hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,895 Commits 1,672 Branches 157 Tags
4f54bb66b807ee4b22f6be28cfbb71d21b901b10
Commit Graph

73 Commits

Author SHA1 Message Date
Stephan Brandauer
fb66ccff39 handlebars taint step: conservatively assume unknown templates have no flow to helpers 2022-04-13 09:27:59 +02:00
Stephan Brandauer
9c3fcb6268 precise tracking of handlebars arguments 2022-03-28 17:26:43 +02:00
Stephan Brandauer
0bd9e9f298 add handlebars taint step 2022-03-24 11:46:16 +01:00
Stephan Brandauer
4ee290acd3 update test for 'node:' prefix 2022-01-25 14:25:44 +01:00
Esben Sparre Andreasen
9ffc02944d add file write model for express-fileupload mv 2021-12-10 15:05:34 +01:00
Asger Feldthaus
5f4c1dd19b JS: Support regexp-based path traversal check 2021-11-02 14:12:05 +01:00
Asger Feldthaus
83edcf515b JS: Add test for regexp-based sanitizer 2021-11-02 14:12:04 +01:00
Erik Krogh Kristensen
32ac8778bd add the cwd option to shell executions as a sink to js/path-injection 2021-08-23 07:32:05 +02:00
CodeQL CI
a02a82caac Merge pull request #6284 from erik-krogh/qs 
Approved by asgerf
 2021-07-16 02:11:59 -07:00
Erik Krogh Kristensen
14b26f2a68 add mkdirp as a sink for tainted-path 2021-07-14 19:32:22 +02:00
Erik Krogh Kristensen
f462c9bb76 add taint through the parseqs library 2021-07-14 17:22:35 +02:00
Erik Krogh Kristensen
bec1818fc7 add taint through the normalize-url library 2021-07-14 17:15:14 +02:00
Erik Krogh Kristensen
193ddfc771 add taint through the qs library 2021-07-14 16:56:51 +02:00
CodeQL CI
436168aa4f Merge pull request #6267 from erik-krogh/read-pkg 
Approved by asgerf
 2021-07-14 01:01:33 -07:00
Erik Krogh Kristensen
07bc5856db add the cwd option from read-pkg as sink for path-injection 2021-07-12 23:43:15 +02:00
Erik Krogh Kristensen
899e54fbc9 add support for the slash library 2021-07-12 16:36:54 +02:00
Erik Krogh Kristensen
4360e5dcbc add model of the thenify library 2021-06-22 11:55:58 +02:00
Erik Krogh Kristensen
61cc415a32 add model of the util.promisify library 2021-06-22 11:55:58 +02:00
Erik Krogh Kristensen
2f3ea4412f add model of the pify library 2021-06-22 11:55:54 +02:00
CodeQL CI
169e67cbb8 Merge pull request #5990 from erik-krogh/prettier 
Approved by asgerf
 2021-06-08 12:17:24 -07:00
Erik Krogh Kristensen
5961dd1459 add another test for the resolve library 2021-06-06 22:54:12 +02:00
Erik Krogh Kristensen
dd2fe2a489 add the resolve library as a sink to js/path-injection 2021-06-06 22:04:32 +02:00
Erik Krogh Kristensen
788c5ba701 add support for the prettier API 2021-06-02 15:33:08 +02:00
Erik Krogh Kristensen
3b82452d76 detect fs modules that pass through a reduce call 2021-03-25 14:47:43 +01:00
Erik Krogh Kristensen
2f3869f41b add model for puppeteer 2021-03-17 10:03:51 +01:00
Erik Krogh Kristensen
d95d427c5b better support for the &&=, ||=, and ??= operators 2020-08-13 09:22:32 +02:00
semmle-qlci
45ef3ec4a8 Merge pull request #3619 from erik-krogh/CWE022-Correctness 
Approved by asgerf
 2020-07-01 20:07:58 +01:00
Esben Sparre Andreasen
c7f67fafd9 JS: support additional promisification of the fs-module members 2020-06-30 09:10:30 +02:00
Erik Krogh Kristensen
926f2c139f require that a write must dominate the enclosing stmt of a read 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
e467d3ccbf use dominating write check in js/path-injection 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
550c578c3c use MemberShipTest in TaintedPath 2020-06-04 10:51:08 +02:00
Erik Krogh Kristensen
d513e6c5b5 update comments in TaintedPath tests 2020-06-04 10:40:14 +02:00
Erik Krogh Kristensen
eca98b42d2 basic support for util.promisify for NodeJSFileSystemAccess 2020-04-17 09:54:37 +02:00
Erik Krogh Kristensen
9c2053168b writing out the truth table for DotDotSlashPrefixRemovingReplace 2020-04-03 15:46:47 +02:00
Erik Krogh Kristensen
94751c1b31 dst can be relative for "../" replace call 2020-04-03 11:08:31 +02:00
Erik Krogh Kristensen
e46cde17a1 add a "../" removing taint-step for js/path-injection 2020-04-03 09:42:05 +02:00
semmle-qlci
c5d39039bc Merge pull request #2962 from erik-krogh/YetAnotherSanitizer 
Approved by asgerf
 2020-03-04 15:27:09 +00:00
Esben Sparre Andreasen
4625217a68 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 15:07:51 +01:00
Erik Krogh Kristensen
f03c67266a add taint step for replace call that only removes dots 2020-03-03 12:58:06 +01:00
Esben Sparre Andreasen
adddebf039 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 10:55:16 +01:00
Erik Krogh Kristensen
53d1cd33f6 support sanitizers that remove all forward slashes 2020-03-02 21:34:40 +01:00
Erik Krogh Kristensen
26fd17bf39 recognize utility functions implementing a StartsWith check 2020-03-02 13:00:58 +01:00
Erik Krogh Kristensen
71ff32e930 recognize another prefix check for js/path-injection 2020-02-28 14:55:41 +01:00
Esben Sparre Andreasen
a589061bee JS: add type-tracking to the fs-module and model the original-fs 2020-02-28 12:54:59 +01:00
Esben Sparre Andreasen
5a3a1c480d JS: add tests for the fs-module and friends 2020-02-28 12:21:10 +01:00
Erik Krogh Kristensen
dc6bfad023 Merge remote-tracking branch 'upstream/master' into CVE481 2020-02-25 16:25:03 +01:00
Esben Sparre Andreasen
5baba62154 JS: model path-is-inside+is-path-inside for js/path-injection 2020-02-24 23:10:15 +01:00
Esben Sparre Andreasen
86b836cd29 JS: add tests for js/path-injection 2020-02-24 23:03:42 +01:00
Erik Krogh Kristensen
90e5671d98 Merge branch 'master' of git.semmle.com:Semmle/ql into CVE481 2020-02-21 15:25:07 +01:00
Erik Krogh Kristensen
03e295ef11 Merge branch 'master' of git.semmle.com:Semmle/ql into CVE74 2020-02-20 12:19:32 +01:00