hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #18790 from asgerf/js/no-implicit-array-taint

Browse Source 
JS: Do not taint whole array when storing into ArrayElement
This commit is contained in:
Asger F
2025-02-19 13:23:31 +01:00
committed by GitHub
parent e1c280500e 804a1a6cb0
commit 58c8b5fa2b
18 changed files with 254 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/ql/src/change-notes/2025-02-18-no-implicit-array-taint.md Normal file
View File

@@ -0,0 +1,5 @@
---
category: majorAnalysis
---
* Improved precision of data flow through arrays, fixing some spurious flows
that would sometimes cause the `length` property of an array to be seen as tainted.