github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
2 381 коммит 1 541 ветка 130 Теги 483 MiB
Граф коммитов

31 Коммитов

Автор SHA1 Сообщение Дата
Taus cb93017d98
Merge pull request #606 from markshannon/python-fix-regex-fp 
Python: Fix off-by-one error in regex parsing.
 2018-12-06 12:59:44 +01:00
Taus 8493518135
Merge pull request #599 from markshannon/python-fix-essa-nonlocal 
Python ESSA: Fix definition of ESSA non-local variables.
 2018-12-04 17:06:30 +01:00
Mark Shannon a5b79e92a5 Python: Fix off-by-one error in regex parsing. 2018-12-03 16:50:47 +00:00
Mark Shannon d32e6b8501 Python tests: Make sure stdlib can be found. 2018-12-03 11:55:57 +00:00
Mark Shannon fb90d2a5a6 Python points-to: Update test results for fixed ESSA computation. 2018-12-03 11:13:18 +00:00
Mark Shannon b3eaa46f14 Python: Use consistent abbreviations in weak-crypto query message. 2018-11-28 16:58:22 +00:00
Mark Shannon 1065ad0ce7 Python: Weak crypto query. 2018-11-28 16:57:34 +00:00
Mark Shannon eefb45c94b Python: jinja2-without-escaping query: Clean up query and account for Template class in tests. 2018-11-28 10:46:44 +00:00
Mark Shannon 1080525d7d Python: Add missing test stub. 2018-11-28 10:45:48 +00:00
Mark Shannon 243280dc00 Python: New query to check for use of jinja2 templates without auto-escaping. 2018-11-28 10:45:19 +00:00
Mark Shannon 31ac33e723
Merge pull request #528 from taus-semmle/python-flask-debug 
Python: Implement check for flask debug mode.
 2018-11-27 19:42:26 +00:00
Taus 2b340b4804
Merge pull request #530 from markshannon/python-no-cert-validation 
New query to check for making a request without cert verification.
 2018-11-27 19:01:10 +01:00
Taus Brock-Nannestad 6ebf504d97 Update test results after stub change. 2018-11-27 16:59:19 +01:00
Taus Brock-Nannestad 8d341ab467 Fix stub file. 2018-11-27 16:56:09 +01:00
Taus Brock-Nannestad a4da245809 Python: Implement check for flask debug mode. 2018-11-27 15:14:38 +01:00
Taus f0fbed76e7
Merge pull request #539 from markshannon/python-path-fix-siblings 
Python: Fix parents relation for path queries.
 2018-11-23 17:59:04 +01:00
Mark Shannon 3190b12544 Python: Fix parent relation for path-queries. 2018-11-23 15:04:01 +00:00
Mark Shannon 6588606739 Python: Account for other 'falsey' values in query. 2018-11-23 14:42:45 +00:00
Mark Shannon 45e864a395 Python: New query to test for requests without validation. 2018-11-23 14:42:45 +00:00
Mark Shannon f0206a2ff4 Python: Tests for new query: requests called with verify=False. 2018-11-23 14:42:45 +00:00
Mark Shannon b94493aec3 Python: Add extra sinks for command-injection query. 2018-11-23 14:29:02 +00:00
Mark Shannon 61bd8682df Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly. 2018-11-23 12:32:14 +00:00
Mark Shannon c01db23f58 Python: Fix up expected results of SqlInjection.ql 2018-11-22 11:05:09 +00:00
Mark Shannon f3fedcdf38 Python tests: Move security test stubs to correct location. 2018-11-22 11:05:09 +00:00
Mark Shannon 04e5b8927a Python tests: use a more accurate form os os.path.join() in test lib. 2018-11-22 11:05:09 +00:00
Mark Shannon 88d82017b3 Python: Convert stack-trace-exposure query to path-problem. 2018-11-22 11:05:08 +00:00
Mark Shannon 2a24723cc3 Python: Update test results for path queries. 2018-11-22 11:05:08 +00:00
Taus 24bf2922e0
Merge pull request #515 from markshannon/python-add-metadata 
Python tests: Add missing metadata files.
 2018-11-21 15:45:32 +01:00
Mark Shannon 527c95cd0b Python tests: Add missing metadata files. 2018-11-21 14:39:18 +00:00
Mark Shannon 976fed76b9 Python tests: Remove some obsolete tests. 2018-11-21 14:18:46 +00:00
Mark Shannon 05b69a1c0f QL tests for Python queries and libraries. 2018-11-19 15:15:54 +00:00