hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

11808 Commits

Author SHA1 Message Date
Asger F
2ccfd73be5 JS: Add Includes::Range 2019-02-15 16:42:41 +00:00
Asger F
56e081f7c9 JS: Add StartsWith::Range 2019-02-15 16:38:18 +00:00
Asger F
1aba111a00 JS: Use ::Range pattern for abstract classes 2019-02-15 14:28:07 +00:00
Asger F
c8823fa7cf JS: change charpred of ClosureModule to be AST-based 2019-02-15 14:28:06 +00:00
Asger F
d1607f7c47 JS: remove SourceNode supertype from ClosureNamespaceAccess 2019-02-15 14:28:06 +00:00
Asger F
8801431352 JS: elaborate qldoc for isTopLevelExpr 2019-02-15 14:28:06 +00:00
Asger F
fa34f8f414 JS: replace dataflow -> data flow 2019-02-15 14:28:06 +00:00
Asger F
701e662bc4 JS: rename more predicates for consistency 2019-02-15 14:28:06 +00:00
Asger F
23bd9e62f0 JS: Add ClosureNamespaceAccess 2019-02-15 14:28:06 +00:00
Asger F
939eab2c82 JS: refactor expressions to dataflow nodes 2019-02-15 14:28:06 +00:00
Asger F
8d78731ff0 JS: rename getNamespaceId to getClosureNamespace 2019-02-15 14:28:06 +00:00
Asger F
8c96f5f037 JS: tweak global flow for closure modules 2019-02-15 12:05:35 +00:00
semmle-qlci
26525fc1b5 Merge pull request #929 from asger-semmle/typescript-no-expansion 
Approved by xiemaisi
 2019-02-13 18:20:41 +00:00
semmle-qlci
92a6e7e04c Merge pull request #932 from asger-semmle/cookbook-prepare 
Approved by xiemaisi
 2019-02-13 18:20:09 +00:00
Asger F
dfe3f254de JS: generalize to include default imports 2019-02-13 18:03:57 +00:00
Asger F
d793427630 JS: treat +/- equally in suffix check query 2019-02-13 15:55:19 +00:00
Max Schaefer
5b2df068d3 Merge pull request #921 from asger-semmle/class-node-absval 
JS: use type inference to back up function-style classes
 2019-02-13 10:12:20 +00:00
semmle-qlci
c422ade739 Merge pull request #927 from xiemaisi/js/ambiguous-id-attr-templates 
Approved by esben-semmle
 2019-02-13 08:35:41 +00:00
Asger F
d532815efe JS: remove unused predicate 2019-02-12 17:34:21 +00:00
Asger F
be10f24de7 JS: make moduleImport() work for named imports 2019-02-12 17:22:06 +00:00
Max Schaefer
2fce626c3a JavaScript: Add Range.prototype.createContextualFragment as an XSS sink. 2019-02-12 16:32:30 +00:00
Max Schaefer
41eb1ff9d0 JavaScript: Drop precision of AmbiguousIdAttribute to 'high'. 2019-02-12 16:31:29 +00:00
Max Schaefer
25f95d9fb1 JavaScript: Be more conservative about templates in AmbiguousIdAttribute. 
Previously, we only excluded attributes where the value of the attribute itself suggests templating happening. Now we exclude all attributes in documents where _any_ attribute value suggests templating.
 2019-02-12 16:31:01 +00:00
Anders Schack-Mulligen
15a6044445 Javascript: Autoformat qlls 2019-02-12 14:41:31 +01:00
Asger F
3290c174c3 JS: Add DataFlow::Node.getAFunctionValue 2019-02-12 13:38:46 +00:00
Asger F
2fd1ee60a2 JS: add DataFlow::Node.getIntValue() 2019-02-12 13:38:46 +00:00
Asger F
0fd9d157f8 JS: add DataFlow::Node.getStringValue() 2019-02-12 13:38:45 +00:00
Anders Schack-Mulligen
1182fca665 Javascript: Autoformat qls 2019-02-12 14:38:42 +01:00
semmle-qlci
c133362660 Merge pull request #910 from xiemaisi/js/regexp-taint 
Approved by esben-semmle
 2019-02-12 13:15:16 +00:00
Asger F
0444fa307d TS: update test expectations 2019-02-12 12:33:09 +00:00
Asger F
7a813cfb84 TS: disable type expansion by default 2019-02-12 12:21:11 +00:00
semmle-qlci
ac3f413b87 Merge pull request #920 from xiemaisi/js/field-as-prop-write 
Approved by asger-semmle
 2019-02-12 10:48:13 +00:00
semmle-qlci
10b00254ec Merge pull request #915 from asger-semmle/closure-uri-methods 
Approved by xiemaisi
 2019-02-11 10:51:07 +00:00
Max Schaefer
10ef945b51 JavaScript: Restrict InstanceFieldAsPropWrite to fields with initializers. 2019-02-11 08:17:53 +00:00
semmle-qlci
986afa1b1b Merge pull request #909 from xiemaisi/js/improve-incomplete-sanitization-alerts 
Approved by esben-semmle
 2019-02-08 17:39:36 +00:00
semmle-qlci
232d81a4ed Merge pull request #908 from xiemaisi/js/enable-ms-queries 
Approved by esben-semmle
 2019-02-08 17:38:27 +00:00
Asger F
74a9c4b500 JS: use type inference to back up function-style classes 2019-02-08 16:42:24 +00:00
Asger F
f6e0ccfcf0 JS: model URI and XHR methods from closure library 2019-02-08 15:18:27 +00:00
Asger F
fd2e9f1fcb JS: shift line numbers in RequestForgery test 2019-02-08 15:13:33 +00:00
semmle-qlci
937049e060 Merge pull request #891 from xiemaisi/js/simplify-sensitive-actions 
Approved by esben-semmle
 2019-02-08 14:12:47 +00:00
semmle-qlci
7e298cfbbe Merge pull request #900 from esben-semmle/js/defuse-default 
Approved by xiemaisi
 2019-02-08 11:28:32 +00:00
semmle-qlci
a48594ad8e Merge pull request #906 from asger-semmle/q-library 
Approved by xiemaisi
 2019-02-08 11:12:50 +00:00
Asger F
bfe88e9784 JS: make Closure::moduleImport handle member access. 2019-02-08 10:51:07 +00:00
Max Schaefer
b314c546e1 JavaScript: Track taint through RegExp.prototype.replace. 2019-02-08 09:57:07 +00:00
Max Schaefer
25d06ad0cf JavaScript: Treat regexp replacements of HTML metacharacters as sanitizers for XSS queries. 2019-02-08 09:57:06 +00:00
Max Schaefer
18c23ecfd4 JavaScript: Introduce shared library for modelling XSS-relevant concepts. 
As its first application, this library makes it possible for `StoredXss` to reuse the `Source` classes of `DomBasedXss` and `ReflectedXss` without having to pull in their libraries (which contain their `Configuration` classes, causing `StoredXss` to recompute all flow information for the other two queries).
 2019-02-08 09:53:51 +00:00
Max Schaefer
3e26bc6446 JavaScript: Improve alert location and message for IncompleteSanitization. 
We now highlight the `replace` call (instead of the regular expression), and the alert message for the case of missing backslash escapes clarifies that it is talking about failure to escape backslashes in the input, not in the replacement text.
 2019-02-08 09:13:40 +00:00
Max Schaefer
aebc5bc6c3 JavaScript: Update qhelp example for CleartextStorage. 2019-02-08 08:43:22 +00:00
Max Schaefer
0be81dacdc JavaScript: Add classification of sensitive expressions. 
We now classify sensitive expressions into four categories (secret, id, password, certificate). This allows queries more fine-grained control over what kinds of sensitive data they want to deal with: for clear-text storage, for instance, user ids aren't so much of a problem.
 2019-02-08 08:43:22 +00:00
Max Schaefer
6389f32847 JavaScript: Update expected output for ExtractSinkSummaries query. 2019-02-08 08:43:22 +00:00