hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 17:28:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,759 Commits 1,721 Branches 163 Tags
4a367d3fdb371d80c0cb69b64bc3b0f5f2ef2a67
Commit Graph

326 Commits

Author SHA1 Message Date
Asger F
4a367d3fdb JS: more efficient encoding of unary constraints 2018-11-29 11:22:14 +00:00
Asger F
2d6bf0aff3 JS: improve join ordering in extendedEdge 2018-11-29 11:22:14 +00:00
Asger F
84ea4cf1d1 JS: manually reorder extendedEdge and negativeEdge 2018-11-29 11:22:14 +00:00
Asger F
d813635f3e JS: Restrict constraint generation to relevant nodes 2018-11-29 11:22:14 +00:00
Asger F
43df9538bf JS: be conservative in presence of NaN comments 2018-11-29 11:22:14 +00:00
Asger F
feb8a8c4fd JS: restrict bias to 30-bit range to avoid overflow 2018-11-29 11:22:14 +00:00
Asger F
20aa4e1f6d JS: handle sharp inequalities directly 2018-11-29 11:22:14 +00:00
Asger F
9d8d953292 JS: perform widening when adding operands of very different magnitude 2018-11-29 11:22:14 +00:00
Asger F
6c53ad80c7 JS: add constant constraints in range analysis 2018-11-29 11:22:13 +00:00
Asger F
064b1099eb JS: range analysis through phi nodes 2018-11-29 11:22:13 +00:00
Asger F
09ca6652fb JS: Support return value of x++ 2018-11-29 11:22:13 +00:00
Asger F
73cbdee691 JS: Compound assignments and update exprs in range analysis 2018-11-29 11:22:13 +00:00
Asger F
a374540c55 JS: Range analysis library 2018-11-29 11:22:13 +00:00
Max Schaefer
fb78e14db1 JavaScript: Add support for sanitising dynamic property accesses. 
This generalises our previous handling of sanitisers operating on property accesses to support dynamic property accesses where the property name is an SSA variable by representing them as access paths.
 2018-11-28 12:37:53 +00:00
semmle-qlci
04c2b23abd Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds 
Approved by asger-semmle
 2018-11-23 12:40:40 +00:00
Esben Sparre Andreasen
b780f82869 JS: sharpen js/clear-text-logging (ODASA-7485) 2018-11-22 13:38:43 +01:00
semmle-qlci
4e72a08b8d Merge pull request #507 from esben-semmle/js/mixed-static-intance-this-access-inheritance 
Approved by xiemaisi
 2018-11-21 16:07:25 +00:00
Esben Sparre Andreasen
caea6212ed JS: use inheritance in js/mixed-static-instance-this-access 2018-11-21 09:48:37 +01:00
semmle-qlci
1c1d2e943a Merge pull request #496 from esben-semmle/js/yui-directives 
Approved by xiemaisi
 2018-11-20 12:59:55 +00:00
semmle-qlci
8333f72030 Merge pull request #470 from esben-semmle/custom-abstract-values-only 
Approved by xiemaisi
 2018-11-20 12:59:35 +00:00
Esben Sparre Andreasen
54fea1a4cb JS: support "xyz:nomunge" YUI compressor directives 2018-11-20 09:00:33 +01:00
Esben Sparre Andreasen
ee7a6af7c7 JS: address review comments 2018-11-20 08:37:23 +01:00
semmle-qlci
26a248b14a Merge pull request #487 from xiemaisi/js/lint-join-order 
Approved by esben-semmle
 2018-11-20 06:51:33 +00:00
Max Schaefer
73ad3f5c8a JavaScript: Tweak JSLint library to avoid bad join order. 2018-11-19 09:12:02 +00:00
Asger F
c06c9a02f7 JS: fix copy pasta and test output 2018-11-16 10:47:02 +00:00
Asger F
dd5f485fff JS: use original sanitizer for SSRF query 2018-11-16 10:46:14 +00:00
Asger F
6ec13feab4 JS: recognize sanitizing slashes in URL redirection queries 2018-11-16 10:43:25 +00:00
semmle-qlci
0647743333 Merge pull request #467 from xiemaisi/js/amd-imports 
Approved by asger-semmle
 2018-11-16 09:31:50 +00:00
Asger F
df202eff76 Merge pull request #468 from xiemaisi/js/has{Path,Flow}+ 
JavaScript: Rename `hasPathFlow` to `hasFlowPath` for consistency with other languages.
 2018-11-14 16:48:47 +00:00
semmle-qlci
4a14bef507 Merge pull request #466 from xiemaisi/js/more-data-flow-predicates 
Approved by asger-semmle
 2018-11-14 16:07:59 +00:00
Max Schaefer
6f6b3b0d5e JavaScript: Add a convenience method to SourceNode and use it in a few places. 2018-11-14 11:58:45 +00:00
Max Schaefer
a441bfb751 JavaScript: Add a convenience method to AMDModuleDefinition. 2018-11-14 11:36:40 +00:00
Max Schaefer
3fcd02ab0e JavaScript: Rename hasPathFlow to hasFlowPath for consistency with other languages. 2018-11-14 11:23:17 +00:00
Max Schaefer
d6198fcc2a JavaScript: Introduce two more short-circuiting conjuncts. 2018-11-14 09:33:09 +00:00
Max Schaefer
4860364d91 JavaScript: Add explicit nodes query predicate in PathGraph. 
This is needed to correctly handle the case where `edges` is empty.
 2018-11-14 09:16:40 +00:00
Max Schaefer
9b4ae9e4d3 JavaScript: Refactor HostHeaderPoisoningInEmailGeneration query. 2018-11-14 09:16:40 +00:00
Max Schaefer
a499009f59 Merge pull request #395 from esben-semmle/js/useless-defensive-code 
JS: add query: js/useless-defensive-code
 2018-11-13 16:55:59 +00:00
Max Schaefer
4fdfbb77cc Merge pull request #444 from esben-semmle/js/browser-based-client-requests 
JS: add models of $.ajax, $.getJSON and XMLHttpRequst
 2018-11-13 16:53:52 +00:00
Esben Sparre Andreasen
daed0653cb JS: support property tracking of custom abstract values 2018-11-13 11:42:09 +01:00
Esben Sparre Andreasen
1d87c580b3 JS: introduce DefinedCustomAbstractValue 2018-11-13 11:40:31 +01:00
semmle-qlci
86e31a584e Merge pull request #447 from esben-semmle/js/indirect-sanitization 
Approved by asger-semmle
 2018-11-13 09:14:28 +00:00
Esben Sparre Andreasen
1db2e6ca55 JS: add source code examples to docstrings 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
3aae1d17db JS: avoid two uses of getChildExpr(0) 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
8ea9fd4cca JS: address review comments 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
f440c9221a JS: replace some Expr.stripParens with Expr.getUnderlyingValue 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
e29c57a58e JS: add whitelist to js/useless-defensive-code 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
7b215ecb2b JS: recognize defensive programming patterns using typeof 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
c403416fef JS: recognize defensive expressions that prevents exceptions 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
6e77489a3b JS: add utilities for expression guards to DefensiveProgramming.qll 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
a2ecf40878 JS: recognize defensive expressions for null/undefined 2018-11-13 08:19:38 +01:00