codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
This is a replacement of https://github.com/github/codeql/pull/12782, porting `py/weak-sensitive-data-hashing` to Ruby. As with the previous PR, the python version is a little more sophisticated in terms of its source modeling. Compared...
Most Go frameworks provide a function call where-in you can pass a handler for testing origins and performing CORS checks. These functions typically check for the supllied origin in a...
This small change should simplify the SimpleRangeAnalysis library down the line by ignoring floats, but it also reduces the precision of some queries. Some coding standard tests are also expected...
This PR use BigInt as the Delta type everywhere in the shared range analysis library. Shared commit: - **shared/rangeanalysis: use BigInt as the Delta type everywhere** C++ commits: - **cpp/ql/lib:...
This query detects the case where an `auth-constraint` is present for a particular HTTP verb but does not include some other verb. The most common example for this case is...
Pycurl is a library which provides curl binding in python. The original library is partially modelled in codeql. This PR adds support to test for SSL certificate validation when using...
This PR adds a query to detect a Cross Origin Resource Sharing(CORS) policy bypass due to an incorrect check. This PR attempts to detect the vulnerability pattern found in CVE-2022-3457...
Disable SSL certificate verification can expose the communication to MITM attacks. This PR adds a query to detect the same. This also include the tests and qhelp for the same.
Part of https://github.com/github/codeql-python-team/issues/792 promoting https://github.com/github/codeql/pull/6360; as well as a follow-up to https://github.com/github/codeql/pull/16105 This PR defines new instances of the `CookieWrite` concept in terms of the `HeaderWrite` concept; as is done...
Methods with multiple implementations such as ```csharp // File1.cs class MultiImpl { public int M(int x) => x; } // File2.cs class MultiImpl { public int M(int x) => x;...
