hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 15:04:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,501 Commits 1,680 Branches 158 Tags
6dfa2ea9d56c4a22f0806666a9a16edd40afbdf1
Commit Graph

3693 Commits

Author SHA1 Message Date
Arthur Baars
7e72ef350e Merge pull request #3975 from aibaars/lgtm-suites 
CodeQL: complete LGTM suites
 2020-07-30 18:39:01 +02:00
Arthur Baars
5bad003c0c Add qlpack.yml files for example queries 2020-07-29 16:57:04 +02:00
Arthur Baars
c4041e55ba CodeQL: complete LGTM suites 2020-07-28 20:40:44 +02:00
Max Schaefer
91762ec274 JavaScript: Add partial model for opener. 
3.5M weekly downloads.

Note that we do not treat the first argument as a command-injection sink. While it is possible to inject commands that way, it is more likely to cause false positives where the user input is concatenated with some prefix that makes the opening heuristic decide to treat it as a URL.
 2020-07-27 11:42:32 +01:00
Max Schaefer
9aa26fa4bc JavaScript: Add model for foreground-child. 
>1M weekly downloads, so seems worth doing.
 2020-07-27 11:37:06 +01:00
Max Schaefer
2f842042ea JavaScript: Model another execa function relevant for command injection. 2020-07-27 11:34:04 +01:00
semmle-qlci
e167b87150 Merge pull request #3932 from max-schaefer/portals-additions 
Approved by esbena
 2020-07-09 11:43:45 +01:00
Max Schaefer
7a1410e0d5 JavaScript: Update and expand tests. 2020-07-09 09:25:52 +01:00
Max Schaefer
1c47260bde JavaScript: Add support for global variables to portals. 2020-07-09 09:12:56 +01:00
Max Schaefer
c40ef0556a JavaScript: Broaden scope of imports considered relevant to portals. 
Previously, we only considered an import relevant to portals if the path it imported was declared as a dependency. This falls down for deep imports where a specific module inside the package is imported rather than the default entry point, for imports of built-in modules like `fs`, and in cases where a developer simply forgets to declare a dependency.

So instead we now consider all imports relevant whose path does not start with a dot or a slash.
 2020-07-09 09:09:44 +01:00
Max Schaefer
8b4b5781e6 JavaScript: Add utility predicate getBasePortal(i). 
This iterates the existing `getBasePortal()` predicate `i` times.
 2020-07-09 09:08:18 +01:00
Anders Schack-Mulligen
67db1df00c C++/C#/JavaScript/Python: Port Location qldoc update. 2020-07-07 11:39:27 +02:00
semmle-qlci
fe0c5a9ea6 Merge pull request #3892 from asger-semmle/js/redirect-starts-with-sanitizer 
Approved by esbena
 2020-07-06 17:04:30 +01:00
semmle-qlci
6d80445f24 Merge pull request #3851 from erik-krogh/queryStuff 
Approved by esbena
 2020-07-06 14:40:41 +01:00
Erik Krogh Kristensen
9a944625d1 autoformat 2020-07-06 15:17:15 +02:00
semmle-qlci
13c3513d76 Merge pull request #3905 from erik-krogh/unsafeShellTypo 
Approved by esbena
 2020-07-06 11:41:56 +01:00
semmle-qlci
73d606d2c3 Merge pull request #3844 from github/esbena-patch-3 
Approved by erik-krogh
 2020-07-06 09:47:59 +01:00
Erik Krogh Kristensen
8585312271 fix typo in js/shell-command-constructed-from-input 2020-07-06 10:33:49 +02:00
Asger Feldthaus
b5104ae42d JS: Add StartsWith sanitizer 2020-07-03 14:46:07 +01:00
Asger Feldthaus
4c06eb8bfe JS: Add test showing FPs 2020-07-03 14:45:42 +01:00
Erik Krogh Kristensen
078b6a8df2 autoformat 2020-07-03 00:21:55 +02:00
Erik Krogh Kristensen
261821b32c Merge remote-tracking branch 'upstream/master' into queryStuff 2020-07-02 16:08:05 +02:00
semmle-qlci
b5c8f2238b Merge pull request #3805 from esbena/js/seal-freeze-flow 
Approved by asgerf
 2020-07-02 13:54:54 +01:00
Erik Krogh Kristensen
2b0a091921 split out type-tracking into two predicates, to avoid catastrophic join-order 2020-07-02 14:28:28 +02:00
semmle-qlci
97128b1475 Merge pull request #3829 from asger-semmle/js/xss-substr 
Approved by erik-krogh
 2020-07-02 11:58:32 +01:00
semmle-qlci
bfb734e1d7 Merge pull request #3832 from asger-semmle/js/typescript-in-html-files3 
Approved by erik-krogh
 2020-07-02 08:30:45 +01:00
semmle-qlci
45ef3ec4a8 Merge pull request #3619 from erik-krogh/CWE022-Correctness 
Approved by asgerf
 2020-07-01 20:07:58 +01:00
semmle-qlci
66a6fe7317 Merge pull request #3853 from max-schaefer/js/canonical-names 
Approved by asgerf
 2020-07-01 16:08:59 +01:00
Max Schaefer
a6d8073987 JavaScript: Make getADefinition and getAnAccess available on all CanonicalNames. 2020-07-01 14:42:03 +01:00
Esben Sparre Andreasen
3ca6031ae5 JS: rename predicate 2020-07-01 15:27:28 +02:00
Esben Sparre Andreasen
75451e349a JS: teach the dataflow library identity functions Object.freeze/seal 2020-07-01 15:27:28 +02:00
Esben Sparre Andreasen
33c52761d4 JS: more dataflow and global access path testing 2020-07-01 15:26:25 +02:00
Erik Krogh Kristensen
3157cd724d add noSQL tests for type-tracking req.query 2020-07-01 11:45:09 +02:00
Erik Krogh Kristensen
bace2994c3 add test for type-tracking req.params 2020-07-01 11:38:54 +02:00
Erik Krogh Kristensen
8227010463 also use new type-tracking in isUserControlledObject 2020-07-01 11:32:51 +02:00
Erik Krogh Kristensen
ed48efe5b4 recognize access to a query object through function calls 2020-06-30 15:52:08 +02:00
semmle-qlci
224289c55f Merge pull request #3845 from max-schaefer/js/walk-sync 
Approved by asgerf
 2020-06-30 14:45:41 +01:00
semmle-qlci
42bca1a3fa Merge pull request #3824 from asger-semmle/js/static-regexp-capture-group-step 
Approved by erik-krogh, esbena
 2020-06-30 13:20:14 +01:00
semmle-qlci
c850938af0 Merge pull request #3833 from asger-semmle/js/vue-class-component 
Approved by erik-krogh
 2020-06-30 13:16:42 +01:00
semmle-qlci
15a0297ca2 Merge pull request #3834 from asger-semmle/js/vue-classification 
Approved by erik-krogh
 2020-06-30 13:14:25 +01:00
Max Schaefer
62d56a3d7c JavaScript: Fix module name for walk-sync package. 2020-06-30 11:57:16 +01:00
Esben Sparre Andreasen
80981ec8f5 Update UnsafeHtmlExpansion-transformed.html 2020-06-30 12:01:02 +02:00
Esben Sparre Andreasen
c7f67fafd9 JS: support additional promisification of the fs-module members 2020-06-30 09:10:30 +02:00
Asger Feldthaus
182e4ce727 JS: Autoformat 2020-06-29 19:10:28 +01:00
Asger Feldthaus
cb12d894a6 JS: Add test 2020-06-29 15:54:06 +01:00
Asger Feldthaus
326c7af4eb JS: Fix incorrect classification of Vue files 2020-06-29 15:49:07 +01:00
semmle-qlci
da8725aa5c Merge pull request #3823 from dellalibera/js/fancy-log 
Approved by erik-krogh
 2020-06-29 14:46:51 +01:00
semmle-qlci
b3e68ef81c Merge pull request #3806 from erik-krogh/moreDownloads 
Approved by asgerf
 2020-06-29 13:53:10 +01:00
Asger Feldthaus
b05942b599 JS: Add HTML file example 2020-06-29 13:45:01 +01:00
Asger Feldthaus
3938856e61 JS: Make this work in qltest 2020-06-29 13:42:55 +01:00