hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,874 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.5
Commit Graph

11886 Commits

Author SHA1 Message Date
Asger F
3bc5e3bfdf JS: Replace some uses AnalyzedValueNode with AnalyzedNode 2018-10-09 08:53:41 +01:00
Tom Hvitved
ccebd5eb11 Merge remote-tracking branch 'upstream/master' into mergeback-2018-10-08 2018-10-08 16:23:29 +02:00
Tom Hvitved
546a91e192 Revert "JavaScript: Patch CFG to improve support for non-top level import declarations." 
This reverts commit f05e777e64.
 2018-10-08 16:20:40 +02:00
Max Schaefer
e354694173 Merge pull request #273 from asger-semmle/csrf-sources 
JS: add RemoteFlowSource.isThirdPartyControllable()
 2018-10-08 15:09:38 +01:00
Asger F
d2af4ab94a Merge pull request #227 from xiemaisi/js/taint-kinds 
JavaScript: Add support for state-based taint tracking.
 2018-10-08 15:09:12 +01:00
Esben Sparre Andreasen
70cd03d3bc JS: use DataFlow::ArrayCreationNode in additional places 2018-10-08 15:47:11 +02:00
Tom Hvitved
49644bfb47 Merge remote-tracking branch 'upstream/master' into mergeback-2018-10-08 2018-10-08 11:48:56 +02:00
Esben Sparre Andreasen
a668f906bc JS: recognize binding decorators on classes 2018-10-08 07:58:12 +02:00
semmle-qlci
98254e87e1 Merge pull request #132 from denislevin/denisl/js/HttpToFileAccessTest 
Approved by xiemaisi
 2018-10-04 14:06:46 +01:00
Asger F
8bc92bd534 TS: test case for type expansion through type parameter bound 2018-10-04 12:05:05 +01:00
Asger F
c2a5f99d9c JS: include referer header as reflected XSS source 2018-10-04 10:53:10 +01:00
Asger F
dc26bdc5e7 JS: Move isThirdPartyControllable into RequestInputAccess 2018-10-04 10:36:49 +01:00
semmle-qlci
bea86e52fb Merge pull request #275 from xiemaisi/js/workaround-for-nested-imports 
Approved by asger-semmle
 2018-10-04 08:25:52 +01:00
Max Schaefer
e326dd4688 JavaScript: Add TaintKind as an alias to FlowLabel. 2018-10-03 15:54:58 +01:00
Max Schaefer
86ee58d019 JavaScript: Address review comments. 2018-10-03 15:49:02 +01:00
Max Schaefer
a8a8754c89 JavaScript: Restrict default sink flow labels to StandardFlowLabel. 2018-10-03 15:49:02 +01:00
Max Schaefer
5727b2a5f4 JavaScript: Properly handle value-preserving paths. 
When constructing a path through a property write/read pair, we want to make sure that we only use value-preserving steps to track the base object. However, the value flowing in from the right-hand side of the assignment may have a different flow label (such as `taint()`), so we cannot use the normal `append` predicate to construct the composite path.
 2018-10-03 15:49:02 +01:00
Max Schaefer
910d6de47d JavaScript: Add new tests. 2018-10-03 15:49:02 +01:00
Max Schaefer
3affe922e3 JavaScript: Make PathSummary.toString more useful. 2018-10-03 15:49:02 +01:00
Max Schaefer
dad13c9b64 JavaScript: Simplify onPath predicate. 2018-10-03 15:49:02 +01:00
Max Schaefer
8d471f01ef JavaScript: Simplify a few helper predicates. 2018-10-03 15:49:02 +01:00
Max Schaefer
017ae4990d JavaScript: Use custom flow labels in ClientSideUrlRedirect. 2018-10-03 15:49:02 +01:00
Max Schaefer
f4ea8bc82a JavaScript: Introduce flow labels. 2018-10-03 15:49:02 +01:00
Max Schaefer
4e4ef520ab JavaScript: Rename a predicate in CommandInjection.qll. 2018-10-03 15:49:02 +01:00
Max Schaefer
f3239cbec9 JavaScript: Respect barriers on return edges. 2018-10-03 15:49:01 +01:00
Max Schaefer
cc1c7b11d6 Merge pull request #263 from asger-semmle/ts-tokens 
TypeScript: add tokenization test cases
 2018-10-03 15:38:58 +01:00
Max Schaefer
8b7bb8cecc JavaScript: Add test case for type inference in the presence of non-toplevel imports. 2018-10-03 13:08:31 +01:00
Max Schaefer
db32dc2bdf JavaScript: Generalise code that assumes imports only appear at the toplevel. 2018-10-03 13:08:31 +01:00
Max Schaefer
f05e777e64 JavaScript: Patch CFG to improve support for non-top level import declarations. 2018-10-03 13:08:31 +01:00
Asger F
271b2f3ce3 JS: add RemoteFlowSource.isThirdPartyControllable() 
Use it in ReflectedXSS and ServerSideURrlRedirect
 2018-10-03 10:09:02 +01:00
semmle-qlci
604ff232e2 Merge pull request #267 from xiemaisi/js/fix-deprecated-use 
Approved by asger-semmle
 2018-10-03 09:12:02 +01:00
semmle-qlci
e9adc63d91 Merge pull request #260 from xiemaisi/js/confusing-precedence 
Approved by esben-semmle, mc-semmle
 2018-10-03 09:07:18 +01:00
Max Schaefer
09aa04bf00 Merge pull request #268 from sjvs/fix-javascript-example 
JavaScript: fix two examples based on LGTM.com alerts
 2018-10-03 08:16:19 +01:00
Denis Levin
e147e690ee Merge branch 'master' into denisl/js/HttpToFileAccessTest 2018-10-02 15:13:35 -07:00
Max Schaefer
425d2bfba7 Merge pull request #266 from esben-semmle/js/improve-dead-store-of-local 
JS: support noop parentheses in js/useless-assignment-to-local
 2018-10-02 16:19:56 +01:00
Bas van Schaik
c4eb6f0056 fix JS example based on LGTM.com alerts 
1f7ef5b0d7/files/javascript/ql/src/Security/CWE-079/examples/StoredXssGood.js (x95b0280fcab9007a):1
1f7ef5b0d7/files/javascript/ql/src/Security/CWE-079/examples/StoredXss.js (xaef03a63aa3e02e4):1
 2018-10-02 14:47:52 +01:00
Max Schaefer
c7b4238408 JavaScript: Fix use of deprecated predicate. 2018-10-02 12:12:59 +01:00
Max Schaefer
18a74a2163 Merge pull request #255 from Semmle/js/typo-in-query-help 
JavaScript: Fix typo in query help.
 2018-10-02 11:33:03 +01:00
semmle-qlci
b35f450b01 Merge pull request #162 from asger-semmle/partial-calls 
Approved by esben-semmle, xiemaisi
 2018-10-02 11:24:02 +01:00
Asger F
057af7c865 TypeScript: add test case with mixed rescanned tokens 2018-10-02 10:42:33 +01:00
Max Schaefer
768368498f JavaScript: Introduce new query UnclearOperatorPrecedence. 2018-10-02 08:46:51 +01:00
Max Schaefer
a63b7fc215 JavaScript: Introduce new library predicate for computing whitespace around binary operators. 2018-10-02 08:46:11 +01:00
semmle-qlci
829a5cc451 Merge pull request #259 from asger-semmle/open-redirect-expr 
Approved by xiemaisi
 2018-10-02 08:32:48 +01:00
Max Schaefer
92afcd32f8 Merge pull request #241 from asger-semmle/host-header-forgery 
JS: Add HostHeaderPoisoningInEmailGeneration query
 2018-10-02 08:32:00 +01:00
Esben Sparre Andreasen
595fe217dd JS: support noop parentheses in js/useless-assignment-to-local 
The syntatic recognizer `isNullOrUndef` did not handle expressions
that were wrapped in parentheses.

This eliminates some results here:
https://lgtm.com/projects/g/vuejs/vue/alerts?mode=tree&ruleFocus=7900088
 2018-10-02 09:31:32 +02:00
Denis Levin
9c487bc6d9 Merge branch 'master' 2018-10-01 14:51:56 -07:00
Denis Levin
82d8b4e371 Adding the source link to the test case samples 2018-10-01 11:45:38 -07:00
Aditya Sharad
337defdf3d Merge master into next. 2018-10-01 17:39:27 +01:00
Arthur Baars
13ef492fc1 Merge pull request #258 from adityasharad/merge/1.18-master-011018 
Merge rc/1.18 into master.
 2018-10-01 18:36:16 +02:00
Asger F
d3a1df644c TypeScript: test case for tokens starting with ">" 2018-10-01 17:35:21 +01:00