hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

3047 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
b6dc94fccb add fetch.Headers.Authorization as a CredentialsExpr 2020-06-02 23:02:16 +02:00
Asger Feldthaus
8a38633639 JS: Handle exec() == undefined 2020-06-02 16:52:07 +01:00
Asger Feldthaus
945db4d86c JS: Fix test output 2020-06-02 16:38:21 +01:00
Esben Sparre Andreasen
f9ed64fc45 Merge branch 'master' into js/membershiptest 2020-06-02 08:54:44 +02:00
Asger Feldthaus
707b0f33a0 JS: Use in ContainsHTMLGuard 2020-06-01 12:06:40 +01:00
Asger Feldthaus
fa1a6eefa7 JS: Add StringOps::RegExpTest 2020-06-01 11:43:50 +01:00
Erik Krogh Kristensen
5bb308dc8f sanitize variables used in an HTML escaping switch-case 2020-05-28 12:37:41 +02:00
Erik Krogh Kristensen
1a2db10a90 recognize barrier guard where the result is stored in a variable 2020-05-28 10:24:42 +02:00
Erik Krogh Kristensen
562a38cdd5 add ContainsHTMLGuard 2020-05-28 10:24:42 +02:00
Erik Krogh Kristensen
33da82d884 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566 2020-05-27 12:21:14 +00:00
Erik Krogh Kristensen
d05a61c745 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566 2020-05-27 12:12:08 +00:00
Erik Krogh Kristensen
319363f56c update expected output 2020-05-26 18:47:37 +02:00
Erik Krogh Kristensen
124c4cb15e Merge branch 'master' of github.com:github/codeql into OptionalSanitizer 2020-05-26 13:59:57 +02:00
semmle-qlci
be5b343a0c Merge pull request #3564 from max-schaefer/js/reflective-argument-access 
Approved by asgerf
 2020-05-26 12:09:13 +01:00
Erik Krogh Kristensen
ad40c4b0f2 add a sanitizer guard for safe attribute string concatenations 2020-05-26 12:36:47 +02:00
semmle-qlci
4b0354c4bc Merge pull request #3555 from max-schaefer/js/require-flow 
Approved by asgerf
 2020-05-26 10:54:21 +01:00
Max Schaefer
7ddf5ced23 JavaScript: Update expected output for unrelated tests. 2020-05-26 10:49:30 +01:00
semmle-qlci
4b56229ca0 Merge pull request #3527 from esbena/js/fastify 
Approved by asgerf
 2020-05-26 10:44:59 +01:00
semmle-qlci
df205b617e Merge pull request #3539 from asger-semmle/js/capture-level-flow 
Approved by erik-krogh
 2020-05-26 10:42:14 +01:00
Max Schaefer
9d3a9d71f1 JavaScript: Add basic support for reasoning about reflective parameter accesses. 
Currently, only `arguments[c]` for a constant value `c` is supported.

This allows us to detect the prototype-pollution vulnerabilities in (old versions of) `extend`, `jquery`, and `node.extend`.
 2020-05-26 09:59:29 +01:00
Max Schaefer
a39e8b4802 JavaScript: Add test for FlowSteps::argumentPassing predicate. 2020-05-26 09:51:06 +01:00
Erik Krogh Kristensen
9254df1f78 sanitize optionally sanitized values 2020-05-26 00:09:11 +02:00
Max Schaefer
573fdaa424 JavaScript: Track require through local data flow. 2020-05-24 20:00:10 +01:00
semmle-qlci
b9ecf1a304 Merge pull request #3447 from erik-krogh/LibCmdInjection 
Approved by asgerf, mchammer01
 2020-05-22 17:10:57 +01:00
Esben Sparre Andreasen
e172d55ecb Update javascript/ql/test/query-tests/Security/CWE-020/IncompleteUrlSchemeCheck.js 
Co-authored-by: Asger F <asgerf@github.com>
 2020-05-22 13:33:34 +02:00
Asger Feldthaus
75be3b7ecb JS: Add test case for missed captured flow 2020-05-21 16:14:13 +01:00
Esben Sparre Andreasen
b31f83a5af JS: fixup expected output 2020-05-21 13:47:16 +02:00
Esben Sparre Andreasen
c400b45cd6 JS: make the Fastify model support isUserControlledObject 2020-05-21 13:42:28 +02:00
Esben Sparre Andreasen
a76c70d2d7 JS: model fastify 2020-05-21 13:42:27 +02:00
semmle-qlci
8df7b7c42a Merge pull request #3525 from erik-krogh/ZipTaint 
Approved by asgerf
 2020-05-20 16:45:02 +01:00
semmle-qlci
c15d22d9f8 Merge pull request #3516 from asger-semmle/js/typescript-3.9.2 
Approved by erik-krogh
 2020-05-20 11:31:57 +01:00
semmle-qlci
2bbc1c2af0 Merge pull request #3478 from erik-krogh/PromiseAll 
Approved by asgerf, esbena
 2020-05-20 11:03:05 +01:00
semmle-qlci
29b8a0db92 Merge pull request #3508 from asger-semmle/js/shared-data-flow-node 
Approved by esbena
 2020-05-20 10:58:09 +01:00
Erik Krogh Kristensen
7c51dff0f7 share implementation between TaintedPath and ZipSlip 2020-05-20 10:10:04 +02:00
Erik Krogh Kristensen
5b569a4d6d add a sanitizer for chained replace-calls 2020-05-19 19:16:58 +02:00
Asger Feldthaus
b39e0ec091 JS: Update output due to whitelisting change 2020-05-19 15:30:36 +01:00
Erik Krogh Kristensen
b71919299b Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2020-05-19 14:03:03 +02:00
Esben Sparre Andreasen
76bce40a8b JS: test fixups 2020-05-19 13:12:34 +02:00
Asger Feldthaus
525b9871e0 JS: Update benign test output changes 2020-05-19 11:07:08 +01:00
Erik Krogh Kristensen
0275ea955b update expected output 2020-05-19 10:29:07 +02:00
Erik Krogh Kristensen
a4450c36f6 autoformat 2020-05-19 10:26:36 +02:00
Erik Krogh Kristensen
5a5192b890 add testing for complex path sanitizer in ZipSlip 2020-05-19 10:17:15 +02:00
semmle-qlci
0c081a8e87 Merge pull request #3497 from esbena/js/yield-and-local-objects 
Approved by asgerf, erik-krogh
 2020-05-19 09:02:22 +01:00
Asger Feldthaus
7d9923038e JS: Fix perf issue from overriding isIncomplete 2020-05-18 22:45:59 +01:00
Asger Feldthaus
9581bb52cb JS: Update test output 2020-05-18 22:45:59 +01:00
Asger Feldthaus
430bf2da8a JS: Fix whitelisting in UselessConditional 2020-05-18 22:45:56 +01:00
Asger Feldthaus
eddbdffe62 JS: Add more tests for implicit returns 2020-05-18 22:29:33 +01:00
Asger Feldthaus
c869812563 JS: Add UselessConditional test 2020-05-18 22:29:32 +01:00
Erik Krogh Kristensen
aa396a39d3 Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3478 2020-05-18 20:57:51 +00:00
Erik Krogh Kristensen
fc7e9eb8c8 add test for non-tracked aliasing 2020-05-18 22:40:41 +02:00