hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,671 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

4615 Commits

Author SHA1 Message Date
Napalys
09f73d8d6f JS: Add: test cases for toWellFormed 2024-11-20 17:36:43 +01:00
Asger F
d52bc971b8 Merge branch 'main' into js/shared-dataflow-merge-main 2024-11-20 14:05:03 +01:00
Napalys Klicius
a957e00fe5 Merge branch 'main' into napalys/ES2024-group-functions 2024-11-20 14:03:31 +01:00
Napalys
58faa2d71e JS: Add: dataflow step for static method of groupBy from Map. 2024-11-20 13:34:11 +01:00
Napalys
6344f83e4b JS: Add: tests for taint tracking in groupBy functions 2024-11-20 13:22:53 +01:00
Napalys
28ead4011a JS: Add: taint step to handle propagation of data flow from the array to callback 2024-11-19 14:15:15 +01:00
Napalys
f1e95a8a1d JS: Add: taint step test cases for findLastIndex, findLast, find 2024-11-19 14:09:58 +01:00
Asger F
80a5a5909e JS: Use getUnderlyingValue() a few places in VariableCapture 2024-11-19 13:23:29 +01:00
Asger F
d2daec4c66 JS: Add tests explaining why the IIFE in f2 didn't work 2024-11-19 13:23:24 +01:00
Napalys
c03d69af1e JS: Add: dataflow step for find, findLast, findLastIndex callback functions 2024-11-19 09:42:11 +01:00
Napalys
b64b837db3 JS: Add: test cases for find, findLast, findLastIndex with callbacks 2024-11-19 09:35:43 +01:00
Asger F
37676f41aa JS: Remove jump steps from IIFE steps 2024-11-18 13:38:34 +01:00
Asger F
7f2eae0966 JS: Add test case for false flow through IIFEs 
We generate local flow steps into and out of IIFEs, but these come jump steps automatically, resulting in FPs.
 2024-11-18 13:34:35 +01:00
Asger F
7acc5689cf JS: Port exception steps to a universal summary 2024-11-18 13:27:58 +01:00
Asger F
5ed362f7d6 JS: Add exception test case 2024-11-18 13:23:09 +01:00
Napalys
213ce225e0 JS: Add: taint step for Object.groupBy function, fixed test cases from 8ae05d8be4 2024-11-18 12:58:07 +01:00
Napalys
8ae05d8be4 JS: Add: test case for Object.groupBy 2024-11-18 12:55:17 +01:00
Napalys
c02ad65fdc JS: Add: taint step for Map.groupBy function 2024-11-18 12:50:06 +01:00
Napalys
3786ad4277 JS: Add: test case for Map.groupBy 2024-11-18 12:44:49 +01:00
Napalys
a28fc8e772 JS: Add: Use of returnless function support for findLast and findLastIndex 2024-11-15 14:44:25 +01:00
Napalys
7250099f6c JS: Add: Test cases use of returnless function in findLast and findLastIndex 2024-11-15 14:42:11 +01:00
Napalys
fcb65534a8 JS: Add: Array.protype.findLast as taint step 2024-11-15 14:10:01 +01:00
Napalys
ea90698fc1 JS: Add: Test case taint step for findLast 2024-11-15 13:35:28 +01:00
Napalys
bed1f25b3f JS: Fix: Now Array.prototype.with is properly flagged as taint step 2024-11-15 10:35:34 +01:00
Napalys
f04fd5cdcc JS: Add: Test case for Array.protype.with taint step 2024-11-15 10:27:44 +01:00
Napalys Klicius
6fa3ff39a0 Merge branch 'main' into napalys/toSpliced-support 2024-11-14 16:56:32 +01:00
Napalys Klicius
c8c15a0899 Merge pull request #17910 from Napalys/napalys/matchAll-support 
JS: Support for matchAll
 2024-11-14 15:36:20 +01:00
Napalys
b333f523df JS: Fix: now one can determine regex via Array.prototype.toSpliced function call. 2024-11-14 15:35:03 +01:00
Napalys
2b0def1ed3 JS: Add: Test case for checking if regex via using toSpliced 2024-11-14 15:31:38 +01:00
Napalys
52330e834c JS: Add: Test case for checking if regex via using splice 2024-11-14 15:29:05 +01:00
Napalys
84234d59b9 JS: Fix: Ensure toSpliced with spread operator is flagged 2024-11-13 17:21:34 +01:00
Napalys
8512cb44ff JS: Add: Test cases for toSpliced with spread operator 2024-11-13 17:18:09 +01:00
Napalys
cf90430ec0 JS: Add: Missing test case for splice spread operator 2024-11-13 17:07:17 +01:00
Napalys
2df3d1b251 JS: Fix: Ensure toSpliced is flagged by taint tracking in test suite (ed44358143) 2024-11-13 15:58:20 +01:00
Napalys
ed44358143 Added toSpliced test cases for mutation arrays 2024-11-13 15:51:00 +01:00
Napalys
df4b596180 Added toSpliced as part ArraySliceStep and ArraySpliceStep, fixed tests from 2d9bc43506 2024-11-13 13:47:34 +01:00
Napalys
2d9bc43506 Added tests for arrays toSpliced with pop 2024-11-13 12:58:24 +01:00
Napalys
b4c84d3d3c Added taint step for toSpliced, handles test from a65f80ef76 2024-11-13 12:41:41 +01:00
Napalys
a65f80ef76 Added basic taint tracking test for Array.prototype.toSpliced() 2024-11-13 12:28:14 +01:00
Napalys Klicius
ef18a6e562 Remove toReversed and toSorted func prototypes from extern.js. 2024-11-13 08:29:18 +01:00
Napalys
c2c6b77b11 Added new test case for TS57 Creating Index Signatures from Non-Literal Method Names in Classes 2024-11-12 14:26:42 +01:00
Napalys
7427a24ca1 Added test case for Array.prototype.toReversed, which is currently not flagged as a taint sink. 2024-11-12 12:02:37 +01:00
Napalys
3215967cbc Added toReserved test case 2024-11-12 12:02:20 +01:00
Napalys
3f0a54c2e8 Added support for Array.prototype.toSorted function 2024-11-12 12:02:04 +01:00
Napalys
def8d75cb8 Added test case for Array.prototype.toSorted, which is currently not flagged as a taint sink. 2024-11-12 12:01:51 +01:00
Napalys Klicius
6266dab518 Merge pull request #17951 from Napalys/napalys/reverse-support 
JS: Added support for reverse function
 2024-11-12 10:09:18 +01:00
Napalys Klicius
1eabb6cbdd Update javascript/ql/test/experimental/Security/CWE-918/check-regex.js 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-11-11 15:40:22 +01:00
Napalys
81bc7cd19f Refactored SortTaintStep to ArrayInPlaceManipulationTaintStep to support both sort and reverse functions. Fixed newly added test case. from 8026a99db7 2024-11-11 08:32:03 +01:00
Napalys
1c298f0231 Added test case for Array.prototype.reverse, which is currently not flagged as a potential sink. 2024-11-11 08:32:02 +01:00
Napalys
70cf1a57bc Now catches usage of RegExp. after matchAll usage. 2024-11-08 08:59:31 +01:00