github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
6 795 коммитов 1 544 Ветки 131 Тег 485 MiB
Граф коммитов

660 Коммитов

Автор SHA1 Сообщение Дата
Taus 89778ef61d
Merge pull request #1849 from markshannon/python-add-syntax-comments 
Python: Add syntax example comments for automatic document generation.
 2019-08-30 17:46:50 +02:00
Mark Shannon ad463038f8 Python: Clarify comment about 'syntax:' comment and add ... to for and async for comments. 2019-08-30 15:34:14 +01:00
Taus f8bd3770d6
Merge pull request #1848 from markshannon/python-rationalize-taint-tracking 
Python: Move TaintTracking.qll
 2019-08-30 16:21:49 +02:00
Mark Shannon 637677d515 Python: Move TaintTracking.qll from semmle.python.security to semmle.python.dataflow, for consistency with other code. 2019-08-30 12:57:47 +01:00
Mark Shannon a256945938 Python: Add syntax example comments for document generation. 2019-08-30 12:46:08 +01:00
Mark Shannon 3f740d6efe Python: Update CWE-312 queries to use new taint-tracking configuration. 2019-08-30 11:21:04 +01:00
Mark Shannon 811815aa4e Merge branch 'master' into python-cwe-312 2019-08-30 10:39:04 +01:00
Mark Shannon 989d7aeace Merge branch 'master' into python-cwe-312 2019-08-29 15:57:49 +01:00
Mark Shannon 22f55d25c2 Python taint-tracking. Reorder columns in some tests for easier comprehension of expected output. 2019-08-29 14:36:10 +01:00
Mark Shannon e51b797c03 Python taint-tracking. Add an adapter for old 'dataflow config'. 2019-08-29 14:30:09 +01:00
Mark Shannon 179f4ee88f Python taint-tracking: Add documented example test. 2019-08-29 13:03:58 +01:00
Mark Shannon 10fddbc19b Python new taint-tracking: Fix some typos and clarify documentation. 2019-08-29 11:03:35 +01:00
Mark Shannon 5bb528d236 Python taint-tracking: Fix performance of 'flowsTo' and 'testEvaluates'. 2019-08-29 10:31:50 +01:00
Mark Shannon 3872c7a1f9 Python taint-tracking. Rework handling of sequences and dicts of taint for performance. 2019-08-29 10:31:50 +01:00
Mark Shannon a36453b2e2 Python taint-tracking. Fix performance for a couple of predicates. 2019-08-29 10:31:50 +01:00
Mark Shannon 76c11c4575 Python: Update a test result. 2019-08-29 10:31:50 +01:00
Mark Shannon 45abe09494 Python taint-tracking: Improve layout and documentation. 2019-08-29 10:31:50 +01:00
Mark Shannon 91aefab7aa Python: Reorganise code a bit to minimize diff for PR. 2019-08-29 10:31:50 +01:00
Mark Shannon e5900921e7 Python taint-tracking: Remove warnings from test output. 2019-08-29 10:31:50 +01:00
Mark Shannon 691165d1c6 Python: Check-in two missing files. 2019-08-29 10:31:50 +01:00
Mark Shannon c7ec5690a5 Python taint-tracking: make sure all features of legacy extensions are supported. 2019-08-29 10:31:50 +01:00
Mark Shannon 64c160b75c Python taint-tracking: Fix ambiguous flow through class instantiation. Tweak the path query to ensure edge to sink is always present. 2019-08-29 10:31:50 +01:00
Mark Shannon d31e55f88e Python taint-tracking: Avoid ambiguous flows through calls. Fix up tests. 2019-08-29 10:31:50 +01:00
Mark Shannon 78ce19678a Python taint-tracking: Fix up SQL injection query. 2019-08-29 10:31:50 +01:00
Mark Shannon 3f8066878a Python taint-tracking: Fix up handling of contexts for __init__ and for context-free taints. 2019-08-29 10:31:50 +01:00
Mark Shannon fe9c9d479d Python taint-tracking. Fix bug in legacy API. 2019-08-29 10:31:50 +01:00
Mark Shannon 7c4a18eee3 Python taint-tracking: Fix up handling of legacy (config-less) taint-tracking 2019-08-29 10:31:50 +01:00
Mark Shannon 2d9d292ee4 Python: Fix up pi-node handling in taint-tracking. 2019-08-29 10:31:50 +01:00
Mark Shannon 955e54b360 Python: Update unitialized local to use new taint-tracking config. 2019-08-29 10:31:50 +01:00
Mark Shannon 24b4a4102c Python taint-tracking: Further enhancements to new implementation for better debugging and backwards compatibility. 2019-08-29 10:31:50 +01:00
Mark Shannon 1addfaac1a Python taint-tracking: update test results. 2019-08-29 10:31:50 +01:00
Mark Shannon a7845ae0e1 Python taint-tracking: Remove old implementation. 2019-08-29 10:31:50 +01:00
Mark Shannon 133909d7fe Python taint-tracking: Lengthen steps to better conform to old edge relation. 2019-08-29 10:31:50 +01:00
Mark Shannon da6a66975c Python taint-tracking. Further improvements to new taint-tracking. 2019-08-29 10:31:50 +01:00
Mark Shannon 74f1dd3ec0 Python taint-tracking. Add some tests and fix up various parts of the implementation. 2019-08-29 10:31:50 +01:00
Mark Shannon eed2090168 Python taint-tracking. Fill in most of new configuration-base taint-tracking implementation. 2019-08-29 10:31:47 +01:00
Mark Shannon e8bd9e7341 Python: Add new API for taint-tracking configuration. As yet, unsupported. 2019-08-29 10:27:08 +01:00
Rebecca Valentine 36f99c19bc
Merge pull request #1840 from markshannon/python-better-hasattribute-handling 
Python: Add 'hasAttribute' predicate to ObjectInternal and Value.
 2019-08-28 10:45:44 -07:00
Rebecca Valentine cac775880f
Merge pull request #1839 from markshannon/python-rationalize-library 
Python: rationalize library a bit.
 2019-08-28 10:15:36 -07:00
Rebecca Valentine 602b99e01f
Merge pull request #1834 from markshannon/python-verify-unreachable-code 
Python: Add test to verify fix.
 2019-08-28 10:15:26 -07:00
Rebecca Valentine ac78d10277
Merge pull request #1821 from markshannon/python-speedup-binary-points-to 
Python points-to: Speed up binaryPointsTo predicate.
 2019-08-28 10:14:40 -07:00
Mark Shannon 5892ce2a2b Python: Implement 'hasAttribute()' on ObjectInternal and use it to implement the same predicate on Value, ModuleObject and ClassObject. 2019-08-28 17:18:25 +01:00
Mark Shannon f64f6e6d2e Python: Move classes for lists of AST nodes into AstExtended.qll 2019-08-28 15:43:02 +01:00
Mark Shannon 97f9920a69 Python: Move NameNode class in Flow.qll with other CFG classes. 2019-08-28 14:39:27 +01:00
Mark Shannon 68da13cdc2 Python remove a couple of small AST related modules, moving contents to more appropriate modules. 2019-08-28 14:28:04 +01:00
Mark Shannon 1c8ce418d9 Python: Add test to confirm #1212 is fixed. 2019-08-28 12:01:04 +01:00
Pavel Avgustinov b3081154fa
Merge pull request #1823 from markshannon/python-dont-prune-in-ql 
Python: removing pruning in QL.
 2019-08-27 11:32:23 +01:00
Mark Shannon ca75a393b4 Python: Remove pruning in QL; rely on the extractor to do it. 2019-08-25 17:03:22 +01:00
Mark Shannon f11d0638cf Python: Remove tests for pruning in QL. 2019-08-25 17:00:08 +01:00
Mark Shannon 9b1fbac929 Python points-to: Speed up binaryPointsTo predicate. 2019-08-25 15:14:42 +01:00