:00
Sauyon Lee
4ff3177fae
Merge pull request #67 from max-schaefer/more-qldoc
...
Add missing Qldoc for modules.
2020-03-23 05:29:40 -07:00
Max Schaefer
62b79721ea
Track taint through element writes.
...
This adds a taint step from `pred` to (the post-update node) of `succ` in `succ[idx] = pred` and its syntactic variants.
Unlike for structs, where partially tainted values are quite common, the theory is that arrays, maps, and slices are usually either completely tainted or completely clean.
2020-03-23 09:15:01 +00:00
intrigus
d81c9b145e
Update query help to use goxpath
2020-03-20 21:38:46 +01:00
intrigus
948b79df87
Update xpath example, use goxpath package
2020-03-20 21:38:46 +01:00
intrigus
c7ead88b91
Restructure query, add default sanitizer
2020-03-20 21:38:46 +01:00
intrigus-lgtm
ec40cf0379
Apply suggestions from review
...
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-03-20 21:38:02 +01:00
Max Schaefer
60fe6f4390
Add missing Qldoc for modules.
2020-03-20 17:36:08 +00:00
intrigus
d6ff6b74c5
CWE-643 XPathInjection on Go
2020-03-19 22:26:37 +01:00
Max Schaefer
37aaba10b7
Merge pull request #64 from sauyon/examples-in-json
...
Add examples qlpack.yml to CodeQL manifest
2020-03-19 07:54:39 +00:00
Sauyon Lee
f60f6ea7d0
Add examples qlpack.yml to CodeQL manifest
2020-03-18 09:30:45 -07:00
Max Schaefer
f53732ec5a
Merge pull request #39 from sauyon/go1.14
...
Go 1.14 support
2020-03-18 10:08:50 +00:00
Max Schaefer
0a59470640
Fix tests. ( #3 )
2020-03-18 02:10:24 -07:00
Max Schaefer
60ce9c5acd
Merge pull request #59 from max-schaefer/go-pg
...
Add model of `go-pg/pg`.
2020-03-18 07:35:23 +00:00
Max Schaefer
ad1324d2dd
Add test.
2020-03-17 12:08:42 +00:00
Max Schaefer
49c5779112
Add model of go-pg/pg.
2020-03-17 12:08:42 +00:00
Sauyon Lee
e9b47298ed
Merge pull request #61 from max-schaefer/better-method-sets
...
Reformulate `Method.hasQualifiedName` in terms of method sets
2020-03-17 07:46:19 -04:00
Max Schaefer
8cadc94f49
Clarify behaviour of getMethod on struct types.
2020-03-17 10:58:58 +00:00
Max Schaefer
74bcfdd01c
Remove an unused and potentially confusing predicate.
2020-03-16 13:24:57 +00:00
Max Schaefer
0fc7febd1d
Add another test.
2020-03-13 15:54:39 +00:00
Max Schaefer
f41151350a
Merge pull request #60 from sauyon/bitwise-xor-fps
...
MistypedExponentiation: Add a heuristic to reduce FPs
2020-03-13 15:46:03 +00:00
Max Schaefer
8898858fff
Add tests.
2020-03-13 14:19:27 +00:00
Max Schaefer
5175f1dcbe
Take promoted methods into account when computing method sets.
2020-03-13 14:19:27 +00:00
Max Schaefer
d0c6206a6a
Reformulate hasQualifiedName in terms of method sets.
2020-03-13 14:19:27 +00:00
Sauyon Lee
78ad006e68
Merge pull request #55 from max-schaefer/tainted-arithmetic
...
Add new query `AllocationSizeOverflow`.
2020-03-13 07:16:54 -07:00
Max Schaefer
39fa6052e6
Also treat second argument to make (slice capacity) as an allocation size.
2020-03-13 12:17:53 +00:00
Max Schaefer
864c85e886
Fix typo.
2020-03-13 10:27:58 +00:00
Max Schaefer
b2f1da8942
Simplify a condition.
2020-03-13 10:27:58 +00:00
Max Schaefer
d66888e651
Make query more extensible.
2020-03-13 10:27:58 +00:00
Max Schaefer
ea36d49218
Add new query AllocationSizeOverflow.
2020-03-13 10:18:51 +00:00
Sauyon Lee
ea5e6a324d
Add change note
2020-03-13 03:10:55 -07:00
Sauyon Lee
630d0cef89
Address review comments
2020-03-12 09:13:52 -07:00
Sauyon Lee
6e681f829b
MistypedExponentiation: Add a heuristic to reduce FPs
2020-03-12 09:13:52 -07:00
Max Schaefer
2c751f2945
Merge pull request #58 from max-schaefer/desemmlify
...
Docs: Remove some Semmle references.
2020-03-12 16:05:48 +00:00
Sauyon Lee
b64a43f578
Merge pull request #57 from max-schaefer/trap.gz
...
Gzip TRAP files
2020-03-12 06:24:32 -07:00
Max Schaefer
270ae0926a
Docs: Remove some Semmle references.
2020-03-12 10:57:06 +00:00
Max Schaefer
6b0ba750e6
Put gzip writer on top of bufio writer.
2020-03-12 08:40:22 +00:00
Max Schaefer
d7d5447689
Merge pull request #46 from sauyon/force-extract-methods
...
Extract methods when they don't exist
2020-03-12 08:16:44 +00:00
Sauyon Lee
2e8958583b
Merge pull request #56 from max-schaefer/issue-66
...
Standardize experimental contribution
2020-03-11 14:18:35 -07:00
Max Schaefer
8901ba62e0
Gzip TRAP files.
2020-03-11 15:14:37 +00:00
Max Schaefer
8136ebbb91
Merge pull request #54 from sauyon/vendor-support
...
extractor: Use -mod=vendor when a vendor directory exists
2020-03-11 11:36:49 +00:00
Max Schaefer
b3022c9fc8
Standardise RangeAnalysis.qll.
...
This brings the library in line with our usual syntactic conventions regarding QLDoc and names. I've also made a few superficial simplifications here and there.
Overall, the code would benefit from being rewritten to make use of the data-flow graph, but that is a larger undertaking.
2020-03-11 11:20:59 +00:00
Max Schaefer
a95b9c8e02
Rename a few files and clean up wording.
2020-03-11 11:04:42 +00:00
Max Schaefer
2fd925fe90
Autoformat.
2020-03-11 10:47:23 +00:00
Sauyon Lee
5056b5f161
Apply review comments.
...
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com >
2020-03-11 03:26:18 -07:00
Sauyon Lee
1f83aa4586
Add a -mod=vendor change note
2020-03-11 03:10:35 -07:00
Max Schaefer
f1d489f6f9
Merge pull request #51 from singleghost/master
...
Add integer overflow detection support for codeql-go.
2020-03-11 10:00:39 +00:00
Sauyon Lee
57b874e047
extractor: Only skip dependency installation when vendor folder is detected
2020-03-11 02:59:33 -07:00
Max Schaefer
a8c1731f9d
Merge pull request #50 from sauyon/uintptr
...
Make uintptrtype a subclass of unsignedintegertype
2020-03-11 09:57:00 +00:00
Sauyon Lee
ecd4c42428
extractor: Factor out method extraction
...
This fixes a subtle bug where the underlying interface type was used
as the receiver when constructing method labels, causing some database
inconsistencies.
2020-03-10 22:01:16 -07:00
Sauyon Lee
0daf8c1fa3
extractor: Extract methods when their labels don't exist
2020-03-10 20:36:49 -07:00
Sauyon Lee
ccae530508
extractor: minor refactoring to use variables
2020-03-10 20:36:13 -07:00
Sauyon Lee
0aa46becf9
extractor: Use -mod=vendor when a vendor directory exists
2020-03-10 16:44:03 -07:00
singleghost
2aa2f608a3
Move files related to integer overflow detection under the src/experimental folder
2020-03-10 19:02:05 +08:00
Max Schaefer
7ec7b17ce7
Merge pull request #53 from sauyon/close-files
...
extractor: Close files even when writes fail
2020-03-10 09:38:02 +00:00
Sauyon Lee
79ab831776
extractor: Close files even when writes fail
2020-03-10 00:52:33 -07:00
Sauyon Lee
cdf3bc4fa0
Merge pull request #52 from max-schaefer/issue-48
...
Improve taint-tracking through pointers and other fixes
2020-03-09 06:36:43 -07:00
Sauyon Lee
2428efcb6d
Make @uintptrtype a @unsignedintegertype
2020-03-09 04:40:02 -07:00
Sauyon Lee
5b81775670
Fix constant values test data
2020-03-09 04:40:01 -07:00
Max Schaefer
4dca00e99c
Merge pull request #45 from sauyon/go-mod-libs
...
Go.mod extraction libraries and tests
2020-03-09 09:40:41 +00:00
singleghost
77ec4c913f
Add integer overflow detection support for codeql-go.
...
I wrote a ql library which can perform range analysis on expression and
can detect whether an arithmetic operation may overflow. I wrote this library with reference to the `SimpleRangeAnalysis.qll` for C language. I hope this helps a little bit for those who want to detect integer overflow issues in code.
2020-03-07 21:34:38 +08:00
Sauyon Lee
2d879458ba
Merge pull request #49 from max-schaefer/more-function-outputs
...
Make `FunctionOutput` more useful
2020-03-06 09:41:40 -08:00
Max Schaefer
1be0cc57a8
Add test case from https://github.com/github/codeql-go/issues/48 .
2020-03-06 17:35:50 +00:00
Max Schaefer
bcb9ce2498
Add another test for StringBreak.
2020-03-06 17:35:50 +00:00
Max Schaefer
bf6865b96a
Add model of ioutil.ReadAll
2020-03-06 17:35:50 +00:00
Max Schaefer
f599243a34
Conflate references and referents more thoroughly in taint tracking.
2020-03-06 17:35:50 +00:00
Max Schaefer
aa8bc972d9
Address review comments.
2020-03-06 15:03:45 +00:00
Sauyon Lee
3d88032f81
Address review comments.
...
Co-authored-by: Max Schaefer <max-schaefer@github.com >
2020-03-06 06:51:30 -08:00
Sauyon Lee
43fbf47da3
Add a change note about go.mod extraction
2020-03-06 06:51:28 -08:00
Sauyon Lee
555b0a9527
Add a GoModFile class
2020-03-06 06:51:27 -08:00
Sauyon Lee
38596dddc0
Address review comments.
...
Co-authored-by: Max Schaefer <max-schaefer@github.com >
2020-03-06 06:51:26 -08:00
Sauyon Lee
34f34e2241
GoModExpr.qll: Rename getOffsetToken to GoModLine.getToken
...
Also add getRawToken to do what getToken did before, and fix up
documentation.
2020-03-06 06:51:25 -08:00
Sauyon Lee
4b9cc87c2e
Add test for replace line with versions
2020-03-06 06:51:24 -08:00
Sauyon Lee
25577a8108
Remove DependencyCustomizations
2020-03-06 06:51:24 -08:00
Sauyon Lee
78239accd5
Dependencies: Make getAnImport() more precise
...
In particular, ensure that the go file importing the dependency is under
the directory of the file where the dependency is declared.
Co-authored-by: Max Schaefer <max-schaefer@github.com >
2020-03-06 06:51:23 -08:00
Sauyon Lee
b27e63ba83
Address review comments
...
Co-authored-by: Max Schaefer <max-schaefer@github.com >
2020-03-06 06:51:22 -08:00
Sauyon Lee
dd3f98c549
extractor: Don't log directory being walked for go.mod files
2020-03-06 06:51:21 -08:00
Sauyon Lee
5911b7005a
Add tests for dependencies library
2020-03-06 06:51:20 -08:00
Sauyon Lee
dddc8cecd4
Add go.mod expression tests
2020-03-06 06:51:19 -08:00
Sauyon Lee
6c78490bbe
Add libraries modeling dependencies
2020-03-06 06:51:18 -08:00
Sauyon Lee
d92e49fb17
Add libraries for go.mod expressions
2020-03-06 06:51:17 -08:00
Max Schaefer
f875afca53
Merge pull request #47 from sauyon/use-bufio
...
Use bufio and don't sync FS
2020-03-06 10:59:30 +00:00
Max Schaefer
3a7910da5a
Introduce (un-)marshaling functions as a concept and instantiate it with the functions in encoding/json.
2020-03-06 10:07:54 +00:00
Max Schaefer
9bcbfb2911
Fix flow step from global functions to their use.
...
How does anything work.
2020-03-06 09:41:35 +00:00
Max Schaefer
a7ecb50a34
Add taint-tracking model for append.
2020-03-06 09:41:35 +00:00
Max Schaefer
4f061005cb
Add a taint-tracking model for copy.
2020-03-06 09:41:35 +00:00
Max Schaefer
3f8d2117d8
Introduce post-update nodes for arguments with a mutable type.
2020-03-06 09:41:35 +00:00
Max Schaefer
b99c63d180
Factor out an auxiliary predicate.
2020-03-06 09:41:35 +00:00
Max Schaefer
af2c7aae5d
Don't rely on flow through function models in definition of PostUpdateNode.
2020-03-06 09:41:35 +00:00
Max Schaefer
185d0910c3
Sharpen stringConcatStep to exclude addition.
2020-03-06 09:41:35 +00:00
Sauyon Lee
c027bbaadf
Use buffered writers
2020-03-05 21:12:15 -08:00
Sauyon Lee
14e758a6ea
HTTP: Add model for Header.Values()
2020-03-05 13:44:16 -08:00
Sauyon Lee
c243bb4243
Add tests for go1.14 overlapping embedded methods
2020-03-05 13:44:15 -08:00
Sauyon Lee
85c8893f57
Action: Use go 1.14
2020-03-05 13:44:14 -08:00
Sauyon Lee
a758ececd9
go.mod: Use go 1.14 and update dependencies
2020-03-05 13:44:11 -08:00
Max Schaefer
b8338896be
Merge pull request #33 from sauyon/extract-go-mod
...
Add extraction for go.mod files
2020-03-05 09:38:21 +00:00
Sauyon Lee
f2358a0a86
Find all go.mod files before extraction
2020-03-04 16:08:55 -08:00
Sauyon Lee
cca762dbc0
gomodextractor.go: Emit pseudo comment groups to table
2020-03-04 06:26:44 -08:00
Sauyon Lee
e75497ed3b
update stats sha and stats
2020-03-04 06:26:43 -08:00
Sauyon Lee
db4efd6124
Add support for extracting go.mod files
2020-03-04 06:26:42 -08:00
Sauyon Lee
89caafb0e1
labels.go: Make label generation slightly more uniform
2020-03-04 06:21:20 -08:00
Sauyon Lee
70e916376c
labels.go: Make LocalID more generic
2020-03-04 06:21:19 -08:00
Sauyon Lee
a403d60acc
Add go mod dependency
...
Also update tools dependency to latest master
2020-03-04 06:21:18 -08:00
Sauyon Lee
66a3d40348
Fix typos in tables.go
2020-03-04 06:21:17 -08:00
Sauyon Lee
d694d59757
Merge pull request #44 from max-schaefer/remove-uniqueness
...
Remove a mistaken uniqueness annotation.
2020-03-04 06:20:58 -08:00
Max Schaefer
1ae0dd46ec
Clarify method identity.
2020-03-04 12:53:37 +00:00
Max Schaefer
6a3730ead2
Merge pull request #43 from sauyon/phony-testdb
...
Makefile: make testdb target phony
2020-03-04 12:08:09 +00:00
Sauyon Lee
c3b57e4e74
Makefile: make testdb target phony
2020-03-04 03:27:11 -08:00
Max Schaefer
264478f4b8
Remove a mistaken uniqueness annotation.
2020-03-04 10:34:55 +00:00
Sauyon Lee
5e71a04fdf
Merge pull request #42 from max-schaefer/experimental-guidelines
...
Add guidelines for experimental CodeQL queries and libraries.
2020-03-02 10:22:41 -08:00
Sauyon Lee
2dc42b8814
Merge pull request #41 from max-schaefer/interface-embedding
...
Fix `NamedType.getMethod` to take interface embedding into account.
2020-03-02 10:21:24 -08:00
Max Schaefer
56e07356fc
Update ql/test/experimental/README.md
...
Co-Authored-By: Felicity Chapman <felicitymay@github.com >
2020-03-02 10:20:07 +00:00
Max Schaefer
cef017071f
Move guidelines into ql folder.
2020-03-02 09:23:06 +00:00
Max Schaefer
2629f55d95
Add guidelines for experimental CodeQL queries and libraries.
2020-02-28 14:43:00 +00:00
Max Schaefer
90f1a7da75
Fix NamedType.getMethod to take interface embedding into account.
2020-02-28 10:37:14 +00:00
Max Schaefer
2eba7dee6f
Add new table methodhosts associating interface methods with named types.
...
In particular, methods from embedded interfaces will be associated with the same named type as those from the outer interface, even though their receiver types may be different.
2020-02-28 10:24:04 +00:00
Max Schaefer
6dfd5fd934
Extend Types tests to cover interfaces.
2020-02-28 10:22:59 +00:00
Sauyon Lee
545379c050
Merge pull request #40 from max-schaefer/phonify-extractor
...
Make extractor targets phony.
2020-02-27 09:53:27 -08:00
Max Schaefer
7148b66d31
Make extractor targets phony.
2020-02-27 12:32:05 +00:00
Max Schaefer
a52e33ecc0
Merge pull request #38 from sauyon/use-text
...
.gitattributes: Use -text instead of binary
2020-02-27 08:27:31 +00:00
Sauyon Lee
8e909a49e9
.gitattributes: Use -text instead of binary
...
Also only add attributes to go files under the ql directory
2020-02-27 00:23:56 -08:00
Sauyon Lee
fe4003fc69
Merge pull request #37 from max-schaefer/clarify-field-identity
...
Clarify field identity
2020-02-26 11:49:29 -08:00
Max Schaefer
9bf5a31351
Clarify field identity.
...
Like-named fields declared in identical types are identical. This can be a little confusing, since such fields will have multiple declarations and multiple locations, so it's worth calling out explicitly in the documentation.
2020-02-26 10:10:47 +00:00
Sauyon Lee
b931539f68
Merge pull request #36 from max-schaefer/remove-unused-predicate
...
Remove an unused predicate.
2020-02-25 09:40:42 -08:00
Max Schaefer
34c66c4245
Remove an unused predicate.
2020-02-25 10:46:09 +00:00
Sauyon Lee
7a918efbf8
Merge pull request #34 from max-schaefer/receiver-flow
...
Propagate data flow through receivers
2020-02-24 23:58:28 -08:00
Sauyon Lee
836146a3bf
Merge pull request #35 from max-schaefer/field-package
...
Make `Field.getPackage()` behave sensibly.
2020-02-24 23:52:02 -08:00
Max Schaefer
0f99842f34
Make Field.getPackage() behave sensibly.
...
Previously it was never defined, now it gives you the package of the type the field is declared in. This means we have to override `Field.hasQualifiedName/2` to avoid a field `f` in a package `pkg` being considered to have qualified name `pkg.f`.
2020-02-24 12:14:51 +00:00
Max Schaefer
5fbae15d0e
Don't track receivers into virtual calls.
2020-02-24 09:56:09 +00:00
Max Schaefer
d1e020f74d
Treat receiver variables as parameters.
...
The inter-procedural data-flow libraries expects this to be the case, but I actually never got round to implementing it.
2020-02-24 09:56:09 +00:00
Max Schaefer
77613a38c5
Add test, which does not work yet.
2020-02-24 09:55:42 +00:00
Sauyon Lee
4d58ebbae6
Merge pull request #32 from max-schaefer/update-data-flow
...
Port recent data-flow improvements
2020-02-21 09:45:14 -08:00
Sauyon Lee
bfbd08c51d
Merge pull request #31 from max-schaefer/string-break-source
...
Sharpen the sources for `StringBreak`.
2020-02-21 09:35:58 -08:00
Max Schaefer
6251f1141c
Simplify getACallee().
2020-02-21 11:14:35 +00:00
Max Schaefer
285f392a12
Sharpen the sources for StringBreak.
...
`json.Marshal` returns two results, we only want to consider the first one as a source.
2020-02-21 10:19:09 +00:00
Max Schaefer
7230912e56
Track simple call contexts in nodeCand[Fwd]1.
...
See https://github.com/Semmle/ql/pull/2822 .
2020-02-21 09:30:53 +00:00
Max Schaefer
90cdf4857f
Improve join-order in pathStep predicate.
...
See https://github.com/Semmle/ql/pull/2872 .
2020-02-21 09:29:13 +00:00
Max Schaefer
e9447a0e16
Merge pull request #29 from max-schaefer/fix-missing-qldoc
...
Add missing QLDoc for public elements.
2020-02-21 08:11:27 +00:00
Max Schaefer
6375be7089
Address review comment.
2020-02-20 20:36:58 +00:00
Max Schaefer
044def4e1f
Merge pull request #243 from sauyon/incomplete-hostname-fix
...
IncompleteHostnameRegexp: Use a reluctant regexp
2020-02-20 20:33:56 +00:00
Sauyon Lee
b851fe0c05
Merge pull request #30 from max-schaefer/build_command-override
...
Ensure `LGTM_INDEX_BUILD_COMMAND` takes precedence over build-command guessing.
2020-02-20 12:25:03 -08:00
Max Schaefer
dc6a8917a4
Add missing QLDoc for public elements.
2020-02-20 13:59:12 +00:00
Max Schaefer
d7e6c59fab
Merge pull request #28 from sauyon/test-fixes
...
Add Action for testing using the CodeQL CLI
2020-02-20 09:50:30 +00:00
Max Schaefer
bdf757b8ac
Ensure LGTM_INDEX_BUILD_COMMAND takes precedence over build-command guessing.
2020-02-20 08:59:56 +00:00
Sauyon Lee
3e6a96d21b
IncompleteHostnameRegexp: Use a reluctant regexp
...
This should help make results more comprehensible by including the
maximal string after an unescaped dot.
2020-02-19 13:04:16 -08:00
Sauyon Lee
6b51fefb1e
Add Action for testing using the CodeQL CLI
2020-02-19 12:23:03 -08:00
Sauyon Lee
1e56ffbf90
Remove test actions
2020-02-19 11:29:33 -08:00
Sauyon Lee
1b7186347d
Merge pull request #25 from max-schaefer/library-overview
...
Add library overview
2020-02-19 01:39:14 -08:00
Max Schaefer
4b371ac85a
Remove rogue full stop.
2020-02-19 08:14:15 +00:00
Max Schaefer
2764b70364
Data flow: generalize flow-through summaries.
2020-02-18 14:30:25 +00:00
Max Schaefer
31557e8c19
Rename ArrowExpr to RecvExpr and address further review comments.
2020-02-18 08:39:31 +00:00
Max Schaefer
c47f9da0f9
Merge pull request #241 from shati/cookbook-changenotes
...
Mention Go cookbook queries in 1.24 change notes
2020-02-17 15:39:16 +00:00
Shati Patel
6b0f8a4088
Mention cookbook queries in 1.24 changenotes
2020-02-17 14:38:46 +00:00
Max Schaefer
d3288f19f9
Improve data-flow performance.
2020-02-17 09:49:13 +00:00
Max Schaefer
ec9ba8aa7f
Address review comments.
2020-02-17 09:23:08 +00:00
Max Schaefer
f60b5daf94
Apply suggestions from code review
...
Co-Authored-By: Shati Patel <42641846+shati-patel@users.noreply.github.com >
Co-Authored-By: Sauyon Lee <sauyon@github.com >
2020-02-17 08:48:16 +00:00
Max Schaefer
65c116538c
Write library overview.
2020-02-14 12:50:04 +00:00
Max Schaefer
9379f74308
Merge pull request #24 from sauyon/runelit
...
Add a RuneLit alias for CharLit
2020-02-13 09:07:38 +00:00
Max Schaefer
c7d29311e6
Merge pull request #232 from sauyon/makefile-improvements
...
Makefile improvements
2020-02-13 08:51:51 +00:00
Max Schaefer
69eae987d1
Merge pull request #240 from sauyon/rune-literal-string-value
...
Make rune literal string value its value
2020-02-13 08:47:56 +00:00
Sauyon Lee
ed3971af47
Makefile: make tools-ARCH no longer build the tokenizer
2020-02-12 15:52:43 -08:00
Sauyon Lee
bf2b655586
Makefile: make all target build extractor instead of tools
2020-02-12 15:52:42 -08:00
Sauyon Lee
dc9d790bd3
Makefile: Make better use of built-in variables
2020-02-12 15:52:42 -08:00
Sauyon Lee
1262935085
Update stats
2020-02-12 15:52:41 -08:00
Sauyon Lee
01f4bfe4b8
Makefile: Use codeql to create stats database
2020-02-12 15:52:40 -08:00
Sauyon Lee
92025ad9bd
Add a RuneLit alias for CharLit
...
Also change the doc comment on CharLit to RuneLit
2020-02-12 15:17:14 -08:00
Sauyon Lee
eb990c9de7
BadRedirectCheck: Use new rune literal string values
2020-02-12 15:14:59 -08:00
Sauyon Lee
74bb4f707d
Make rune literal string value its value
2020-02-12 15:14:58 -08:00
Max Schaefer
cb1d2935d4
Merge pull request #23 from github/sauyon-actions-1
...
Implement Actions CI
2020-02-12 20:41:59 +00:00
Sauyon Lee
1365da2224
examples/variable: Select declaration as well as the variable
...
This makes the test platform-independent
2020-02-12 10:41:58 -08:00
Sauyon Lee
fdb7852cf6
Force git not to mangle line endings for files relevant to tests
2020-02-10 16:11:56 -08:00
Sauyon Lee
22029410f0
Create an action workflow for CodeQL tests
2020-02-10 16:11:55 -08:00
Sauyon Lee
ae96bd88bc
Merge pull request #239 from max/virtual-dispatch
...
Call-graph API cleanup
2020-02-10 15:05:13 -08:00
Max Schaefer
acd27cdee6
Merge pull request #238 from sauyon/semmle-to-github
...
Rename the go module to github.com/github/codeql-go
2020-02-10 21:02:05 +00:00
Max Schaefer
6aa0d631dd
Address review comments.
2020-02-10 20:59:13 +00:00
Sauyon Lee
677ed6ebf4
Fix tests to use codeql-go repository name
2020-02-10 11:00:01 -08:00
Sauyon Lee
5417102c37
Rename the go module to github.com/github/codeql-go
2020-02-10 11:00:00 -08:00
Max Schaefer
d6f3005e0e
Merge branch '235-head'
2020-02-07 20:12:47 +00:00
Max Schaefer
5571f1eac7
Rename Comparison to ComparisonExpr.
2020-02-07 16:24:42 +00:00
Max Schaefer
ad7dfa258c
Rename ParenExpr.getExpression() to getExpr() for consistency with similar predicates in other classes.
2020-02-07 16:24:42 +00:00
Sauyon Lee
1a21c14f2f
Remove build ignore from HardcodedCredentials example
2020-02-07 03:13:14 -08:00
Sauyon Lee
e4d228fa0f
Fix CleartextStorage tests
2020-02-07 03:13:13 -08:00
Sauyon Lee
6300fdf85e
Remove accidentally added CleartextStorage tests
2020-02-07 03:13:12 -08:00
Sauyon Lee
559ac8f0d2
Fix squirrel test build
2020-02-07 03:12:19 -08:00
Max Schaefer
72de4728a2
Suppress unhelpful magic.
2020-02-07 11:09:33 +00:00
Max Schaefer
69edfe08df
Make regular expression for format strings more precise.
2020-02-07 11:05:44 +00:00
Max Schaefer
8b0d271717
Locally resolve calls to function expressions.
2020-02-07 11:05:44 +00:00
Max Schaefer
f6305f019d
Minor refactoring.
2020-02-07 11:05:44 +00:00
Max Schaefer
46a8f8c8ed
Remove Function.getACallExpr.
2020-02-07 11:05:44 +00:00
Max Schaefer
39b7272241
Teach Function.getACall to take virtual dispatch into account.
2020-02-07 11:05:44 +00:00
Max Schaefer
84002f585e
Remove CallExpr.getACallee().
2020-02-07 11:05:44 +00:00
Max Schaefer
cf0e38b22c
Move virtual dispatch resolution from CallExpr to CallNode and generalise it very slightly.
2020-02-07 11:05:44 +00:00
Max Schaefer
253a394ae0
Make CallNode.getCalleeName() more robust to missing type information.
2020-02-07 11:05:44 +00:00
Max Schaefer
93a84684a5
Remove predicate CallExpr.calls.
...
This sort of reasoning should be done at the data-flow level.
2020-02-07 11:05:44 +00:00
Max Schaefer
9400442bea
Add call graph test.
...
This test uses annotations to encode the expected output directly into the source, hence the `.expected` files are trivial.
2020-02-07 11:05:41 +00:00
Sauyon Lee
5dbebe44f5
Package tests: also select raw database path
2020-02-07 02:25:26 -08:00
Sauyon Lee
2cb61911c3
Package tests: Limit to specific packages
2020-02-07 02:23:28 -08:00
Sauyon Lee
9a9561bb12
Remove vendored path prefix of vendored packages
2020-02-07 02:17:54 -08:00
Sauyon Lee
c94f5dafb3
Merge pull request #237 from Semmle/go-build-env-windows
...
Fix extractor build on Windows.
2020-02-06 09:06:33 -08:00
Max Schaefer
d18eb9717a
Fix environment setup on Windows.
2020-02-06 14:28:16 +00:00
Max Schaefer
61ee9a45ca
Merge pull request #234 from sauyon/reflectedxss-fixes
...
ReflectedXss: Remove FPs from constant prefix Fprintfs
2020-02-06 09:22:44 +00:00
Sauyon Lee
39f5376eed
ReflectedXss: Add change note for Fprintf FPs
2020-02-05 19:07:42 -08:00
Sauyon Lee
0dca13a5d9
Address review comments
2020-02-04 11:13:41 -08:00
Sauyon Lee
87865afa42
ReflectedXss: Remove FPs from constant prefix Fprintfs
2020-02-03 16:00:33 -08:00
Sauyon Lee
3c88eab84c
Merge pull request #229 from max/string-break
...
Add query to find unsafe quoting
2020-02-03 09:47:36 -08:00
Max Schaefer
af3d91ffd3
Add query StringBreak.
2020-02-03 09:01:40 +00:00
Max Schaefer
63ca382a0c
Reorganise modelling of string concatenation.
2020-02-03 09:01:40 +00:00
Sauyon Lee
da2924251b
Merge pull request #230 from max/remove-deprecated-flow-predicates
...
Remove deprecated flow predicates.
2020-01-30 11:29:05 -08:00
Max Schaefer
3afce956ab
Remove deprecated flow predicates.
2020-01-30 11:45:19 +00:00
Max Schaefer
69a91b537f
Add change note for autobuilder changes
...
https://git.semmle.com/Semmle/go/pull/210 did not include a change note.
2020-01-30 11:36:23 +00:00
Max Schaefer
ef60f1cbf7
Merge pull request #210 from sauyon/autobuilder-run-make
...
autobuilder: run build if relevant files exist
2020-01-29 16:32:43 +00:00
Max Schaefer
8bb769b4f9
Merge pull request #228 from sauyon/codeql-test
...
Makefile: Make extractor-common extractor target
2020-01-29 09:23:53 +00:00
Max Schaefer
be183596c8
Merge pull request #211 from sauyon/open-redirect-fps
...
OpenUrlRedirect: resolve some FPs
2020-01-29 09:18:07 +00:00
Sauyon Lee
7676a56af6
Makefile: Make extractor-common extractor target
2020-01-28 14:38:15 -08:00
Sauyon Lee
41d04f3d96
Revert "Add DataFlow2"
...
This reverts commit 6a0203f33303847d9e7006ca67b1dba31428748b.
2020-01-28 13:01:37 -08:00
Sauyon Lee
478f906d7a
HTTP: Use Field.getQualifiedName in UserControlledRequestField
...
Also autoformat.
2020-01-28 13:01:36 -08:00
Sauyon Lee
d2e5322b94
Apply review comments
2020-01-28 13:01:35 -08:00
Sauyon Lee
3eee780fdd
TaintTracking: minor functionNodeStep call improvement
...
Co-Authored-By: Max Schaefer <max@semmle.com >
2020-01-28 13:01:34 -08:00
Sauyon Lee
9af436566f
OpenUrlRedirect: Use a data-flow configuration to track whole URLs
2020-01-28 13:01:33 -08:00
Sauyon Lee
a2b5bb85ab
OpenUrlRedirect: Fix test compilation
2020-01-28 13:01:19 -08:00
Sauyon Lee
e17f548780
Add DataFlow2
2020-01-28 12:59:47 -08:00
Sauyon Lee
30d2fb0b7f
TaintTracking: Make functionModelStep take a FunctionModel
...
This makes using only some function models easier.
2020-01-28 12:59:46 -08:00
Sauyon Lee
260b33be7e
OpenUrlRedirect: Add untrusted methods
...
Also use more up-to-date data-flow APIs
2020-01-28 12:59:45 -08:00
Sauyon Lee
abfdd7ee1e
OpenUrlRedirect: make functions like isValidRedirect barrier guards
2020-01-28 12:59:44 -08:00
Sauyon Lee
82635a46ad
OpenUrlRedirect: only make some parts of the URL untrusted
2020-01-28 12:59:43 -08:00
Max Schaefer
2b92cd5ba5
Merge pull request #209 from sauyon/bad-redirect-sanitiser
...
Bad redirect sanitiser
2020-01-28 20:11:46 +00:00
Sauyon Lee
aa33595b0f
Address review comments
2020-01-28 08:26:37 -08:00
Sauyon Lee
497bfeee83
BadRedirectSanitizer: Use SsaWithFields instead of ValueEntity
2020-01-27 17:33:54 -08:00
Sauyon Lee
f897f68ead
SsaWithFilds: Add a getQualifiedName predicate
2020-01-27 17:33:53 -08:00
Sauyon Lee
a31ad88fc9
BadRedirectSanitizer: Transition to using data-flow API
2020-01-27 17:33:53 -08:00
Sauyon Lee
abc9438cd3
Apply suggestions from code review
...
Co-Authored-By: Max Schaefer <max@semmle.com >
2020-01-27 17:33:52 -08:00
Sauyon Lee
3a73658a9c
BadRedirectSanitizer: Bind e to hp
...
Address doc review comments
2020-01-27 17:33:51 -08:00
Sauyon Lee
aa28724f7c
Add BadRedirectCheck query
2020-01-27 17:33:50 -08:00
Sauyon Lee
9c6aa80718
Move OpenUrlRedirect tests into their own directory
2020-01-27 17:33:49 -08:00
Sauyon Lee
c889cb3501
Add getAnOperand to OperatorExpr
2020-01-27 17:33:48 -08:00
Sauyon Lee
edecb4e128
Merge pull request #227 from max/redundant-expr-bug
...
Fix hash-consing of literals
2020-01-27 11:35:40 -08:00
Max Schaefer
3c1a68ee8f
Fix hash-consing of literals.
...
We shouldn't rely on the literal value given in the `literals` table, but use the exact value (where available) instead.
2020-01-27 12:05:48 +00:00
Sauyon Lee
496ad5d051
Merge pull request #226 from max/fix-classify-files-regex
...
Fix regex in ClassifyFiles.
2020-01-24 21:01:01 -08:00
Sauyon Lee
6e4880bc53
Merge pull request #220 from max/example-queries
...
Add example queries
2020-01-24 09:42:31 -08:00
Max Schaefer
d293388172
Add failing test case for RedundantExpr.
2020-01-24 16:20:08 +00:00
Max Schaefer
77b86150d6
Fix regex in ClassifyFiles.
...
`Comment.getText()` does not include the delimiter.
2020-01-24 14:05:13 +00:00
Max Schaefer
c30b1d98ea
Address review comments.
2020-01-24 10:26:59 +00:00
Max Schaefer
ebea811a83
Add example queries.
2020-01-24 10:26:59 +00:00
Max Schaefer
9507a22f48
Merge pull request #213 from sauyon/codeql-test
...
Use codeql for testing and add binary cross compilation support
2020-01-24 09:40:47 +00:00
Sauyon Lee
2bd88d5b61
Merge pull request #225 from max/impossible-interface-nil-check-robustness
...
Make ImpossibleInterfaceNilCheck more robust.
2020-01-23 16:06:03 -08:00
Sauyon Lee
3a53269a52
Merge pull request #223 from max/update-dataflow
...
Add support for taint-getter/setter summaries in data flow.
2020-01-23 16:03:05 -08:00
Sauyon Lee
a6a8375ae5
Merge pull request #224 from max/make-implicit-deref-explicit
...
Make implicit dereferences explicit
2020-01-23 00:50:18 -08:00
Max Schaefer
47104a3db8
Add explanatory comment.
2020-01-23 08:14:57 +00:00
Max Schaefer
5895c6ac69
Fix typo.
...
Co-Authored-By: Sauyon Lee <sauyon@github.com >
2020-01-23 08:10:20 +00:00
Sauyon Lee
fe23f88468
Merge pull request #221 from max/cleanup
...
Minor fixes
2020-01-22 00:52:58 -08:00
Max Schaefer
fe56c207a3
Make ImpossibleInterfaceNilCheck more robust.
...
It no longer flags alerts that may be simply caused by missing type information.
2020-01-21 10:04:57 +00:00
Max Schaefer
d78ba06a8d
Add change note.
2020-01-21 09:56:59 +00:00
Max Schaefer
baeae0f69c
Add a few variants to test.
2020-01-21 09:56:59 +00:00
Max Schaefer
6671b61fd3
Model panic from out-of-bounds index expression.
2020-01-21 09:56:59 +00:00
Max Schaefer
f42a2b060c
Take implicit dereferences in index and slice expressions into account as well.
2020-01-21 09:56:59 +00:00
Max Schaefer
a4f5ad7412
Refactor implementation of SliceNode.
2020-01-21 09:56:59 +00:00
Max Schaefer
44b9bcf7a1
Autoformat.
2020-01-21 09:56:59 +00:00
Max Schaefer
64049d8f3d
Make taint tracking less syntactic.
2020-01-21 09:56:59 +00:00
Max Schaefer
9f897132f2
Update HTTP library.
2020-01-21 09:56:59 +00:00
Max Schaefer
a2879dc754
Model implicit dereferences in data flow.
2020-01-21 09:56:59 +00:00
Max Schaefer
ba9d2fb2eb
Add IR instructions to model implicit pointer dereferences.
2020-01-21 09:56:59 +00:00
Max Schaefer
efc5f10f07
Streamline definition of UserControlledRequestField.
2020-01-21 09:56:59 +00:00
Max Schaefer
39b28a4969
Make CallNode.getReceiver() less syntactic.
2020-01-21 09:56:59 +00:00
Max Schaefer
ef964632be
Remove CallExpr.getQualifier() and its single, pointless, use.
2020-01-21 09:56:59 +00:00
Max Schaefer
8fc414b93f
Autoformat.
2020-01-21 09:56:59 +00:00
Max Schaefer
1d33a619d9
Add failing test case.
2020-01-20 20:46:12 +00:00
Max Schaefer
5eb95c7895
Add support for taint-getter/setter summaries in data flow.
2020-01-20 11:29:12 +00:00
Sauyon Lee
32fa033a55
Makefile: Add exe suffix back to tools/bin targets
2020-01-17 14:05:29 -08:00
Sauyon Lee
52fe0afa48
Makefile: Delete entire test db in clean
2020-01-17 14:05:27 -08:00
Sauyon Lee
1eb9466de2
Use codeql for testing and add binary cross compilation support
...
Also add support for building the extractor inside this repository
so that users can build and use the extractor, and an up-to-date
version can be used for testing.
2020-01-17 14:05:26 -08:00
Sauyon Lee
471d843025
Merge pull request #222 from max/switch-guard-nodes
...
Switch guard nodes
2020-01-17 21:44:59 +00:00
Sauyon Lee
4e5fd46bc6
autobuilder: Close stdin of subprocesses
...
This fixes issues where build programs were prompting for input,
causing the build to hang indefinitely.
2020-01-17 12:43:07 -08:00
Sauyon Lee
53e5ebba20
autobuilder: Run build tools if relevant files exist
2020-01-17 12:43:06 -08:00
Sauyon Lee
c76684851f
autobuilder: run make if Makefile exists
2020-01-17 12:43:05 -08:00
Sauyon Lee
2d97b396b7
Merge pull request #20 from github/sort-change-notes
...
Sort lines in change notes.
2020-01-17 09:01:46 -08:00
Max Schaefer
08ba795565
Sort lines in change notes.
2020-01-17 15:46:50 +00:00
Max Schaefer
d8b97afcab
Implement Field.hasQualifiedName.
2020-01-17 13:16:35 +00:00
Max Schaefer
e5e6f73081
Make Field extend Variable.
2020-01-17 13:15:43 +00:00
Max Schaefer
4ee8f08bf5
Adjust Location.toString() to match what other parts of the toolchain print.
2020-01-17 13:08:43 +00:00
Max Schaefer
2558e67c2b
Give entities a location.
2020-01-17 13:08:43 +00:00
Max Schaefer
24f9fce7a1
Rename MkCaseNode as suggested.
2020-01-17 10:32:39 +00:00
Max Schaefer
e86201829e
Add an explanatory comment.
2020-01-17 10:27:36 +00:00
Max Schaefer
98c7c4a255
Autoformat.
2020-01-17 10:25:10 +00:00
Sauyon Lee
aa9489ea28
Merge pull request #218 from max/field-refs
...
Fix handling of references to fields and methods
2020-01-16 14:26:55 -08:00
Sauyon Lee
7040b76cf6
Merge pull request #219 from max/new-env-vars
...
Teach extractor about CodeQL environment variables.
2020-01-15 11:37:26 -08:00
Max Schaefer
1ad90b6739
Teach extractor about CodeQL environment variables.
2020-01-15 14:01:30 +00:00
Max Schaefer
ad432965db
Remove DeclaredEntity.getDecl().
...
It's not particularly useful except for functions, and the name is easy to confuse with `Entity.getDeclaration()`. Instead we now have `getFuncDecl()` just for functions, and a bit more API on `Function` to avoid its use where possible.
2020-01-15 13:14:06 +00:00
Max Schaefer
b7a830593d
Correctly create extract nodes for returns where we cannot infer the type of the returned expression, but know from context that it must be a tuple type.
2020-01-15 10:22:29 +00:00
Max Schaefer
86708f7867
Merge pull request #212 from sauyon/dependency-update
...
Dependency update
2020-01-15 09:18:14 +00:00
Sauyon Lee
f32a785127
Merge pull request #217 from max/issue-24
...
Switch RedundantExpr query back to using AST instead of global value numbering.
2020-01-14 13:05:44 -08:00
Max Schaefer
3d508d44e7
Fix global value numbering.
2020-01-14 20:44:13 +00:00
Max Schaefer
2fdd45255c
Add two new tests.
2020-01-14 17:06:42 +00:00
Max Schaefer
61976d8dea
Fix code that does not account for the fact that Field is a subtype of ValueEntity.
2020-01-14 15:52:48 +00:00
Max Schaefer
0c254f8cd1
Fix a typo.
2020-01-14 15:35:18 +00:00
Max Schaefer
c96cebb022
Make reads(ValueEntity) and writes(ValueEntity) work for fields.
2020-01-14 15:35:18 +00:00
Sauyon Lee
1125c1ac41
Merge pull request #216 from Semmle/add-sql-tx-support
...
Add tests for https://github.com/github/codeql-go/pull/15
2020-01-14 01:55:29 -08:00
Max Schaefer
efc72fa01a
Remove Entity.getAUse() and replace uses with getAReference().
...
The former had result type `Ident`, so it wouldn't pick up references to methods and fields. Apart from that, it is subsumed by the latter anyway.
2020-01-14 07:15:43 +00:00
Max Schaefer
d339d55faa
Merge pull request #15 from RicterZ/add-sql-tx-support
...
Add sql.Tx.Exec/Query... support
2020-01-13 08:38:32 +00:00
Max Schaefer
d55ebd731d
Autoformat.
2020-01-13 08:37:32 +00:00
Max Schaefer
36c620d1dd
Add tests and change note.
2020-01-13 08:37:01 +00:00
Ricter Zheng
a6e0dcaefc
Add sql.Tx.Exec/Query... support
...
Ref: https://golang.org/pkg/database/sql/#Tx.ExecContext
2020-01-13 15:17:55 +08:00
Sauyon Lee
00dd464697
Update stats
2020-01-10 19:27:47 -08:00
Sauyon Lee
f01ef40af3
Update golang.org/x/tools dependency
2020-01-10 19:27:46 -08:00
Sauyon Lee
5985559161
Merge pull request #214 from max/issue-26
...
Model `Header.Get` as a source of untrusted input.
2020-01-10 19:26:43 -08:00
Max Schaefer
384d21b0e9
Switch RedundantExpr query back to using AST instead of global value numbers.
...
Most current alerts (https://lgtm.com/rules/1510380685982/alerts/ ), while technically correct, are likely intentional and harmless. This change keeps only the interesting ones: https://lgtm.com/query/2999122885894714237
2020-01-10 14:46:54 +00:00
Max Schaefer
c60ddb0f7c
Model Header.Get as a source of untrusted input.
2020-01-10 12:29:18 +00:00
Max Schaefer
1cafec56ad
Add condition guard nodes for some switch statements.
...
We now create condition guard nodes for `cond1` and `cond2` in
```
switch {
case cond1:
s1
case cond2:
s2
default:
s3
}
```
to record the fact that `cond1` is known to be true at `s1` and false at `cond2`, and that `cond2` is known to be true at `s2` and false at `default`.
2020-01-10 10:37:51 +00:00
Max Schaefer
e7514bf133
Add new test cases for CFG construction.
2020-01-09 17:20:39 +00:00
Sauyon Lee
3ab68cb624
Merge pull request #208 from max/incomplete-url-scheme-check
...
Add `IncompleteUrlSchemeCheck` query
2020-01-08 00:50:58 -08:00
Max Schaefer
3d7046e38c
Apply suggestions from code review
...
Co-Authored-By: Shati Patel <shati@semmle.com >
2020-01-07 20:07:44 +00:00
Max Schaefer
0d2fe473d7
Add IncompleteUrlSchemeCheck query.
2020-01-07 14:46:49 +00:00
Max Schaefer
9cff56b975
Rename StringConcatenation.qll to StringOps.qll and add HasPrefix class.
2020-01-07 14:46:49 +00:00
Max Schaefer
aeb9840144
Add SliceNode class.
2020-01-06 15:36:54 +00:00
Sauyon Lee
db40535b70
Merge pull request #207 from max/uber-fixes
...
Various library improvements
2020-01-03 17:18:49 -08:00
Max Schaefer
638fe07da0
Move getReceiver from MethodCallNode to CallNode.
2020-01-03 14:14:18 +00:00
Max Schaefer
bb4052a574
Generalise result type of getACallee.
2020-01-03 14:14:18 +00:00
Max Schaefer
59498f53f0
Move FuncDec.getACall into FuncDecl.
...
Also changes the result from a `CallExpr` to a `CallNode` for consistency with `Function.getACall`.
2020-01-03 14:13:38 +00:00
Sauyon Lee
0a39124223
Merge pull request #206 from max/generalise-alert-suppression
...
Alert suppression through single-line /* */ style comments.
2020-01-02 11:47:44 -08:00
Max Schaefer
6f82310a9e
Alert suppression through single-line /* */ style comments.
2020-01-02 14:34:11 +00:00
Sauyon Lee
9fd7db7e43
Merge pull request #205 from max/trap-writer-long-strings
...
Teach TRAP writer to truncate strings longer than 1MiB.
2019-12-27 11:35:34 -08:00
Max Schaefer
121c940ace
Teach TRAP writer to truncate strings longer than 1MiB.
...
The evaluator cannot in general handle strings that are longer than 1MiB when UTF8-encoded. Similar to other extractors, we now truncate such strings to fit within the size limit.
2019-12-18 14:18:56 +00:00
Max Schaefer
1df3585c92
Merge pull request #204 from Semmle/rc/1.23
...
Merge rc/1.23 into master
2019-12-11 10:28:00 +00:00
Sauyon Lee
d3bf87d0f5
Merge pull request #203 from max/quieten-hard-coded-cred
...
Make HardcodedCredentials query less noisy.
2019-12-10 16:43:15 -08:00
Max Schaefer
75d78b3f62
Reduce precision of HardcodedCredentials to "medium".
2019-12-10 16:12:48 +00:00
Max Schaefer
46c4670796
Make HardcodedCredentials query less noisy.
...
Considering "cert" and "account" to be sensitive leads to a massive number of false positives, especially on cockroach and kubernetes.
2019-12-10 14:14:36 +00:00
Max Schaefer
7894eb3a60
Merge pull request #202 from sauyon/incomplete-hostname-fix
...
IncompleteHostname: disallow unescaped dot before TLD
2019-12-10 08:17:32 +00:00
Sauyon Lee
10907c8b04
IncompleteHostnameRegexp: disallow unescaped dot before TLD
2019-12-09 08:47:17 -08:00
Max Schaefer
7876c37998
Merge pull request #14 from henrymercer/fix-contributing-link
...
Fix Code of Conduct link in CONTRIBUTING.md
2019-12-09 12:55:33 +00:00
Henry Mercer
3c08314782
Fix Code of Conduct link in CONTRIBUTING.md
2019-12-09 12:42:46 +00:00
Sauyon Lee
bc8974d32d
Merge pull request #201 from max/update-data-flow
...
Update data flow and taint-tracking libraries
2019-12-06 18:26:27 -08:00
Sauyon Lee
34d619038b
Merge pull request #200 from Semmle/codeql-test
...
Adapt Go tests to `codeql test`
2019-12-06 10:34:59 -08:00
Henning Makholm
7bc68c4302
Adapt Go tests to codeql test
...
These changes make the tests work with the coming `codeql test` support.
The `queries.xml` file defines which extractor the `codeql test`
runner will use to extract databases for the tests. In the future one
will be able to write this information in `qlpack.yml`, but we can't
do that immediately because the _existing_ CodeQL tooling would refuse
to parse a `qlpack.yml` that has the new field in it.
2019-12-06 18:27:47 +01:00
Max Schaefer
62a50bac2a
Update taint-tracking libraries.
...
This brings `TaintTrackingImpl.qll` up-to-date with the other languages as of https://github.com/Semmle/ql/pull/2480 .
2019-12-06 14:07:35 +00:00
Max Schaefer
53f5e13af1
Update data-flow libraries.
...
This brings `DataFlowImpl.qll` and `DataFlowImplCommon.qll` up-to-date with the other languages as of https://github.com/Semmle/ql/pull/2480 .
2019-12-06 12:14:53 +00:00
Sauyon Lee
2fc9e37655
Merge pull request #199 from max/notype-test
...
Add test for handling of expressions without extracted type.
2019-12-06 01:59:32 -08:00
Max Schaefer
594824f19c
Add test for handling of expressions without extracted type.
2019-12-06 09:21:55 +00:00
Max Schaefer
47f449cc0c
Merge remote-tracking branch 'external/master'
2019-12-06 09:04:16 +00:00
Max Schaefer
80e7376189
Merge pull request #198 from sauyon/hardcoded-cred-fix
...
HardcodedCredentials: Exclude passwords that include '0123456789'
2019-12-06 09:02:17 +00:00
Max Schaefer
6bda80a47b
Merge pull request #197 from Semmle/rc/1.23
...
Merge rc/1.23 into master
2019-12-06 09:01:18 +00:00
Sauyon Lee
2de7c6f5fc
HardcodedCredentials: Exclude passwords that include '0123456789'
2019-12-05 15:37:50 -08:00
Sauyon Lee
eb639c6cf7
Merge pull request #196 from max/no-type
...
Make `Expr.getType()` robust against incomplete `type_of` table.
2019-12-05 14:31:48 -08:00
Max Schaefer
8364ba3d38
Make Expr.getType() robust against incomplete type_of table.
2019-12-05 17:05:02 +00:00
Sauyon Lee
94ed3ef979
Merge pull request #13 from github/fix-dead-store
...
Fix a dead assignment.
2019-12-02 10:48:55 -08:00
Max Schaefer
ce6d031ce9
Update .lgtm.yml to classify examples.
2019-12-02 12:04:28 +00:00
Shati Patel
e4346a17de
Merge pull request #195 from max/impossible-interface-nil-check
...
Add new query ImpossibleInterfaceNilCheck
2019-11-27 11:15:05 +00:00
Max Schaefer
ba54cde86e
Add two references.
2019-11-27 10:47:42 +00:00
Max Schaefer
e5a12e9738
Add new query ImpossibleInterfaceNilCheck.
2019-11-26 20:28:53 +00:00
Max Schaefer
f4a24b0353
Improve type information for tuple elements.
...
We would previously rely on the type information of the target variable into which the element is stored, but that could be a more general type.
For example, in the assignment
```go
x, y := f()
```
the type of `x` might be an interface while the type of `f()[0]` is a concrete type implementing that interface.
2019-11-26 16:19:17 +00:00
Sauyon Lee
1d21347578
Merge pull request #194 from max/field-write-through-embedded-pointer
...
Fix DeadStoreOfField false positive.
2019-11-25 13:14:24 -08:00
Max Schaefer
ee723d8a4f
Fix DeadStoreOfField false positive.
...
We should look into properly desugaring embedded types in the IR, but for now this workaround should suffice.
2019-11-25 20:21:16 +00:00
Sauyon Lee
2c921d9418
Merge pull request #193 from max/header-xss
...
Don't flag header injection as XSS.
2019-11-25 11:56:54 -08:00
Sauyon Lee
61c2478541
Merge pull request #12 from github/rc/1.23
...
Merge rc/1.23 into master
2019-11-25 09:20:17 -08:00
Max Schaefer
8bd45593e0
Merge pull request #11 from github/1.23/SD-4095-finalize-change-notes-go
...
1.23: SD-4095 Minor text changes to analysis change notes
2019-11-25 15:56:17 +00:00
Felicity Chapman
de2c7d8884
Minor text changes
2019-11-25 15:48:58 +00:00
Max Schaefer
adf9764085
Don't flag header injection as XSS.
...
All results I have seen from this are uninteresting.
2019-11-25 15:06:53 +00:00
Shati Patel
b21e4404b5
Merge pull request #192 from max/constant-length-comparison
...
Add new query ConstantLengthComparison.
2019-11-25 11:07:58 +00:00
Max Schaefer
db4e6789bb
Address doc review comment.
...
Co-Authored-By: Shati Patel <shati@semmle.com >
2019-11-25 10:44:41 +00:00
Max Schaefer
e16a81cba9
Apply review suggestions.
2019-11-25 09:15:57 +00:00
Max Schaefer
cdb843516a
Introduce DataFlow::Node.getBasicBlock() and use it.
2019-11-25 09:14:15 +00:00
Max Schaefer
1ff032d11e
Add new query ConstantLengthComparison.
2019-11-22 20:55:14 +00:00
Max Schaefer
26a656b838
Merge pull request #189 from sauyon/use-taint-split
...
Use split taint predicates to emulate taint
2019-11-22 17:51:09 +00:00
Sauyon Lee
50b48e1c9e
Merge pull request #191 from max/isEmptyInterfaceNoInline
...
Mark `isEmptyInterface` as `noinline`.
2019-11-22 09:45:06 -08:00
Max Schaefer
e367a48f6e
Mark isEmptyInterface as noinline.
2019-11-22 09:19:34 +00:00
Sauyon Lee
4ea45dbf34
Use data-flow API in stringConcatStep
2019-11-21 23:48:23 -08:00
Sauyon Lee
9651a0bfc4
Use the split taint predicate to emulate taint where required
...
In particular, the OpenUrlRedirect and CleartextLogging queries, which both have taint flow into
an object when one of its fields is written.
2019-11-21 22:58:36 -08:00
Sauyon Lee
c0730fe4cc
Make taintStep public
2019-11-21 22:58:25 -08:00
Sauyon Lee
73922e98d7
Merge pull request #188 from Semmle/rc/1.23
...
Merge rc/1.23 into master
2019-11-21 22:52:12 -08:00
Max Schaefer
228e95a646
Merge pull request #185 from sauyon/open-redirect-fp1
...
OpenRedirect: treat assignments to Url.Path as a barrier
2019-11-21 16:51:16 +00:00
Sauyon Lee
81ba71e47b
Address review comments
2019-11-21 08:29:01 -08:00
Shati Patel
d8c6361312
Merge pull request #187 from max/rc/1.23
...
Add change notes for 1.23.
2019-11-21 16:07:21 +00:00
Max Schaefer
7136713a5f
Add change notes for 1.23.
2019-11-21 15:50:40 +00:00
Max Schaefer
a54d30c053
Merge pull request #186 from sauyon/taint-split
...
Split taintStep into many predicates
2019-11-20 20:39:27 +00:00
Sauyon Lee
3f437612e1
Add qldoc to all taint step predicates.
2019-11-20 11:27:24 -08:00
Sauyon Lee
1092fe5870
Move SsaWithFields to the Ssa file and rework it for public use
...
Also use it in OpenRedirect
2019-11-20 11:20:55 -08:00
Sauyon Lee
4c9bf2265e
OpenRedirect: treat assignments to Url.Path as a barrier
2019-11-20 11:20:54 -08:00
Max Schaefer
215fe26a73
Fix a dead assignment.
2019-11-20 10:28:12 +00:00
Max Schaefer
f94ce88ea4
Add .lgtm.yml to classify tests.
2019-11-20 10:24:54 +00:00
Sauyon Lee
09865a5f5c
Add a field read taint step
2019-11-18 23:58:01 -08:00
Sauyon Lee
e0c589060a
Split taintStep into many predicates
2019-11-18 23:58:00 -08:00
Max Schaefer
8cc60ba543
Add more codeql metadata files.
2019-11-14 10:35:21 +00:00
Sauyon Lee
eda858eafb
Merge pull request #184 from max/cleartext-logging-constant
...
Teach `CleartextLogging` not to flag constant sources.
2019-11-14 01:21:04 -05:00
Max Schaefer
616d78e2a5
Teach CleartextLogging not to flag constant sources.
2019-11-13 14:25:32 +00:00
Max Schaefer
50cde34878
Merge pull request #181 from sauyon/hardcoded-sensitive
...
HardcodedCredentials: Use SensitiveActions
2019-11-13 09:21:45 +00:00
Max Schaefer
ed95cdea56
Merge pull request #183 from sauyon/regexp-improvements
...
OpenUrlRedirect: Use the regexp library for RegexpCheck
2019-11-13 09:20:19 +00:00
Max Schaefer
899ae102b0
Merge pull request #182 from sauyon/fix-newline
...
autobuilder: Add a missing newline to the usage blurb
2019-11-13 09:19:22 +00:00
Sauyon Lee
3b39f5c2e1
OpenUrlRedirect: Use the regexp library for RegexpCheck
2019-11-12 15:14:05 -08:00
Sauyon Lee
2ba680ef4c
autobuilder: Add a missing newline to the usage blurb
2019-11-12 15:11:03 -08:00
Sauyon Lee
4e4d94da7b
Merge pull request #180 from max/receiver-deref-update
...
Conservatively handle indirect updates through pointer-type receiver.
2019-11-12 17:56:13 -05:00
Sauyon Lee
50a008900c
HardcodedCredentials: Use SensitiveActions
2019-11-12 14:08:44 -08:00
Max Schaefer
5726ec179c
Merge pull request #9 from github/autobuilder-add-print
...
autobuilder: Add line printing the environment and build versions of Go
2019-11-12 16:24:19 +00:00
Max Schaefer
06fe00006a
Conservatively handle indirect updates through pointer-type receiver.
...
Method references `x.m` where the receiver of `m` is a pointer implicitly take the address of `x`, so they should be treated much the same as `&x` in terms of data flow. (Ideally we'd make this explicit in the data-flow graph itself, but that's for another PR.)
2019-11-12 08:54:47 +00:00
Sauyon Lee
7c45316aa7
autobuilder: Add line printing the environment and build versions of Go
2019-11-08 19:59:52 -08:00
Max Schaefer
d14eb855fc
Go analysis support for CodeQL.
2019-11-08 12:16:26 +00:00