diff --git a/change-notes/1.19/analysis-javascript.md b/change-notes/1.19/analysis-javascript.md index 3321382ce50..bc476a98cf8 100644 --- a/change-notes/1.19/analysis-javascript.md +++ b/change-notes/1.19/analysis-javascript.md @@ -16,7 +16,7 @@ | **Query** | **Tags** | **Purpose** | |-----------------------------------------------|------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Enabling Node.js integration for Electron web content renderers (`js/enabling-electron-renderer-node-integration`) | security, frameworks/electron, external/cwe/cwe-094 | Highlights Electron web content renderer preferences with Node.js integration enabled, indicating a violation of [CWE-94](https://cwe.mitre.org/data/definitions/94.html). Results are not shown on LGTM by default. | -| File data in outbound remote request | security, external/cwe/cwe-200 | Highligts locations where file data is sent in a remote request. Results are not shown on LGTM by default. | +| File data in outbound remote request | security, external/cwe/cwe-200 | Highlights locations where file data is sent in a remote request. Results are not shown on LGTM by default. | | Host header poisoning in email generation | security, external/cwe/cwe-640 | Highlights code that generates emails with links that can be hijacked by HTTP host header poisoning, indicating a violation of [CWE-640](https://cwe.mitre.org/data/definitions/640.html). Results shown on LGTM by default. | | Replacement of a substring with itself (`js/identity-replacement`) | correctness, security, external/cwe/cwe-116 | Highlights string replacements that replace a string with itself, which usually indicates a mistake. Results shown on LGTM by default. | | Stored cross-site scripting (`js/stored-xss`) | security, external/cwe/cwe-079, external/cwe/cwe-116 | Highlights uncontrolled stored values flowing into HTML content, indicating a violation of [CWE-079](https://cwe.mitre.org/data/definitions/79.html). Results shown on LGTM by default. | diff --git a/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql b/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql index 0b4344fe2e4..fa2aaf95e80 100644 --- a/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql +++ b/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql @@ -1,5 +1,5 @@ /** - * @name User-controlled data in file + * @name User-controlled data written to file * @description Writing user-controlled data directly to the file system allows arbitrary file upload and might indicate a backdoor. * @kind problem * @problem.severity warning diff --git a/javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll b/javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll index 470b533790b..41004c6123b 100644 --- a/javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll +++ b/javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll @@ -10,7 +10,7 @@ import javascript /** * A call that performs a request to a URL. * - * Example: An HTTP POST request is client request that sends some + * Example: An HTTP POST request is a client request that sends some * `data` to a `url`, where both the headers and the body of the request * contribute to the `data`. */ diff --git a/javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll b/javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll index 5f9ade38d2b..dd77a3b32c4 100644 --- a/javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll +++ b/javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll @@ -480,7 +480,7 @@ module NodeJSLib { } /** - * A read from the file system. + * A write to the file system, using a stream. */ private class FileStreamWrite extends FileSystemWriteAccess, DataFlow::CallNode { diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/HttpToFileAccess.qll b/javascript/ql/src/semmle/javascript/security/dataflow/HttpToFileAccess.qll index 10f3508d6d0..8b47e4ed192 100644 --- a/javascript/ql/src/semmle/javascript/security/dataflow/HttpToFileAccess.qll +++ b/javascript/ql/src/semmle/javascript/security/dataflow/HttpToFileAccess.qll @@ -1,5 +1,5 @@ /** - * Provides a taint tracking configuration for reasoning about user-controlled data in files. + * Provides a taint tracking configuration for reasoning about writing user-controlled data to files. */ import javascript import semmle.javascript.security.dataflow.RemoteFlowSources @@ -7,22 +7,22 @@ import semmle.javascript.security.dataflow.RemoteFlowSources module HttpToFileAccess { /** - * A data flow source for user-controlled data in files. + * A data flow source for writing user-controlled data to files. */ abstract class Source extends DataFlow::Node { } /** - * A data flow sink for user-controlled data in files. + * A data flow sink for writing user-controlled data to files. */ abstract class Sink extends DataFlow::Node { } /** - * A sanitizer for user-controlled data in files. + * A sanitizer for writing user-controlled data to files. */ abstract class Sanitizer extends DataFlow::Node { } /** - * A taint tracking configuration for user-controlled data in files. + * A taint tracking configuration for writing user-controlled data to files. */ class Configuration extends TaintTracking::Configuration { Configuration() { @@ -43,7 +43,7 @@ module HttpToFileAccess { } } - /** A source of remote user input, considered as a flow source for user-controlled data in files. */ + /** A source of remote user input, considered as a flow source for writing user-controlled data to files. */ class RemoteFlowSourceAsSource extends Source { RemoteFlowSourceAsSource() { this instanceof RemoteFlowSource } }