hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,347 Commits 1,671 Branches 157 Tags
idrissrio/java-implicit
Commit Graph

50 Commits

Author SHA1 Message Date
Asger F
69b361ae70 JS: Migrate a test to use flow state 2024-12-16 15:35:42 +01:00
Asger F
90f0e07e49 JS: Benign update after fixing PropertyName charpred 2024-06-27 11:56:22 +02:00
Asger F
2473274681 JS: Benign test output changes 2024-06-27 09:06:45 +02:00
Asger F
53efb5837b JS: Update some tests with provenance columns 
Only includes the changes that purely contain the new provenance columns
 2024-06-26 13:51:44 +02:00
Asger F
98c79e7674 JS: Update test output showing lack of global flow (geniune FN) 2023-10-13 13:15:08 +02:00
Asger F
b5ad36686e JS: Block flow into window.location 2023-10-13 13:15:08 +02:00
Asger F
458f0a077c JS: Port InterProceduralFlow test 
All the new results are benign
 2023-10-13 13:15:07 +02:00
Asger F
03bdebe3b3 JS: Update a test. 
The test had a bug on the line `src = src` so the new code is "more equivalent than usual"
 2023-07-11 15:24:09 +02:00
Erik Krogh Kristensen
7b1ef7473e change ArrayCreationStep to a PreCallGraphStep and unrestrict the storeStep 2022-08-22 08:15:54 +02:00
Asger Feldthaus
32c5bc4836 JS: Update test case output (new flow is correct) 2020-11-09 11:19:47 +00:00
Asger Feldthaus
acb30e73bc JS: More precise handling of default import fallback 2020-11-06 12:04:41 +00:00
Erik Krogh Kristensen
1096cb0708 aggregate the tests in library-tests/InterProceduralFlow into a single .ql file 2020-10-20 14:08:55 +02:00
Erik Krogh Kristensen
b3d5f9c4dd support throttle like calls as partial calls 2020-10-16 13:33:02 +02:00
Erik Krogh Kristensen
b09015380a add support for String.prototype.replaceAll 2020-09-21 10:50:04 +02:00
Erik Krogh Kristensen
cffe573d06 add taint-steps for underscore methods 2020-09-09 09:57:53 +02:00
Erik Krogh Kristensen
65a1769d43 Merge branch 'main' into asyncCalls 2020-08-21 14:58:27 +02:00
Erik Krogh Kristensen
8f68f512df deprecate TrackedNodes.qll 2020-08-20 11:26:22 +02:00
Erik Krogh Kristensen
30dc77e538 update expected output 2020-08-08 21:26:45 +02:00
Erik Krogh Kristensen
8f06e9651f update expected output 2020-08-07 17:40:58 +02:00
Erik Krogh Kristensen
b9a98f51ea update existing tests to work with FunctionReturnNode 2020-08-07 17:40:02 +02:00
Erik Krogh Kristensen
0edb46c20d improve precision for load/store steps with async functions 2020-08-07 17:39:59 +02:00
Erik Krogh Kristensen
26ef2f34da add precise return-flow for async functions 2020-08-07 17:33:26 +02:00
Erik Krogh Kristensen
0004c28fe8 introduce and use FunctionReturnNode 2020-08-07 17:32:25 +02:00
Asger Feldthaus
9581bb52cb JS: Update test output 2020-05-18 22:45:59 +01:00
Erik Krogh Kristensen
68ffd52d4c update expected output 2020-03-09 16:45:10 +01:00
Asger Feldthaus
a673539c98 JS: Update expected output 2020-02-21 13:51:23 +00:00
Erik Krogh Kristensen
5063e3820d update expected output 2020-01-22 11:18:47 +01:00
Erik Krogh Kristensen
ffbd0f6632 update expected test output 2020-01-20 09:56:40 +01:00
Erik Krogh Kristensen
c50de3a7e8 update expected output of tests 2020-01-10 17:49:24 +01:00
Erik Krogh Kristensen
ec5896abba add additional data-flow edges to data-flow related to promises 2020-01-10 14:12:53 +01:00
Max Schaefer
725059deea JavaScript: Remove --source-type module extractor options. 2019-11-06 13:01:59 +00:00
Anders Schack-Mulligen
ca45fb5a60 JavaScript: Autoformat. 2019-09-06 09:04:51 +02:00
Max Schaefer
91a718cfe5 JavaScript: Fix data flow out of reflective calls. 
We were previously missing a data-flow edge from reflected calls to the corresponding reflective call, that is, for `f.call(...)` we didn't have a flow edge from the implicit call to `f` to the result of `f.call(...)`.
 2019-07-04 08:29:04 +01:00
Max Schaefer
b5b89c0eac JavaScript: Track flow into method receivers. 2019-07-01 15:45:57 +01:00
Max Schaefer
b3e8103dce JavaScript: Track flow through property getter functions. 2019-06-28 08:51:27 +01:00
Max Schaefer
86e96c6dc3 JavaScript: Introduce is{Barrier,Sanitizer}Edge predicate. 
This name is more intuitive than the previous binary
`is{Barrier,Sanitizer}` predicates, and is consistent with the other
languages.
 2019-05-28 08:08:14 +01:00
Max Schaefer
7faa4fd938 JavaScript: Add test case exposing two bugs in data flow library. 
This test case exposes two bugs in our data flow library (fixed by the
two previous commits):

  - the charpreds of `SourcePathNode` and `SinkPathNode` only ensured
    that they were on a path from a source to a sink, not that they
    actually were the source/sink themselves;
  - function summarization would allow for non-level paths; in the
    test case, this meant that one of the summaries for `source`
    represented the path returning from `source` on line 13 and then
    flowing back into the call on line 15, in the process transforming
    the parity of the flow label and hence causing a spurious flow.
 2019-04-23 13:16:30 +01:00
Asger F
dfe3f254de JS: generalize to include default imports 2019-02-13 18:03:57 +00:00
Max Schaefer
b314c546e1 JavaScript: Track taint through RegExp.prototype.replace. 2019-02-08 09:57:07 +00:00
Asger F
9aaea40719 JS: address comments and support TrackedNode 2019-01-16 11:12:38 +00:00
semmle-qlci
8655e5ae17 Merge pull request #768 from xiemaisi/js/call-summaries 
Approved by asger-semmle
 2019-01-16 08:35:31 +00:00
Anders Schack-Mulligen
e58094c732 Javascript: Autoformat. 2019-01-11 11:02:42 +01:00
Max Schaefer
7d2d33840a JavaScript: Track flow through forwarding higher-order calls. 2019-01-11 09:15:58 +00:00
Max Schaefer
edc5117dfd JavaScript: Track flow into (simple) higher-order function calls. 
The only case we support for now are functions that invoke one of their arguments, passing another argument as input.
 2019-01-11 08:11:15 +00:00
Max Schaefer
c75d785684 JavaScript: Fix modelling of _.partial. 
Like `Function.prototype.bind` (but unlike `ramda.partial`) it takes the curried arguments as rest arguments, not as an array;
cf. https://lodash.com/docs/4.17.10#partial and https://underscorejs.org/#partial.
 2018-10-31 06:31:59 -04:00
Max Schaefer
5727b2a5f4 JavaScript: Properly handle value-preserving paths. 
When constructing a path through a property write/read pair, we want to make sure that we only use value-preserving steps to track the base object. However, the value flowing in from the right-hand side of the assignment may have a different flow label (such as `taint()`), so we cannot use the normal `append` predicate to construct the composite path.
 2018-10-03 15:49:02 +01:00
Max Schaefer
910d6de47d JavaScript: Add new tests. 2018-10-03 15:49:02 +01:00
Max Schaefer
f4ea8bc82a JavaScript: Introduce flow labels. 2018-10-03 15:49:02 +01:00
Max Schaefer
f3239cbec9 JavaScript: Respect barriers on return edges. 2018-10-03 15:49:01 +01:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00