hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-17 13:04:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
76,703 Commits 1,741 Branches 165 Tags
7717f92ec64878db579f9342ea42e1bf9aadfa9f
Commit Graph

22 Commits

Author SHA1 Message Date
Asger F
ae680e747b JS: Port LoopBoundInjection 2023-10-13 13:15:04 +02:00
erik-krogh
368f84785b fix some more style-guide violations in the alert-messages 2022-10-07 11:22:22 +02:00
erik-krogh
6ec03d4738 apply suggestions from doc review 2022-09-12 13:16:39 +02:00
erik-krogh
aa56ca37ae make the alert messages of taint-tracking queries more consistent 2022-09-05 14:04:52 +02:00
Asger Feldthaus
c4e8af983a JS: Update score and add CWE-730 to LoopBoundInjection 
This is a denial-of-service query, but was missing the CWE-730 tag
("denial of service") and consequently had a lower score than the
other DoS queries.
 2021-10-05 10:10:01 +02:00
Asger Feldthaus
f6da030572 JS: Migrate to *Query.qll convention 2021-08-12 09:30:18 +02:00
Calum Grant
771e686946 Update security-severity scores 2021-06-15 13:25:17 +01:00
Calum Grant
a594afb828 Add security-severity metadata 2021-06-10 20:11:08 +01:00
Erik Krogh Kristensen
1ae8e25603 change precision of js/loop-bound-injection and fix a false positive 2019-10-22 09:21:19 +02:00
Erik Krogh Kristensen
7671b6759b import DataFlow::PathGraph from the ql file instead of the qll file 2019-09-19 11:59:45 +02:00
Erik Krogh Kristensen
3fb64abb09 fix consistency and spelling in the documentation 
suggestions from the documentation team

Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-09-13 14:52:11 +01:00
Erik Krogh Kristensen
c4f27ed4cc rename TaintedLength to LoopBoundInjection 2019-09-13 11:12:01 +01:00
Erik Krogh Kristensen
673e883c21 use superscript to denote the size of the tainted object 2019-09-13 11:00:11 +01:00
Erik Krogh Kristensen
5b2b60f132 change DOS to DoS, and other small documentation fixes 
Co-Authored-By: Max Schaefer <max@semmle.com>
 2019-09-13 10:26:01 +01:00
Erik Krogh Kristensen
119b1ffb80 changes based on review from max 2019-09-12 16:30:42 +01:00
Erik Krogh Kristensen
30f1bcf5bc updated query ID and expected output 2019-09-12 15:24:33 +01:00
Erik Krogh Kristensen
2db0cdf4e2 two small qhelp fixes 2019-09-12 10:00:08 +01:00
Erik Krogh Kristensen
493a31d98d more fixes based on review 2019-09-11 12:53:59 +01:00
Erik Krogh Kristensen
bec522f0df small changes based on review feedback 2019-09-11 11:26:59 +01:00
Erik Krogh Kristensen
72bbd4ded1 fix spelling mistake 2019-09-10 17:13:44 +01:00
Erik Krogh Kristensen
6bb9781466 remove <br/> tags 2019-09-10 16:57:15 +01:00
Erik Krogh Kristensen
97fc10e669 Add query for detecting potential DOS form a tainted .length property 2019-09-10 14:59:48 +01:00