hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

1990 Commits

Author SHA1 Message Date
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
122f68e525 Update javascript/ql/test/query-tests/Security/CWE-400/ReDoS/polynomial-redos.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:22:22 +01:00
Asger F
8ee5b237e2 Update javascript/ql/test/query-tests/Security/CWE-730/server-crash.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:21:46 +01:00
Asger F
92dfdc8194 Update javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/UnsafeHtmlExpansion.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:33 +01:00
Asger F
21d42bcd21 Update javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/exception-xss.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:01 +01:00
Asger F
dad4838d3b Update javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tst.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:42 +01:00
Asger F
017f458534 Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:22 +01:00
Asger F
24c9b2ef9b Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:02 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00
Asger F
2a194a53af raw test output 2025-02-28 13:29:39 +01:00
Asger F
193b26e938 JS: Add query IDs 2025-02-28 13:29:37 +01:00
Asger F
33602ee52b JS: Convert some comments to JSX 2025-02-28 13:29:36 +01:00
Asger F
c67c5854ba Disable for more queries with alerts in JSON 2025-02-28 13:29:35 +01:00
Asger F
64d39da5f8 JS: Accept Sources/Sink tags 2025-02-28 13:29:30 +01:00
Asger F
19cada38ff JS: Migrate a new file from OK-style comments 2025-02-28 13:29:29 +01:00
Asger F
fd6a9c6144 JS: Accept an alert 2025-02-28 13:29:27 +01:00
Asger F
b4ac2f7d73 JS: Add a query ID 2025-02-28 13:29:26 +01:00
Asger F
87518ba60e JS: Update tainted-sendFile.js 
This file was added on main while this branch was in progress. Porting the whole file in one step.
 2025-02-28 13:29:25 +01:00
Asger F
bb67a0e9b0 JS: Remove outdated comment 2025-02-28 13:29:23 +01:00
Asger F
0496de6c8f JS: Accept alerts in UselessCharacterEscape 2025-02-28 13:29:22 +01:00
Asger F
4d7cbe6f60 JS: Accept to web socket-based SSRF alerts 2025-02-28 13:29:07 +01:00
Asger F
764eb98809 JS: Move two alerts and add query ID 2025-02-28 13:29:06 +01:00
Asger F
976096540f JS: Accept an alert 2025-02-28 13:29:05 +01:00
Asger F
49274d5f73 JS: Accept an alert 2025-02-28 13:29:03 +01:00
Asger F
2d1aa3e00a JS: Accept missing alert and clarify reason 2025-02-28 13:29:02 +01:00
Asger F
9f8744680d JS: Remove a fixed spurious alert 2025-02-28 13:29:01 +01:00
Asger F
3a535dbf68 JS: Accept another alert 2025-02-28 13:29:00 +01:00
Asger F
db98dc6272 JS: Move some alerts and add query IDs 2025-02-28 13:28:59 +01:00
Asger F
c79d355d26 JS: Update alerts in example_bypass.js 
We happen to flag the condition with different-kinds-comparison-bypass.
The ConditionalBypass query was originally intended to flag this I think, but doesn't anymore.
 2025-02-28 13:28:57 +01:00
Asger F
7ed5398688 JS: Accept some different-kind comparison-bypass alerts 2025-02-28 13:28:55 +01:00
Asger F
a1796bda8a JS: Accept some new alerts in HardcodedCredentials 
I think these were just missing 'NOT OK' comments
 2025-02-28 13:28:54 +01:00
Asger F
2bed3a40bf JS: Mark some missing alerts in HardcodedCredentials 
Not sure why
 2025-02-28 13:28:52 +01:00
Asger F
9ef5a97b4e JS: Accept alerts in HardcodedCredentials and add Sink tags 
This query now uses the source as the primary alert location, and some old comments appeared at the sink.

To make the change easier to verify, this commit migrates the test to include Sink tags. (Source/Sink tags in general are added later)
 2025-02-28 13:28:51 +01:00
Asger F
7fa63fa6ee JS: Update alerts in HardcodedCredentials test 
Note that file is inside a folder named __tests__. The same code is found in another file outside the test folder, where it is flagged.
 2025-02-28 13:28:50 +01:00
Asger F
69b2d197e6 JS: Move an alert and add RelatedLocations 2025-02-28 13:28:48 +01:00
Asger F
360c76514c JS: Accept some suboptimal alert locations 
Not perfect alert locations, but not important enough to fix right now
 2025-02-28 13:28:47 +01:00
Asger F
dbc079c880 JS: Accept a spurious alert 
Unlike the previous case 'isLocalUrl' actually resolves to a function in this case, but we don't recognise the sanitiser used in it. Fixing it is out of scope for this PR.
 2025-02-28 13:28:46 +01:00
Asger F
29659647ea JS: Fix barrier guards for ServerSideUrlRedirect 
The barrier guards for ServerSideUrlRedirect were lost when it was ported to ConfigSig, and the aforementioned spurious alert was a result of that.

The query had two guards: a proper barrier guard and a heuristic one for functions named 'isLocalURL'. We should move away from the heuristic name-based sanitiser guards, so I'm only reinstating the proper barrier guard.

Therefore updating the test to test the real barrier guard.
 2025-02-28 13:28:43 +01:00
Asger F
38be524b6a JS: Temporarily accept a spurious alert 
This was due to a bug that will be fixed in the following commit
 2025-02-28 13:28:41 +01:00
Asger F
7c2394fab4 JS: Accept some alerts 2025-02-28 13:28:40 +01:00
Asger F
b734a3d804 JS: Fix a test case bug due to a typo 
We got a missing result on that line
 2025-02-28 13:28:39 +01:00
Asger F
1ee93cf51b JS: Manually fix two comments in JSX 2025-02-28 13:28:37 +01:00
Asger F
0f23c33d3c JS: Fix a comment 
Apparently this comment used to say 'NOT OK' but clearly 'OK' was meant
 2025-02-28 13:28:36 +01:00
Asger F
cd788bc509 JS: Mark what seems to be missing alerts for fflate 
The query doesn't seem to model or even mention fflate. Not sure if the library is safe or just not modeled.
 2025-02-28 13:28:35 +01:00
Asger F
3f7f74b925 JS: Accept alerts for DecompressionBomb 2025-02-28 13:28:33 +01:00