Asger Feldthaus
3a20ca96c4
JS: Update CWE tags and severity score of code injection query
...
The derived security-severity score of the JS code injection query
was much lower than for other languages (6.1 versus 9.3), possibly due
some differences in CWE tags, such as the inclusion of CWE-079.
We also add the more specific CWE-095 ("eval injection") for consistency
with other languages. It is a child of CWE-094 ("code injection") which
was already tagged.
2021-10-05 10:12:19 +02:00
Asger Feldthaus
f6da030572
JS: Migrate to *Query.qll convention
2021-08-12 09:30:18 +02:00
Calum Grant
771e686946
Update security-severity scores
2021-06-15 13:25:17 +01:00
Calum Grant
a594afb828
Add security-severity metadata
2021-06-10 20:11:08 +01:00
Asger Feldthaus
96c6e4d8d8
JS: Update with new AdditionalTaintStep subclasses
2021-03-17 13:29:16 +00:00
Asger Feldthaus
f0516dd9e0
JS: Address review comments
2020-12-04 09:07:44 +00:00
Asger Feldthaus
412939d071
JS: Autoformat
2020-12-02 13:08:32 +00:00
Asger Feldthaus
5561e8f1f6
JS: Delete old query and update qhelp
2020-12-01 17:05:48 +00:00
Asger Feldthaus
1459d9197d
JS: Adjust alert message for template sinks
2020-12-01 17:05:48 +00:00
Erik Krogh Kristensen
a465fef7aa
shorten sentence in qhelp
2020-06-17 17:24:18 +02:00
Erik Krogh Kristensen
abd9aab109
code-injection -> code injection
2020-06-17 17:20:46 +02:00
Erik Krogh Kristensen
45e2b94eb5
Apply suggestions from doc review
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2020-06-17 17:19:44 +02:00
Erik Krogh Kristensen
5ce17bea60
add qhelp for js/bad-code-sanitization
2020-06-16 16:23:41 +02:00
Erik Krogh Kristensen
a0951f76b6
add additional taint steps when type-tracking RemoteFlowSource
2020-06-16 14:55:07 +02:00
Erik Krogh Kristensen
adabd2daca
add qldoc and customizations module
2020-06-12 11:26:49 +02:00
Erik Krogh Kristensen
aa3482cbae
improve detection of duplicate results with js/code-injection
2020-06-10 22:58:02 +02:00
Erik Krogh Kristensen
5142670138
don't import AdditionalSinks, refactor sink out in new HeuristicSinks instead
2020-06-10 22:30:45 +02:00
Erik Krogh Kristensen
373a437d71
add query to detect improperly sanitized code
2020-06-10 19:50:12 +02:00
Max Schaefer
31bb39a810
JavaScript: Autoformat all QL files.
2019-01-07 10:15:45 +00:00
Asger F
27c9326e70
JS: address doc review
2018-11-21 14:19:14 +00:00
Asger F
4ae2493798
JS: rename query to Unsafe Dynamic Method Access
2018-11-21 12:34:18 +00:00
Asger F
cb832b1de9
Merge branch 'unsafe-global-object-access' of github.com:asger-semmle/ql into unsafe-global-object-access
2018-11-21 11:14:21 +00:00
Asger F
84d642612e
JS: more comments
2018-11-21 11:14:13 +00:00
Max Schaefer
fa761c07bd
Update javascript/ql/src/Security/CWE-094/MethodNameInjection.ql
...
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com >
2018-11-21 10:55:38 +00:00
Asger F
4138f814d8
JS: expand example
2018-11-20 18:42:49 +00:00
Asger F
1c06f45046
JS: address some comments
2018-11-20 18:11:46 +00:00
Asger F
2239f863f7
JS: add query MethodNameInjection
2018-11-20 15:57:18 +00:00
Max Schaefer
3fcd02ab0e
JavaScript: Rename hasPathFlow to hasFlowPath for consistency with other languages.
2018-11-14 11:23:17 +00:00
Max Schaefer
52ae757279
JavaScript: Select Nodes (instead of PathNodes) everywhere.
2018-11-14 09:16:40 +00:00
Max Schaefer
e365b722ee
JavaScript: Select source and sink in all path queries.
2018-11-14 09:16:40 +00:00
Max Schaefer
11d6259dbf
JavaScript: Move from Node to PathNode.
2018-11-14 09:16:40 +00:00
Max Schaefer
8d87f556e1
JavaScript: Add import DataFlow::PathGraph.
2018-11-14 09:16:40 +00:00
Max Schaefer
60a1357092
JavaScript: Make all taint-based security queries have @kind path-problem.
2018-11-14 09:16:40 +00:00
Max Schaefer
65bcf0f526
JavaScript: Refactor security queries for uniformity.
2018-11-14 09:16:40 +00:00
Pavel Avgustinov
b55526aa58
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
