hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

2325 Commits

Author SHA1 Message Date
Asger F
856b50735d JS: Expand test case 2023-03-07 13:04:26 +01:00
Asger F
d4b4d22378 JS: Step through HTML sanitizers in SQL injection query 2023-03-06 15:10:26 +01:00
erik-krogh
a6c9af4182 add the html argument to the jQuery functions as an XSS sink 2023-03-03 11:09:53 +01:00
erik-krogh
94870b838f add failing test 2023-03-03 11:08:33 +01:00
Erik Krogh Kristensen
50aa5e072a Merge pull request #12177 from erik-krogh/alias-html 
JS: More precise type-test sanitizer guards in unsafe-html-construction
 2023-02-27 18:16:11 +01:00
Erik Krogh Kristensen
927c322b7b Merge pull request #11769 from erik-krogh/moreSan 
JS: Sanitizer for `sanitizer(x) === true`
 2023-02-27 15:48:34 +01:00
erik-krogh
0e60fc5512 Merge branch 'main' into alias-html 2023-02-27 09:16:25 +01:00
Erik Krogh Kristensen
f8f926ad50 Merge pull request #12175 from erik-krogh/reg-input 
JS: add process.env and process.argv etc. as source for `js/regex-injection`
 2023-02-27 09:12:02 +01:00
erik-krogh
51ddb55d7b use tainted-object to precisely model that plain object are fine, but their properties are not 2023-02-15 15:02:03 +01:00
erik-krogh
b7305fd229 also consider relative exports when finding library inputs 2023-02-14 21:08:13 +01:00
erik-krogh
393649b7ce don't call environment variables for command-line arguments 2023-02-14 14:27:41 +01:00
erik-krogh
36478124ae add process.env and process.argv etc. as source for js/regex-injection 2023-02-14 14:21:53 +01:00
erik-krogh
943bdeca6d make appliesTo recursive 2023-02-14 14:16:45 +01:00
erik-krogh
9549cac3e5 add an additional barrier guard that finds "=== true" versions of previous barrier guards 2023-02-14 14:15:23 +01:00
erik-krogh
c355a26657 add failing test 2023-02-14 14:12:35 +01:00
Erik Krogh Kristensen
2f8c9a5a2c Merge pull request #12171 from erik-krogh/reg-dot 
JS: dont recognize regexps that match dot as sanitizers
 2023-02-14 14:10:44 +01:00
Erik Krogh Kristensen
e3e2df3247 Merge pull request #12166 from erik-krogh/more-html-san 
JS: add `HtmlSanitizer` as a sanitizer DOMBasedXss
 2023-02-14 14:09:56 +01:00
Erik Krogh Kristensen
028fcc7edf Merge pull request #11959 from erik-krogh/ssrfSan 
JS: add encodeURIComponent as a sanitizer for request-forgery
 2023-02-14 13:39:53 +01:00
Erik Krogh Kristensen
a498936f16 Merge pull request #12170 from erik-krogh/more-lib 
JS: More library inputs
 2023-02-14 13:38:00 +01:00
erik-krogh
c17d057520 default to index.js when no main: is specified in package.json, and recognize more classes as library inputs 2023-02-13 21:24:41 +01:00
erik-krogh
68656274f4 dont recognize regexps that match dot as sanitizers 2023-02-13 17:36:51 +01:00
erik-krogh
6192544fb4 add test for express-ws as a source 2023-02-13 15:26:50 +01:00
erik-krogh
b85bfc8ba6 add HtmlSanitizer as a sanitizer for DOMBasedXss 2023-02-13 11:57:29 +01:00
erik-krogh
c258e44772 add failing test for spurious edge through sanitizer 2023-02-13 11:49:57 +01:00
erik-krogh
02da718786 add code-injection sink for node-pty 2023-01-30 15:14:25 +01:00
Erik Krogh Kristensen
99bad77972 Merge pull request #11906 from erik-krogh/moreStem 
JS: expand what is parsed as the stem of a pathexpr
 2023-01-25 08:44:44 +01:00
Erik Krogh Kristensen
fc66c905ff Merge pull request #11859 from erik-krogh/moreShell 
JS: slightly broaden the regular expression that recognizes bad string-concats used as shell commands
 2023-01-23 22:26:17 +01:00
Erik Krogh Kristensen
a10b45e0db Merge pull request #11927 from mvogelgesang/express-rate-limit 
JS: Updated express-rate-limit example to match implementation examples f…
 2023-01-23 14:37:50 +01:00
erik-krogh
3cece50f78 add encodeURIComponent as a sanitizer for request-forgery 2023-01-23 13:53:53 +01:00
erik-krogh
be8ef1b324 add failing test 2023-01-23 13:52:36 +01:00
Erik Krogh Kristensen
1ee9957838 Merge pull request #9807 from erik-krogh/endFilter 
JS: recognize "-->" as a bad tag filter
 2023-01-23 10:06:50 +01:00
Mark Vogelgesang
c9119848d9 Updated express-rate-limit example to match implementation examples found on packages README 2023-01-18 14:42:40 -05:00
erik-krogh
4b74dec18f expand what is parsed as the stem of a pathexpr 2023-01-17 21:28:21 +01:00
Erik Krogh Kristensen
8ccc384043 Merge pull request #11858 from erik-krogh/moreSpawn 
JS: track shell:true more in js/shell-command-constructed-from-input
 2023-01-16 13:24:50 +01:00
erik-krogh
38ca68febb recognize "-->" as a bad tag filter 2023-01-10 18:09:56 +01:00
Erik Krogh Kristensen
54c780bdf9 Merge pull request #11853 from erik-krogh/assignMore 
JS: add local flow when recognizing Object.assign calls for library-inputs
 2023-01-10 17:04:29 +01:00
Tony Torralba
72a11e737d Merge pull request #11775 from atorralba/atorralba/all/omittable-exists 
All: Remove omittable exists variables
 2023-01-10 16:07:06 +01:00
erik-krogh
23a847b1cf track shell:true more in js/shell-command-constructed-from-input 2023-01-10 15:27:37 +01:00
erik-krogh
5c388c554c fix that the TypeTracker was unrestricted for the base-case of nonFirstLocationType 2023-01-10 13:39:50 +01:00
erik-krogh
e02b67af63 add failing test 2023-01-10 13:39:50 +01:00
erik-krogh
79e161e046 slightly broaden the regular expression that recognizes bad string-concats used as shell commands 2023-01-10 12:49:37 +01:00
erik-krogh
9f100ef2c6 add local flow when recognizing Object.assign calls for library-inputs 2023-01-09 17:44:11 +01:00
erik-krogh
90f9e3f825 recognize an infinite repetition of a char-class like regex as a char-class like regex 2023-01-09 17:25:08 +01:00
Calum Grant
ad55706527 Merge branch 'main' into calumgrant/remove-lgtm 2023-01-03 10:27:30 +00:00
Arthur Baars
98c5b81456 Merge pull request #11723 from aibaars/alert-suppression 
CodeQL alert suppression
 2022-12-21 10:59:57 +01:00
Jacques
b99c500435 Fix associated test 2022-12-20 12:51:13 +09:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Calum Grant
4a37c01c5f JavaScript: Remove references to LGTM 2022-12-19 15:15:17 +00:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Erik Krogh Kristensen
6b9cab23d4 Merge pull request #11248 from erik-krogh/js-redosMod 
JS: use the shared regex pack
 2022-12-05 14:48:37 +01:00