hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,671 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

6853 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
99dd5330c2 add taint-step for URL construction in js/request-forgery 2021-04-08 11:10:33 +02:00
CodeQL CI
a9527fd913 Merge pull request #5621 from erik-krogh/shellSink 
Approved by esbena
 2021-04-08 09:47:45 +01:00
CodeQL CI
f0491af64c Merge pull request #5529 from erik-krogh/socketInput 
Approved by esbena
 2021-04-07 15:03:13 +01:00
Asger F
0c724a8427 Merge pull request #5304 from asgerf/js/non-alert-data 
JS: Implement new metric queries for line counting
 2021-04-07 14:52:51 +01:00
Erik Krogh Kristensen
365b4d722d backtrack string-concatenations from shell-execution sinks 2021-04-07 15:34:54 +02:00
CodeQL CI
073a43ce74 Merge pull request #5606 from erik-krogh/shellInput 
Approved by esbena
 2021-04-07 14:30:31 +01:00
Erik Krogh Kristensen
c9f54ea1ad update expected output 2021-04-07 12:37:17 +00:00
Asger Feldthaus
ee13ff71d6 JS: Add another change note 2021-04-07 12:29:06 +01:00
Asger Feldthaus
26cddc7d04 JS: Update test output 2021-04-07 12:28:45 +01:00
Asger Feldthaus
69973d0fa2 JS: Autoformat 2021-04-07 11:24:11 +01:00
Erik Krogh Kristensen
a66083d685 change "Uncontrolled path" to "Path concatenation" 2021-04-07 08:23:07 +00:00
CodeQL CI
fd4e8f8282 Merge pull request #5526 from erik-krogh/quotedShell 
Approved by esbena
 2021-04-07 08:39:01 +01:00
CodeQL CI
61880ba90a Merge pull request #5530 from erik-krogh/moreFS 
Approved by esbena
 2021-04-07 08:37:23 +01:00
Erik Krogh Kristensen
2c1cc9ead6 use local variable instead of module.exports in example 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-04-06 15:17:31 +02:00
Erik Krogh Kristensen
41b89669a9 add joined paths as a sink to js/shell-command-constructed-from-input 2021-04-06 12:14:00 +02:00
Erik Krogh Kristensen
c194598d37 recognize headers/url from the HTTP request to a server WebSocket. 2021-04-06 10:11:27 +02:00
Asger Feldthaus
32500c834d JS: Change note 2021-04-01 16:41:03 +01:00
Asger Feldthaus
acc28df785 JS: Bugfix in tsconfig file inclusion handling 2021-04-01 16:33:05 +01:00
Asger Feldthaus
564a6873f8 JS: Add baseUrl test 2021-04-01 16:33:05 +01:00
Asger Feldthaus
c4ab6fb7b4 JS: Add ImportGraph meta query 2021-04-01 16:33:05 +01:00
Asger Feldthaus
f07030ba97 JS: Update AdditionalFlowStep -> SharedFlowStep 2021-04-01 13:16:47 +01:00
Asger Feldthaus
a9566728b5 JS: Update an import of Unit type 2021-04-01 13:16:47 +01:00
Asger Feldthaus
7119eda009 JS: Add redux change note 2021-04-01 13:16:47 +01:00
Asger Feldthaus
86bc0eb853 JS: Autoformat 2021-04-01 13:16:47 +01:00
Asger Feldthaus
b43989e6a1 JS: Use API nodes to track dispatch/dispatched value sources 2021-04-01 13:16:47 +01:00
Asger Feldthaus
2850b8e952 JS: Fix RangeAnalysis after BasicBlock.dominates change 2021-04-01 13:16:47 +01:00
Asger Feldthaus
cbfa5ad303 JS: Change type of a parameter 2021-04-01 13:16:47 +01:00
Asger Feldthaus
cee1a12489 JS: Fix typo in qldoc 2021-04-01 13:16:47 +01:00
Asger Feldthaus
c926a47d50 JS: QLDoc and test for HeuristicConnectEntryPoint 2021-04-01 13:16:47 +01:00
Asger Feldthaus
cca38a64be JS: Add test for flow to a closure body under a type guard 2021-04-01 13:16:46 +01:00
Asger Feldthaus
53def60e4f JS: Add test for if-based type check 2021-04-01 13:16:46 +01:00
Asger Feldthaus
1ce7c3448f JS: Address some review comments 2021-04-01 13:16:46 +01:00
Asger Feldthaus
fd7cbd0c96 JS: Tweak BasicBlock.dominates and friends 2021-04-01 13:16:46 +01:00
Asger Feldthaus
8fa3fb0561 JS: Redux model 2021-04-01 13:16:46 +01:00
Asger Feldthaus
314839fc09 JS: Add @reduxjs/toolkit to composed functions 2021-04-01 13:16:46 +01:00
Asger Feldthaus
c1651ad30c JS: Factor out Unit type 2021-04-01 13:16:46 +01:00
Asger Feldthaus
125d1465c8 JS: Add DataFlow::functionForwardingStep 2021-04-01 13:16:46 +01:00
Asger Feldthaus
a3421e7ab2 JS: Add getALocalUse 2021-04-01 13:16:45 +01:00
CodeQL CI
20416ae034 Merge pull request #5585 from asgerf/js/more-metadata 
Approved by esbena
 2021-04-01 13:13:01 +01:00
Asger Feldthaus
c96ee8671e JS: Update more query metadata 2021-04-01 12:15:54 +01:00
CodeQL CI
a1fab8ac52 Merge pull request #5581 from asgerf/js/dependency-info 
Approved by esbena
 2021-04-01 09:07:21 +01:00
Asger Feldthaus
8c8e4e6a70 JS: Add test 2021-03-31 16:17:54 +01:00
Asger Feldthaus
068a9d88e7 JS: Ensure Dependency.info() exists even if version range could not be parsed 2021-03-31 16:08:08 +01:00
Asger Feldthaus
c541390c1b JS: Remove precision tag from ExternalDependencies.ql 2021-03-31 13:54:15 +01:00
Asger Feldthaus
57784dc746 JS: Update test output 2021-03-31 09:23:47 +01:00
Asger Feldthaus
bc5b477f79 JS: Change kind of summary-extraction queries to table 2021-03-30 21:26:58 +01:00
Asger Feldthaus
f8bbda0cdc JS: Change note 2021-03-30 13:54:01 +01:00
Asger Feldthaus
9db235ac36 JS: Improve @google-cloud/spanner model 2021-03-30 13:54:00 +01:00
Asger Feldthaus
35f294f096 JS: Improve sequelize model 2021-03-30 13:54:00 +01:00
Asger Feldthaus
93500bd95a JS: Improve mssql model 2021-03-30 11:34:01 +01:00