5849 Commits

Author	SHA1	Message	Date
Erik Krogh Kristensen	2680afcdc9	deduplicate some implementation in storeStep and loadStep	2020-08-07 19:16:28 +02:00
Erik Krogh Kristensen	aab2e6f803	update name of test file	2020-08-07 18:20:22 +02:00
Erik Krogh Kristensen	54fd7d97c0	share implementation instead of copy-pasting	2020-08-07 18:00:10 +02:00
Erik Krogh Kristensen	94cf3a8ddb	correct copy-paste note after refactorings	2020-08-07 17:48:55 +02:00
Erik Krogh Kristensen	8f06e9651f	update expected output	2020-08-07 17:40:58 +02:00
Erik Krogh Kristensen	b9a98f51ea	update existing tests to work with FunctionReturnNode	2020-08-07 17:40:02 +02:00
Erik Krogh Kristensen	0edb46c20d	improve precision for load/store steps with async functions	2020-08-07 17:39:59 +02:00
Erik Krogh Kristensen	26ef2f34da	add precise return-flow for async functions	2020-08-07 17:33:26 +02:00
Erik Krogh Kristensen	cc94c5ec60	remove imprecise return-flow from async functions	2020-08-07 17:33:24 +02:00
Erik Krogh Kristensen	0004c28fe8	introduce and use FunctionReturnNode	2020-08-07 17:32:25 +02:00
Asger Feldthaus	64f58b74f6	JS: Fix extractor crash when some parameters have no type annotation	2020-08-07 11:56:54 +01:00
Erik Krogh Kristensen	f1dc36244c	update tests and queries that used getId()	2020-08-05 14:32:09 +00:00
Erik Krogh Kristensen	cc5ef4d5e1	rename JsonSerializeCall to JsonStringifyCall	2020-08-05 13:22:41 +02:00
Erik Krogh Kristensen	f70cb2e7b3	add test for new JSON serializers	2020-08-05 12:14:56 +02:00
Erik Krogh Kristensen	5a3f67a682	introduce model for JSON.stringify and similar libraries	2020-08-05 12:14:51 +02:00
Erik Krogh Kristensen	67c4320287	make JumpStmt non abstract	2020-08-05 10:03:46 +02:00
Erik Krogh Kristensen	016bdc1614	make ControlStmt non abstract	2020-08-05 09:59:30 +02:00
Erik Krogh Kristensen	5727e6f9f8	make CompoundAssignExpr non-abstract	2020-08-04 16:17:08 +02:00
Erik Krogh Kristensen	cf3f275aa1	make DestructuringPattern non-abstract	2020-08-04 16:02:32 +02:00
Erik Krogh Kristensen	0867c5567e	rename getId() to getIdentifier()	2020-08-04 13:22:19 +02:00
Erik Krogh Kristensen	eccfade928	rewrite parts of the DeadStoreOfProperty query	2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen	e629e6bbb0	changes based on review	2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen	8131618382	revert making rankedAccessPath private	2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen	97aa3cc8a3	rewrite DeadStoreOfProperty to improve worst-case complexity	2020-08-04 10:25:05 +02:00
Erik Krogh Kristensen	dbeef312ca	add some TypeScript tests to DeadStoreOfProperty	2020-08-04 10:25:05 +02:00
CodeQL CI	8855ab8c8c	Merge pull request #3835 from Raz0r/js/xss-protocol-sinks ... Approved by erik-krogh	2020-08-03 15:40:05 +01:00
CodeQL CI	a4f8b19ae4	Merge pull request #3876 from erik-krogh/CWE078-Correctness ... Approved by esbena	2020-08-03 15:38:51 +01:00
CodeQL CI	c8e5db189a	Merge pull request #3913 from erik-krogh/topmost ... Approved by asgerf	2020-08-03 13:18:22 +01:00
Erik Krogh Kristensen	f5cc14f980	fix typo	2020-08-03 13:49:21 +02:00
CodeQL CI	0bbdc70cdb	Merge pull request #3864 from erik-krogh/exprString ... Approved by asgerf, esbena	2020-08-03 09:25:17 +01:00
Arthur Baars	7e72ef350e	Merge pull request #3975 from aibaars/lgtm-suites ... CodeQL: complete LGTM suites	2020-07-30 18:39:01 +02:00
Arthur Baars	5bad003c0c	Add qlpack.yml files for example queries	2020-07-29 16:57:04 +02:00
Arthur Baars	c4041e55ba	CodeQL: complete LGTM suites	2020-07-28 20:40:44 +02:00
Max Schaefer	91762ec274	JavaScript: Add partial model for opener. ... 3.5M weekly downloads. Note that we do not treat the first argument as a command-injection sink. While it is possible to inject commands that way, it is more likely to cause false positives where the user input is concatenated with some prefix that makes the opening heuristic decide to treat it as a URL.	2020-07-27 11:42:32 +01:00
Max Schaefer	9aa26fa4bc	JavaScript: Add model for foreground-child. ... >1M weekly downloads, so seems worth doing.	2020-07-27 11:37:06 +01:00
Max Schaefer	2f842042ea	JavaScript: Model another execa function relevant for command injection.	2020-07-27 11:34:04 +01:00
ubuntu	8dee3da4fe	Update .qhelp	2020-07-26 23:50:22 +02:00
ubuntu	ac7c511d86	Update .qhelp	2020-07-26 23:47:53 +02:00
ubuntu	2cec8f7e9d	Update .qhelp	2020-07-26 23:23:56 +02:00
ubuntu	c469f71957	Add Codeql query to detect if cookies are sent without the flag being set	2020-07-26 22:56:36 +02:00
semmle-qlci	e167b87150	Merge pull request #3932 from max-schaefer/portals-additions ... Approved by esbena	2020-07-09 11:43:45 +01:00
Max Schaefer	7a1410e0d5	JavaScript: Update and expand tests.	2020-07-09 09:25:52 +01:00
Max Schaefer	1c47260bde	JavaScript: Add support for global variables to portals.	2020-07-09 09:12:56 +01:00
Max Schaefer	c40ef0556a	JavaScript: Broaden scope of imports considered relevant to portals. ... Previously, we only considered an import relevant to portals if the path it imported was declared as a dependency. This falls down for deep imports where a specific module inside the package is imported rather than the default entry point, for imports of built-in modules like `fs`, and in cases where a developer simply forgets to declare a dependency. So instead we now consider all imports relevant whose path does not start with a dot or a slash.	2020-07-09 09:09:44 +01:00
Max Schaefer	8b4b5781e6	JavaScript: Add utility predicate getBasePortal(i). ... This iterates the existing `getBasePortal()` predicate `i` times.	2020-07-09 09:08:18 +01:00
Erik Krogh Kristensen	022cafebd3	make sure the consisntecy-checking library does not mix configurations	2020-07-08 10:28:41 +02:00
Erik Krogh Kristensen	ec38df69b3	update consistency comments for CWE-918	2020-07-08 10:24:55 +02:00
Erik Krogh Kristensen	c5285f7418	update inconsistency comment for CWE-843	2020-07-08 10:16:43 +02:00
Erik Krogh Kristensen	45b6906a0d	move comments to match alert location for CWE-834	2020-07-08 10:16:04 +02:00
Erik Krogh Kristensen	71a3d49d2b	update comments to match alert location for CWE-807	2020-07-08 10:15:26 +02:00