6096 Commits

Author	SHA1	Message	Date
Erik Krogh Kristensen	12305aae42	extract regexp literals from string concatenations	2021-10-28 10:44:33 +02:00
Erik Krogh Kristensen	96b6f670d9	filter away paths that start with libary inputs and end with a fixed-property write	2021-10-27 21:01:11 +02:00
Erik Krogh Kristensen	78371894f4	update import after rebasing on main	2021-10-27 20:47:06 +02:00
Erik Krogh Kristensen	a9a9e34265	recognize delete expresssions as a sink for js/prototype-polluting-assignment	2021-10-27 20:37:42 +02:00
Erik Krogh Kristensen	1243c736dd	use ConcatenationNode::isCoercion	2021-10-27 20:37:42 +02:00
Erik Krogh Kristensen	2dedfb302a	remove paths without unmatched returns from js/prototype-polluting-assignment	2021-10-27 20:37:42 +02:00
Erik Krogh Kristensen	0c9c9bbde7	detect library input when the arguments object is converted to an array	2021-10-27 20:37:41 +02:00
Erik Krogh Kristensen	fa9e9dd847	split out predicates in ClassifyFiles to avoid unnecessary computations	2021-10-27 20:35:38 +02:00
Erik Krogh Kristensen	d1238dfd8b	update alert message to distinguish between library input and remote flow	2021-10-27 20:35:38 +02:00
Erik Krogh Kristensen	6e183af383	ignore test files for the `prototypeLessObject' predicate	2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen	e94b0f5913	recognize inclusion based sanitizers for js/prototype-polluting-assignment	2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen	2a808b2cd6	track taint through string coercions for js/prototype-polluting-assignment	2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen	2d65aa17db	recognize exported functions that use the arguments object	2021-10-27 20:35:37 +02:00
Erik Krogh Kristensen	78774233c7	add library input as source to js/prototype-polluting-assignment	2021-10-27 20:35:36 +02:00
Erik Krogh Kristensen	0372ccce02	simplify regexp ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2021-10-27 20:04:24 +02:00
Erik Krogh Kristensen	af64b319ee	update documentation strings ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2021-10-27 19:54:52 +02:00
Erik Krogh Kristensen	71cca6d644	Merge branch 'main' into ldap	2021-10-27 19:06:06 +02:00
Erik Krogh Kristensen	2e912ee28e	rename LDAP to Ldap	2021-10-27 19:05:56 +02:00
Erik Krogh Kristensen	c1ab49fe8a	rename LDapFilterStep to TaintPreservingLDapFilterStep	2021-10-27 19:05:00 +02:00
Erik Krogh Kristensen	44afa34e37	Merge branch 'main' of github.com:github/codeql into htmlReg	2021-10-26 14:46:27 +02:00
Anders Schack-Mulligen	90bebaa5a9	Merge pull request #6960 from erik-krogh/useSetLiteral ... use set literal instead of big disjunction of literals	2021-10-26 14:06:05 +02:00
Erik Krogh Kristensen	9c8a51bca6	cache SensitiveExpr	2021-10-26 13:47:28 +02:00
Erik Krogh Kristensen	038438edca	assume that setting the secure/httpOnly flag to some unknown value is good	2021-10-26 13:47:28 +02:00
Erik Krogh Kristensen	5228196f79	fix typos and update docs	2021-10-26 13:47:21 +02:00
Erik Krogh Kristensen	311df4d2b7	add test for the cookie npm package	2021-10-26 13:46:59 +02:00
Erik Krogh Kristensen	92d59aa11c	refactor most of the isSensitive predicates into a common helper predicate	2021-10-26 13:46:59 +02:00
Erik Krogh Kristensen	834d5ec6ad	add session{key,id} as sensitive info	2021-10-26 13:46:59 +02:00
Erik Krogh Kristensen	1e1e549847	update tests so it's clear which cookies are insecure	2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen	283b8231cb	add more cookie models	2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen	2cb3d2c53f	documentation overhaul on client-exposed-cookie (and restricting it to server-side)	2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen	ab23ffff3d	documentation overhaul for clear-text-cookie	2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen	f36accf3e6	only report clear-text cookies for sensitive cookies	2021-10-26 13:46:58 +02:00
Erik Krogh Kristensen	53b4337795	combine test files	2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen	9193984f1b	delete the experimental query library for cookie queries	2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen	6858acc6a9	port experimental cookie models to non-experimental	2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen	26a24a3895	prepare move to non-experimental	2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen	44db920f10	refactor, cleanup, and improvements in experimental cookie queries	2021-10-26 13:46:57 +02:00
Erik Krogh Kristensen	a3c55c2aec	use set literal instead of big disjunction of literals	2021-10-26 12:55:25 +02:00
Erik Krogh Kristensen	dbd1148bd6	apply range pattern patch to javascript	2021-10-25 19:38:00 +02:00
Henry Mercer	7e0e35f364	Rename ATM query pack for consistency with other packs	2021-10-25 17:32:25 +01:00
Henry Mercer	02b1fe27d2	Merge pull request #6907 from github/henrymercer/add-experimental-atm-libraries ... JS: [Internal only] Add experimental libraries and queries for adaptive threat modeling	2021-10-22 11:02:09 +01:00
Henry Mercer	548a344d34	JS: Implement suggestions from review ... Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>	2021-10-19 12:00:40 +01:00
Henry Mercer	4d7a8285ad	JS: Initial commit of Adaptive Threat Modeling	2021-10-18 17:24:24 +01:00
Geoffrey White	a0e501c3a9	Sync identical files.	2021-10-15 14:34:02 +01:00
Geoffrey White	8f30b8b586	Autoformat.	2021-10-14 16:00:23 +01:00
Geoffrey White	f08d2ee759	Merge branch 'main' into setliterals	2021-10-14 14:39:39 +01:00
Geoffrey White	b9cce57db4	JS: Fix mistake.	2021-10-14 14:22:43 +01:00
Geoffrey White	882adc8e50	JS: Set literals.	2021-10-14 14:22:42 +01:00
Anders Schack-Mulligen	8b6baa250c	Merge pull request #6878 from aschackmull/remove-singleton-setliteral ... C++/C#/Java/JavaScript/Python: Remove singleton set literals.	2021-10-14 14:53:05 +02:00
Mathias Vorreiter Pedersen	47a85bbb1d	Merge pull request #6869 from MathiasVP/fix-prefix/suffix-equality ... Java/JS/Python: Replace '.prefix'/'.suffix' with '.matches'	2021-10-14 13:47:03 +01:00