hohn/codeql-javascript-multiflow
1
0
Fork 0
mirror of https://github.com/hohn/codeql-javascript-multiflow.git synced 2025-12-15 19:53:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
29 Commits 1 Branch 0 Tags
master
Commit Graph

29 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Hohn
d1b8c6842d Add kludge to setValueTaintStep to get the sanitizer to work 
To be refined...
 2023-12-08 17:23:17 -08:00
Michael Hohn
aaa2d94df8 wip: illustrate puzzling FP 2023-12-06 17:18:36 -08:00
Michael Hohn
050c3e6243 wip: illustrate puzzling FP 2023-12-06 16:59:09 -08:00
Michael Hohn
f9714d587e Add .gitignore 2023-12-06 16:56:41 -08:00
Michael Hohn
301d1ca2f5 wip: another nested if() test case 2023-12-05 19:46:57 -08:00
Michael Hohn
405b3a0661 Add nested if() test. Update source locations. 2023-12-05 18:55:06 -08:00
Michael Hohn
d02e26d6d2 Add make-db script 2023-12-01 14:28:03 -08:00
Michael Hohn
9565629463 Number tests and update test queries and expected values 2023-12-01 13:42:37 -08:00
Michael Hohn
d4c477a0ed Add GuardedSafeToWrite test 2023-11-30 14:00:27 -08:00
Michael Hohn
01524f7432 Add guard to taint tracking configuration 2023-11-30 13:57:39 -08:00
Michael Hohn
788d772556 Add PreGuardRecursivePredicate test 2023-11-29 20:21:32 -08:00
Michael Hohn
813a53a054 Introduce recursive predicate in prepatation for sanitizer; add guard condition 
guard condition: if (ua.safeToWrite())...
 2023-11-29 20:16:15 -08:00
Michael Hohn
1bc71c068f Include second type-tracker based dataflow check 2023-11-29 15:21:59 -08:00
Michael Hohn
bf9197cb57 Add def-use code sample and query 2023-11-28 17:04:57 -08:00
Michael Hohn
60ee4295b2 minor cleanup 2023-11-28 16:47:52 -08:00
Michael Hohn
8cdb8ef0dd Add new example to illustrate taint propagation with def-use dataflow 2023-11-28 16:39:13 -08:00
Michael Hohn
c1962230c2 Switch to type tracking for dataflow from 'new db()' to 'db.exec()' 2023-11-27 15:04:34 -08:00
Michael Hohn
5496a1c5ae Add dual/restricted-flow-configuration sql injection taint tracking query 2023-11-26 19:44:50 -08:00
Michael Hohn
fc09596b45 Add single-flow sql injection taint tracking query 2023-11-26 19:18:56 -08:00
Michael Hohn
18b8c9e98c Add flow config from 'new db()' to 'db.exec()' 2023-11-26 14:06:44 -08:00
Michael Hohn
247b71294a Fix snapshot query script 2023-11-26 13:25:03 -08:00
Michael Hohn
529f61a1cc Add ultimate sink predicate 2023-11-26 13:23:32 -08:00
Michael Hohn
5b294a18c8 Add session snapshot scripts 2023-11-26 13:13:41 -08:00
Michael Hohn
8ac0490289 wip: debug codeql test. Fixed by upgrading CLI. 2023-11-23 12:11:10 -08:00
Michael Hohn
563d0e7334 WIP: test structure and ultimate source query 2023-11-22 21:39:02 -08:00
Michael Hohn
c175614623 10. use the following to build a CodeQL database. 2023-11-22 20:22:15 -08:00
Michael Hohn
c860686fd0 split database connection / use over two functions 2023-11-22 20:03:06 -08:00
Michael Hohn
0cd96f065a Under construction warning 2023-11-22 16:45:03 -08:00
Michael Hohn
6bb29c4969 Minimal Javascript/SQLite3 sample 2023-11-22 16:43:21 -08:00