hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

JavaScript: Reclassify PostMessageStar as CWE-201.

Browse Source
This commit is contained in:
Max Schaefer
2019-01-31 08:08:52 +00:00
parent 769e407c24
commit aeb8cc62b2
12 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/config/suites/javascript/security
View File

@@ -14,6 +14,7 @@
+ semmlecode-javascript-queries/Security/CWE-116/IncompleteSanitization.ql: /Security/CWE/CWE-116
+ semmlecode-javascript-queries/Security/CWE-116/DoubleEscaping.ql: /Security/CWE/CWE-116
+ semmlecode-javascript-queries/Security/CWE-134/TaintedFormatString.ql: /Security/CWE/CWE-134
+ semmlecode-javascript-queries/Security/CWE-201/PostMessageStar.ql: /Security/CWE/CWE-201
+ semmlecode-javascript-queries/Security/CWE-209/StackTraceExposure.ql: /Security/CWE/CWE-209
+ semmlecode-javascript-queries/Security/CWE-312/CleartextStorage.ql: /Security/CWE/CWE-312
+ semmlecode-javascript-queries/Security/CWE-312/CleartextLogging.ql: /Security/CWE/CWE-312
@@ -22,7 +23,6 @@
+ semmlecode-javascript-queries/Security/CWE-338/InsecureRandomness.ql: /Security/CWE/CWE-338
+ semmlecode-javascript-queries/Security/CWE-346/CorsMisconfigurationForCredentials.ql: /Security/CWE/CWE-346
+ semmlecode-javascript-queries/Security/CWE-352/MissingCsrfMiddleware.ql: /Security/CWE/CWE-352
+ semmlecode-javascript-queries/Security/CWE-359/PostMessageStar.ql: /Security/CWE/CWE-359
+ semmlecode-javascript-queries/Security/CWE-400/RemotePropertyInjection.ql: /Security/CWE/CWE-400
+ semmlecode-javascript-queries/Security/CWE-502/UnsafeDeserialization.ql: /Security/CWE/CWE-502
+ semmlecode-javascript-queries/Security/CWE-506/HardcodedDataInterpretedAsCode.ql: /Security/CWE/CWE-506

0
javascript/ql/src/Security/CWE-359/PostMessageStar.qhelp → javascript/ql/src/Security/CWE-201/PostMessageStar.qhelp
View File

1
javascript/ql/src/Security/CWE-359/PostMessageStar.ql → javascript/ql/src/Security/CWE-201/PostMessageStar.ql
View File

@@ -8,6 +8,7 @@
* @precision high
* @id js/cross-window-information-leak
* @tags security
* external/cwe/cwe-201
* external/cwe/cwe-359
*/

0
javascript/ql/src/Security/CWE-359/examples/PostMessageStar.js → javascript/ql/src/Security/CWE-201/examples/PostMessageStar.js
View File

0
javascript/ql/src/Security/CWE-359/examples/PostMessageStarGood.js → javascript/ql/src/Security/CWE-201/examples/PostMessageStarGood.js
View File

0
javascript/ql/test/query-tests/Security/CWE-359/PostMessageStar.expected → javascript/ql/test/query-tests/Security/CWE-201/PostMessageStar.expected
View File

0
javascript/ql/test/query-tests/Security/CWE-359/PostMessageStar.js → javascript/ql/test/query-tests/Security/CWE-201/PostMessageStar.js
View File

1
javascript/ql/test/query-tests/Security/CWE-201/PostMessageStar.qlref Normal file
View File

@@ -0,0 +1 @@
Security/CWE-201/PostMessageStar.ql

0
javascript/ql/test/query-tests/Security/CWE-359/PostMessageStar2.js → javascript/ql/test/query-tests/Security/CWE-201/PostMessageStar2.js
View File

0
javascript/ql/test/query-tests/Security/CWE-359/PostMessageStarGood.js → javascript/ql/test/query-tests/Security/CWE-201/PostMessageStarGood.js
View File

1
javascript/ql/test/query-tests/Security/CWE-359/PostMessageStar.qlref
View File

@@ -1 +0,0 @@
Security/CWE-359/PostMessageStar.ql