hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

6 Commits

Author SHA1 Message Date
Max Schaefer
91762ec274 JavaScript: Add partial model for opener. 
3.5M weekly downloads.

Note that we do not treat the first argument as a command-injection sink. While it is possible to inject commands that way, it is more likely to cause false positives where the user input is concatenated with some prefix that makes the opening heuristic decide to treat it as a URL.
 2020-07-27 11:42:32 +01:00
Max Schaefer
9aa26fa4bc JavaScript: Add model for foreground-child. 
>1M weekly downloads, so seems worth doing.
 2020-07-27 11:37:06 +01:00
Max Schaefer
2f842042ea JavaScript: Model another execa function relevant for command injection. 2020-07-27 11:34:04 +01:00
Max Schaefer
6797fec1a3 JavaScript: Add more models of packages that execute commands over SSH. 2020-05-18 12:08:14 +01:00
Esben Sparre Andreasen
299d4c6e93 JS: add additional SystemCommandExecutors 2019-06-11 09:38:10 +02:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00