codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00

Author	SHA1	Message	Date
Max Schaefer	9549b01e3c	JavaScript: Turn on experimental language features for two tests. All other tests already pass with experimental features turned on, so once this is merged we can do so by default.	2020-06-04 11:27:31 +01:00
Erik Krogh Kristensen	60320a9d78	update TaintedPath to use new consistency checking	2020-06-04 11:00:40 +02:00
Erik Krogh Kristensen	68ca8e23c0	introduce consistency-checking utility predicates	2020-06-04 11:00:01 +02:00
Erik Krogh Kristensen	c7c46ea3d6	update test comments to be consistent	2020-06-04 10:55:09 +02:00
Erik Krogh Kristensen	550c578c3c	use MemberShipTest in TaintedPath	2020-06-04 10:51:08 +02:00
Erik Krogh Kristensen	d513e6c5b5	update comments in TaintedPath tests	2020-06-04 10:40:14 +02:00
semmle-qlci	70131e6ac8	Merge pull request #3598 from asger-semmle/js/regexp-test Approved by esbena	2020-06-04 09:05:21 +01:00
Erik Krogh Kristensen	a90c8769ee	update expected output	2020-06-03 15:24:04 +02:00
Erik Krogh Kristensen	a1940979ba	support credentials in a Buffer	2020-06-03 12:02:00 +02:00
Erik Krogh Kristensen	ba44ebe8a8	better support for browser based fetch API	2020-06-03 11:51:24 +02:00
Erik Krogh Kristensen	3622fb8716	support more variants of the Headers API	2020-06-03 11:50:10 +02:00
Esben Sparre Andreasen	afee864295	JS: make use of the colletions type tracking steps	2020-06-03 08:19:34 +02:00
Esben Sparre Andreasen	36b7574ac1	JS: add additional route handler registration tests	2020-06-03 08:18:11 +02:00
Esben Sparre Andreasen	117f009d17	JS: use HTTP::RouteHandlerCandidateContainer in Express	2020-06-03 08:18:11 +02:00
Esben Sparre Andreasen	606f8274c7	JS: add tests for various route handler registration patterns	2020-06-03 08:16:58 +02:00
Erik Krogh Kristensen	3c802007a3	add support for string concatenations and base64-encoding of hardcoded credentials	2020-06-02 23:15:13 +02:00
Erik Krogh Kristensen	b6dc94fccb	add fetch.Headers.Authorization as a CredentialsExpr	2020-06-02 23:02:16 +02:00
Asger Feldthaus	8a38633639	JS: Handle exec() == undefined	2020-06-02 16:52:07 +01:00
Asger Feldthaus	945db4d86c	JS: Fix test output	2020-06-02 16:38:21 +01:00
Esben Sparre Andreasen	f9ed64fc45	Merge branch 'master' into js/membershiptest	2020-06-02 08:54:44 +02:00
Asger Feldthaus	707b0f33a0	JS: Use in ContainsHTMLGuard	2020-06-01 12:06:40 +01:00
Asger Feldthaus	fa1a6eefa7	JS: Add StringOps::RegExpTest	2020-06-01 11:43:50 +01:00
Erik Krogh Kristensen	5bb308dc8f	sanitize variables used in an HTML escaping switch-case	2020-05-28 12:37:41 +02:00
Erik Krogh Kristensen	1a2db10a90	recognize barrier guard where the result is stored in a variable	2020-05-28 10:24:42 +02:00
Erik Krogh Kristensen	562a38cdd5	add ContainsHTMLGuard	2020-05-28 10:24:42 +02:00
Erik Krogh Kristensen	33da82d884	Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566	2020-05-27 12:21:14 +00:00
Erik Krogh Kristensen	d05a61c745	Merge branch 'master' of https://github.com/github/codeql into pr/erik-krogh/3566	2020-05-27 12:12:08 +00:00
Erik Krogh Kristensen	319363f56c	update expected output	2020-05-26 18:47:37 +02:00
Erik Krogh Kristensen	124c4cb15e	Merge branch 'master' of github.com:github/codeql into OptionalSanitizer	2020-05-26 13:59:57 +02:00
semmle-qlci	be5b343a0c	Merge pull request #3564 from max-schaefer/js/reflective-argument-access Approved by asgerf	2020-05-26 12:09:13 +01:00
Erik Krogh Kristensen	ad40c4b0f2	add a sanitizer guard for safe attribute string concatenations	2020-05-26 12:36:47 +02:00
semmle-qlci	4b0354c4bc	Merge pull request #3555 from max-schaefer/js/require-flow Approved by asgerf	2020-05-26 10:54:21 +01:00
Max Schaefer	7ddf5ced23	JavaScript: Update expected output for unrelated tests.	2020-05-26 10:49:30 +01:00
semmle-qlci	4b56229ca0	Merge pull request #3527 from esbena/js/fastify Approved by asgerf	2020-05-26 10:44:59 +01:00
semmle-qlci	df205b617e	Merge pull request #3539 from asger-semmle/js/capture-level-flow Approved by erik-krogh	2020-05-26 10:42:14 +01:00
Max Schaefer	9d3a9d71f1	JavaScript: Add basic support for reasoning about reflective parameter accesses. Currently, only `arguments[c]` for a constant value `c` is supported. This allows us to detect the prototype-pollution vulnerabilities in (old versions of) `extend`, `jquery`, and `node.extend`.	2020-05-26 09:59:29 +01:00
Max Schaefer	a39e8b4802	JavaScript: Add test for `FlowSteps::argumentPassing` predicate.	2020-05-26 09:51:06 +01:00
Erik Krogh Kristensen	9254df1f78	sanitize optionally sanitized values	2020-05-26 00:09:11 +02:00
Max Schaefer	573fdaa424	JavaScript: Track `require` through local data flow.	2020-05-24 20:00:10 +01:00
semmle-qlci	b9ecf1a304	Merge pull request #3447 from erik-krogh/LibCmdInjection Approved by asgerf, mchammer01	2020-05-22 17:10:57 +01:00
Esben Sparre Andreasen	e172d55ecb	Update javascript/ql/test/query-tests/Security/CWE-020/IncompleteUrlSchemeCheck.js Co-authored-by: Asger F <asgerf@github.com>	2020-05-22 13:33:34 +02:00
Asger Feldthaus	75be3b7ecb	JS: Add test case for missed captured flow	2020-05-21 16:14:13 +01:00
Esben Sparre Andreasen	b31f83a5af	JS: fixup expected output	2020-05-21 13:47:16 +02:00
Esben Sparre Andreasen	c400b45cd6	JS: make the Fastify model support `isUserControlledObject`	2020-05-21 13:42:28 +02:00
Esben Sparre Andreasen	a76c70d2d7	JS: model fastify	2020-05-21 13:42:27 +02:00
semmle-qlci	8df7b7c42a	Merge pull request #3525 from erik-krogh/ZipTaint Approved by asgerf	2020-05-20 16:45:02 +01:00
semmle-qlci	c15d22d9f8	Merge pull request #3516 from asger-semmle/js/typescript-3.9.2 Approved by erik-krogh	2020-05-20 11:31:57 +01:00
semmle-qlci	2bbc1c2af0	Merge pull request #3478 from erik-krogh/PromiseAll Approved by asgerf, esbena	2020-05-20 11:03:05 +01:00
semmle-qlci	29b8a0db92	Merge pull request #3508 from asger-semmle/js/shared-data-flow-node Approved by esbena	2020-05-20 10:58:09 +01:00
Erik Krogh Kristensen	7c51dff0f7	share implementation between TaintedPath and ZipSlip	2020-05-20 10:10:04 +02:00

... 8 9 10 11 12 ...

2263 Commits