hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,672 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

36 Commits

Author SHA1 Message Date
Asger Feldthaus
6e0322dc60 JS: Add DeepResourceExhaustion test 2021-03-02 13:56:43 +00:00
Asger Feldthaus
88e5348da9 JS: Move RemotePropertyInjection test into subfolder 2021-03-02 13:56:39 +00:00
Asger Feldthaus
0a7513fdfb JS: Move and rename test cases as well 2020-12-07 10:16:38 +00:00
Erik Krogh Kristensen
bffb12725b add test and change-note to prototype-polution 2020-05-05 13:49:11 +02:00
Asger Feldthaus
506ddaf3f4 JS: Add explanation for test failure 2020-03-18 11:55:13 +00:00
Asger Feldthaus
028022158d JS: Add variant of test that passes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
a7e337ab28 JS: Add some lines in test case 2020-03-18 11:55:13 +00:00
Asger Feldthaus
3e68072e38 JS: Accept test case change 2020-03-18 11:55:13 +00:00
Asger Feldthaus
52ebe49a0b JS: Flag deep assignments in prototype pollution query 2020-02-27 12:17:55 +00:00
Asger Feldthaus
f923b24bc5 JS: Fix test 2020-02-24 11:19:23 +00:00
Asger Feldthaus
d1df251b92 JS: Proto pollution: Add is-plain-object sanitizer 2020-02-21 14:38:33 +00:00
Asger Feldthaus
f84af74d1d JS: Handle more libraries 2020-02-06 14:59:52 +00:00
Asger Feldthaus
c559ab13e7 JS: Add test and handle parameter with source object 2020-02-06 14:59:52 +00:00
Asger Feldthaus
c185cededf JS: More pruning and more data flow 2020-02-04 15:06:42 +00:00
Asger F
2c05ee8ab8 JS: Add regression test 2020-01-14 10:53:00 +00:00
Asger F
9bd3c4a11c JS: Add sanitizer for "in" exprs 2020-01-14 10:53:00 +00:00
Asger Feldthaus
7ac30e2289 JS: Add test for rephinement nodes 2020-01-14 10:53:00 +00:00
Asger F
a447645c10 JS: Add test with typeof on value 2020-01-14 10:52:59 +00:00
Asger F
bd9405ab84 JS: Guard against more FPs 2020-01-14 10:52:59 +00:00
Asger F
f7543aec95 JS: Support Reflect.ownKeys 2020-01-14 10:52:59 +00:00
Asger F
8af233307a JS: Support enumeration through Object.entries 2020-01-14 10:52:59 +00:00
Asger F
96bf9db200 JS: Add another test and more barriers 2020-01-14 10:52:59 +00:00
Asger F
bc7871078a JS: Fix FPs from Object.create(null) 2020-01-14 10:52:59 +00:00
Asger F
c889420dd3 JS: Add qhelp samples to test suite 2020-01-14 10:52:59 +00:00
Asger F
654f145772 JS: Add PrototypePollutionUtility query 2020-01-14 10:52:59 +00:00
Max Schaefer
b42026a90a JavaScript: Update expected output. 2019-10-29 15:36:24 +00:00
Max Schaefer
dc1d1c2f22 JavaScript: Update expected output. 2019-10-29 15:30:06 +00:00
Asger F
5aa948cd17 JS: Add angular.merge sink to prototype pollution query 2019-09-04 16:14:51 +01:00
Esben Sparre Andreasen
eb13ab52cf JS: sharpen js/prototype-pollution with version analysis 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
1cea29d89f JS: improve prototype pollution tests 2019-05-27 22:32:32 +02:00
Asger F
aaf503837d JS: Move prototype pollution into real query 2019-05-13 15:20:25 +01:00
Asger F
48ca4ae0d8 JS: prototype pollution query template 2019-04-16 17:40:41 +01:00
Max Schaefer
f1c538a97b JavaScript: Restrict RemotePropertyInjection query to avoid double-reporting. 
This query now only flags user-controlled property and header writes, method calls are handled by the new unsafe/unvalidated method call queries.
 2018-11-28 08:16:31 +00:00
Asger F
8aff66616b JS: suppress similar alerts from RemotePropertyInjection 2018-11-20 15:57:18 +00:00
Max Schaefer
9221b62ded JavaScript: Update expectd test output for security path queries to include nodes and edges query predicates. 2018-11-14 09:32:31 +00:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00