mirror of
https://github.com/github/codeql.git
synced 2026-07-03 02:25:29 +02:00
Merge branch 'main' into mad-write-through-model
This commit is contained in:
@@ -1,3 +1,14 @@
|
||||
## 2.8.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Added `UseMemoDirective` and `UseNoMemoDirective` classes to model the React compiler directives `"use memo"` and `"use no memo"`.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added more prompt-injection sinks for the OpenAI, Anthropic, and Google GenAI SDKs: OpenAI `videos.create`/`edit`/`extend`/`remix` (Sora) prompts and `beta.realtime.sessions.create` instructions, Anthropic legacy `completions.create` prompts, and Google GenAI `caches.create` cached contents and system instructions.
|
||||
* The OpenAI legacy `completions.create` prompt is now treated as a user-prompt-injection sink instead of a system-prompt-injection sink, since the legacy `/v1/completions` endpoint takes a single free-form prompt with no role separation.
|
||||
|
||||
## 2.7.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: feature
|
||||
---
|
||||
* Added `UseMemoDirective` and `UseNoMemoDirective` classes to model the React compiler directives `"use memo"` and `"use no memo"`.
|
||||
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added support for Angular's `@HostListener('window:message', ...)` and `@HostListener('document:message', ...)` decorators as `postMessage` event handlers. The decorated method's event parameter is now recognized as a client-side remote flow source, and is considered by the `js/missing-origin-check` query.
|
||||
@@ -1,5 +1,10 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 2.8.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Added `UseMemoDirective` and `UseNoMemoDirective` classes to model the React compiler directives `"use memo"` and `"use no memo"`.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added more prompt-injection sinks for the OpenAI, Anthropic, and Google GenAI SDKs: OpenAI `videos.create`/`edit`/`extend`/`remix` (Sora) prompts and `beta.realtime.sessions.create` instructions, Anthropic legacy `completions.create` prompts, and Google GenAI `caches.create` cached contents and system instructions.
|
||||
* The OpenAI legacy `completions.create` prompt is now treated as a user-prompt-injection sink instead of a system-prompt-injection sink, since the legacy `/v1/completions` endpoint takes a single free-form prompt with no role separation.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.7.2
|
||||
lastReleaseVersion: 2.8.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 2.7.3-dev
|
||||
version: 2.8.1-dev
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -195,6 +195,18 @@ class PostMessageEventHandler extends Function {
|
||||
rhs = DataFlow::globalObjectRef().getAPropertyWrite("onmessage").getRhs() and
|
||||
rhs.getABoundFunctionValue(paramIndex).getFunction() = this
|
||||
)
|
||||
or
|
||||
// Angular's `@HostListener('window:message', ['$event'])` decorator registers
|
||||
// a method as a `message` event handler on the global `window` or `document`
|
||||
// target. The decorated method receives the `MessageEvent` as its first
|
||||
// parameter, so it is equivalent to `window.addEventListener('message', ...)`.
|
||||
exists(MethodDefinition method, DataFlow::CallNode decorator |
|
||||
decorator = DataFlow::moduleMember("@angular/core", "HostListener").getACall() and
|
||||
decorator = method.getADecorator().getExpression().flow() and
|
||||
decorator.getArgument(0).mayHaveStringValue(["window:message", "document:message"]) and
|
||||
method.getBody() = this and
|
||||
paramIndex = 0
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
## 2.4.0
|
||||
|
||||
### New Queries
|
||||
|
||||
* Added a new query, `js/system-prompt-injection`, to detect cases where untrusted, user-provided values flow into the system prompt of an AI model, allowing an attacker to manipulate the model's behavior.
|
||||
* Added a new experimental query, `javascript/ssrf-ipv6-transition-incomplete-guard`, to detect SSRF host-validation guards that reject private IPv4 ranges but fail to unwrap IPv6-transition forms (IPv4-mapped `::ffff:`, NAT64 `64:ff9b::`, 6to4 `2002::`), allowing the guard to be bypassed by wrapping an internal IPv4 address in a transition literal.
|
||||
|
||||
## 2.3.11
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
|
||||
* Added a new query, `js/system-prompt-injection`, to detect cases where untrusted, user-provided values flow into the system prompt of an AI model, allowing an attacker to manipulate the model's behavior.
|
||||
@@ -1,4 +1,6 @@
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
## 2.4.0
|
||||
|
||||
### New Queries
|
||||
|
||||
* Added a new query, `js/system-prompt-injection`, to detect cases where untrusted, user-provided values flow into the system prompt of an AI model, allowing an attacker to manipulate the model's behavior.
|
||||
* Added a new experimental query, `javascript/ssrf-ipv6-transition-incomplete-guard`, to detect SSRF host-validation guards that reject private IPv4 ranges but fail to unwrap IPv6-transition forms (IPv4-mapped `::ffff:`, NAT64 `64:ff9b::`, 6to4 `2002::`), allowing the guard to be bypassed by wrapping an internal IPv4 address in a transition literal.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 2.3.11
|
||||
lastReleaseVersion: 2.4.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 2.3.12-dev
|
||||
version: 2.4.1-dev
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
@@ -0,0 +1,29 @@
|
||||
import { Component, HostListener } from '@angular/core';
|
||||
|
||||
@Component({ selector: 'app-root' })
|
||||
class AngularComponent {
|
||||
// Angular registers this as a `window` message handler via the decorator,
|
||||
// equivalent to `window.addEventListener('message', ...)`.
|
||||
@HostListener('window:message', ['$event'])
|
||||
onWindowMessage(event: MessageEvent): void { // $ Alert - no origin check
|
||||
eval(event.data);
|
||||
}
|
||||
|
||||
@HostListener('document:message', ['$event'])
|
||||
onDocumentMessage(event: MessageEvent): void { // $ Alert - no origin check
|
||||
eval(event.data);
|
||||
}
|
||||
|
||||
@HostListener('window:message', ['$event'])
|
||||
onCheckedMessage(event: MessageEvent): void { // OK - has an origin check
|
||||
if (event.origin === 'https://www.example.com') {
|
||||
eval(event.data);
|
||||
}
|
||||
}
|
||||
|
||||
// Not a message event, so it is not a postMessage handler.
|
||||
@HostListener('window:resize', ['$event'])
|
||||
onResize(event: MessageEvent): void { // OK - not a message handler
|
||||
eval(event.data);
|
||||
}
|
||||
}
|
||||
@@ -1,3 +1,5 @@
|
||||
| Angular.ts:8:19:8:23 | event | Postmessage handler has no origin check. |
|
||||
| Angular.ts:13:21:13:25 | event | Postmessage handler has no origin check. |
|
||||
| tst.js:11:20:11:24 | event | Postmessage handler has no origin check. |
|
||||
| tst.js:24:27:24:27 | e | Postmessage handler has no origin check. |
|
||||
| tst.js:40:27:40:27 | e | Postmessage handler has no origin check. |
|
||||
|
||||
Reference in New Issue
Block a user