hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,907 Commits 1,672 Branches 157 Tags
codeql-cli-2.8.2
Commit Graph

83 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
5a3a1c480d JS: add tests for the fs-module and friends 2020-02-28 12:21:10 +01:00
Erik Krogh Kristensen
dc6bfad023 Merge remote-tracking branch 'upstream/master' into CVE481 2020-02-25 16:25:03 +01:00
Esben Sparre Andreasen
5baba62154 JS: model path-is-inside+is-path-inside for js/path-injection 2020-02-24 23:10:15 +01:00
Esben Sparre Andreasen
86b836cd29 JS: add tests for js/path-injection 2020-02-24 23:03:42 +01:00
Erik Krogh Kristensen
90e5671d98 Merge branch 'master' of git.semmle.com:Semmle/ql into CVE481 2020-02-21 15:25:07 +01:00
Erik Krogh Kristensen
03e295ef11 Merge branch 'master' of git.semmle.com:Semmle/ql into CVE74 2020-02-20 12:19:32 +01:00
Erik Krogh Kristensen
56e5bd50f6 update expected output 2020-02-17 14:55:08 +01:00
Erik Krogh Kristensen
2885d48ad0 changes based on review 2020-02-17 14:44:10 +01:00
Erik Krogh Kristensen
5375604109 calling pop or shift on a SplitPath returns a PosixPath 2020-02-17 13:15:46 +01:00
Erik Krogh Kristensen
46cbeb0bc6 add more steps to the SplitPath label 2020-02-17 12:58:27 +01:00
Erik Krogh Kristensen
a6d644bac0 add support for path.normalize(path.realtive(...)) 2020-02-14 13:10:35 +01:00
Erik Krogh Kristensen
94814fa721 fix typos in the test 2020-02-14 13:03:35 +01:00
Erik Krogh Kristensen
d765a33b8d add support for "../" prefixes in sanitizer 2020-02-14 12:36:54 +01:00
Erik Krogh Kristensen
3a146514ce add sanitizer for relative ".." in js/path-injection 2020-02-14 10:51:48 +01:00
Erik Krogh Kristensen
0f511c92b4 Merge remote-tracking branch 'upstream/master' into FalsySanitizer 2020-02-10 09:54:58 +01:00
Esben Sparre Andreasen
736ccb98c2 JS: model the send library for js/path-injection 2020-02-07 12:45:32 +01:00
Erik Krogh Kristensen
1f7dda7fbc add dataflow barrier for if(xrandr) 2020-02-06 12:55:44 +01:00
Erik Krogh Kristensen
d8a30c48a3 update expected output of TaintedPath tests 2020-02-06 09:47:15 +01:00
semmle-qlci
53763c789f Merge pull request #2741 from esbena/js/split-and-slice-for-tainted-path 
Approved by erik-krogh
 2020-02-05 10:53:39 +00:00
Esben Sparre Andreasen
bbd60f52ba JS: add additional flow steps to js/path-injection 2020-02-03 16:36:25 +01:00
Erik Krogh Kristensen
e6d46b9279 add test for new prefix check on TaintedPath 2020-01-31 12:35:03 +01:00
Esben Sparre Andreasen
cc768345d0 JS: add security tests for malicious torrents 2019-11-14 13:54:19 +01:00
Max Schaefer
b42026a90a JavaScript: Update expected output. 2019-10-29 15:36:24 +00:00
Max Schaefer
dc1d1c2f22 JavaScript: Update expected output. 2019-10-29 15:30:06 +00:00
Max Schaefer
6964945c74 JavaScript: Restrict edges to only contain nodes. 2019-10-29 15:03:52 +00:00
Asger F
5636d42c13 JS: Update test 2019-10-25 09:57:10 +01:00
Anders Schack-Mulligen
ca45fb5a60 JavaScript: Autoformat. 2019-09-06 09:04:51 +02:00
Asger F
9f1617a6a8 JS: Update TaintedPath.expected (4x paths) 2019-05-28 11:22:08 +01:00
Asger F
37fa2446d4 JS: review comments 2019-05-23 10:16:31 +01:00
Asger F
07d508d1bf JS: Track taint through .replace() 2019-05-23 09:23:48 +01:00
Asger F
1ec3475457 JS: All of TaintedPath 2019-05-23 09:23:47 +01:00
Asger F
50a77ea843 JS: update test expectations 2019-03-06 08:41:03 +00:00
Jason Reed
23d37c7167 JS: Unbreak TaintedPath 2019-02-28 15:45:26 -05:00