hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,907 Commits 1,672 Branches 157 Tags
codeql-cli-2.8.2
Commit Graph

1176 Commits

Author SHA1 Message Date
Jason Reed
c5e57dacf8 JS: Actually use fileName in examples 2019-02-28 15:46:14 -05:00
Jason Reed
b0636dd410 JS: Better local flow through .pipe chaining 2019-02-28 15:45:33 -05:00
Jason Reed
23d37c7167 JS: Unbreak TaintedPath 2019-02-28 15:45:26 -05:00
Jason Reed
baa4f08259 JS: Add new query for ZipSlip (CWE-022) 2019-02-28 15:45:08 -05:00
Max Schaefer
2ecabad553 Merge pull request #1004 from asger-semmle/suffix-check-bug 
JS: Recognize '+' in suffix check
 2019-02-28 14:23:26 +00:00
Asger F
8e8085ea1f JS: add test 2019-02-28 10:09:36 +00:00
semmle-qlci
6602b4dbda Merge pull request #992 from xiemaisi/js/socket.io 
Approved by asger-semmle
 2019-02-27 18:43:40 +00:00
Max Schaefer
739705865b JavaScript: Add basic model of socket.io. 2019-02-26 15:53:29 +00:00
Esben Sparre Andreasen
4ce7ec1661 JS: add XSS vector for Vue's v-html 2019-02-25 12:17:56 +01:00
Esben Sparre Andreasen
305a249280 JS: add taint steps for fs.realpath and fs.realpathSync 2019-02-21 09:48:35 +01:00
Max Schaefer
2fce626c3a JavaScript: Add Range.prototype.createContextualFragment as an XSS sink. 2019-02-12 16:32:30 +00:00
semmle-qlci
c133362660 Merge pull request #910 from xiemaisi/js/regexp-taint 
Approved by esben-semmle
 2019-02-12 13:15:16 +00:00
semmle-qlci
10b00254ec Merge pull request #915 from asger-semmle/closure-uri-methods 
Approved by xiemaisi
 2019-02-11 10:51:07 +00:00
semmle-qlci
986afa1b1b Merge pull request #909 from xiemaisi/js/improve-incomplete-sanitization-alerts 
Approved by esben-semmle
 2019-02-08 17:39:36 +00:00
Asger F
f6e0ccfcf0 JS: model URI and XHR methods from closure library 2019-02-08 15:18:27 +00:00
Asger F
fd2e9f1fcb JS: shift line numbers in RequestForgery test 2019-02-08 15:13:33 +00:00
semmle-qlci
937049e060 Merge pull request #891 from xiemaisi/js/simplify-sensitive-actions 
Approved by esben-semmle
 2019-02-08 14:12:47 +00:00
Max Schaefer
25d06ad0cf JavaScript: Treat regexp replacements of HTML metacharacters as sanitizers for XSS queries. 2019-02-08 09:57:06 +00:00
Max Schaefer
18c23ecfd4 JavaScript: Introduce shared library for modelling XSS-relevant concepts. 
As its first application, this library makes it possible for `StoredXss` to reuse the `Source` classes of `DomBasedXss` and `ReflectedXss` without having to pull in their libraries (which contain their `Configuration` classes, causing `StoredXss` to recompute all flow information for the other two queries).
 2019-02-08 09:53:51 +00:00
Max Schaefer
3e26bc6446 JavaScript: Improve alert location and message for IncompleteSanitization. 
We now highlight the `replace` call (instead of the regular expression), and the alert message for the case of missing backslash escapes clarifies that it is talking about failure to escape backslashes in the input, not in the replacement text.
 2019-02-08 09:13:40 +00:00
Max Schaefer
aebc5bc6c3 JavaScript: Update qhelp example for CleartextStorage. 2019-02-08 08:43:22 +00:00
Max Schaefer
6389f32847 JavaScript: Update expected output for ExtractSinkSummaries query. 2019-02-08 08:43:22 +00:00
semmle-qlci
b4b37b3a7b Merge pull request #880 from esben-semmle/js/better-alert-message-1 
Approved by xiemaisi
 2019-02-07 08:01:21 +00:00
semmle-qlci
a2691b32b5 Merge pull request #851 from xiemaisi/js/post-message-star 
Approved by esben-semmle
 2019-02-06 09:57:04 +00:00
Esben Sparre Andreasen
b72441f9c2 JS: use StringOps:: in js/incomplete-url-substring-sanitization 2019-02-05 15:17:55 +01:00
Max Schaefer
b87abc9602 JavaScript: Extend suspiciousCredentials predicate to recognise authKey and similar. 2019-01-31 09:03:23 +00:00
Max Schaefer
87e62f0bd5 JavaScript: Teach PostMessageStar to reason about partially tainted objects. 2019-01-31 08:59:47 +00:00
Max Schaefer
aeb8cc62b2 JavaScript: Reclassify PostMessageStar as CWE-201. 2019-01-31 08:08:52 +00:00
Esben Sparre Andreasen
cfc53ade69 JS: add more tests for js/incomplete-url-substring-sanitization 2019-01-30 12:57:03 +01:00
Max Schaefer
769e407c24 JavaScript: Add new query PostMessageStar. 2019-01-30 10:26:43 +00:00
Asger F
3245142203 JS: Dont flag empty string as hardcoded username 2019-01-28 13:01:52 +00:00
semmle-qlci
5bc17923b1 Merge pull request #665 from asger-semmle/js-property-concat-sanitizer 
Approved by esben-semmle, xiemaisi
 2019-01-16 08:44:55 +00:00
semmle-qlci
8655e5ae17 Merge pull request #768 from xiemaisi/js/call-summaries 
Approved by asger-semmle
 2019-01-16 08:35:31 +00:00
Asger F
f4c89601ff JS: fix typo 2019-01-14 15:34:01 +00:00
Asger F
ad6add383c JS: improve concatenation-sanitizer for property injection 2019-01-14 15:34:01 +00:00
semmle-qlci
04c15028ab Merge pull request #750 from aschackmull/javascript/autoformat 
Approved by xiemaisi
 2019-01-11 16:35:38 +00:00
semmle-qlci
b0dd3dfeb1 Merge pull request #502 from xiemaisi/js/summaries 
Approved by asger-semmle
 2019-01-11 10:27:03 +00:00
Max Schaefer
f9d704bdcf JavaScript: Add example of indirect command injection. 2019-01-11 10:24:41 +00:00
Anders Schack-Mulligen
e58094c732 Javascript: Autoformat. 2019-01-11 11:02:42 +01:00
Max Schaefer
583734a4e2 JavaScript: Fix semantic merge conflict. 
https://github.com/Semmle/ql/pull/698 removed `document.cookie` as a remote flow source, which some of the tests relied on. We now use `location.search` instead.
 2019-01-09 16:09:06 +00:00
Max Schaefer
97e6c75b94 JavaScript: Remove a few other deprecated predicates and classes. 2019-01-09 09:23:59 +00:00
Max Schaefer
8f1c5db8be JavaScript: Change encoding of member and parameter portals for readability. 2019-01-09 09:10:45 +00:00
Max Schaefer
132570940a JavaScript: Add support for annotation comments specifying additional sources and sinks. 2019-01-09 09:09:58 +00:00
Max Schaefer
f4fed3657d JavaScript: Add flow summary extraction queries. 2019-01-09 09:09:58 +00:00
Max Schaefer
b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
Esben Sparre Andreasen
c57f8a6d6e Merge pull request #691 from asger-semmle/sendfile-root 
JS: Recognize 'root' option in Express res.sendFile
 2018-12-19 16:06:15 +01:00
semmle-qlci
495a1fcf3b Merge pull request #698 from asger-semmle/remove-cookie-as-source 
Approved by esben-semmle
 2018-12-19 15:05:44 +00:00
semmle-qlci
b11b714152 Merge pull request #696 from esben-semmle/js/host-request-forgery 
Approved by asger-semmle
 2018-12-19 15:04:08 +00:00
Asger F
ce18aca62b JS: update expected output 2018-12-19 11:30:46 +00:00
Asger F
0e40717358 JS: recognize res.sendfile root option 2018-12-19 10:25:15 +00:00