263 Commits

Author	SHA1	Message	Date
Esben Sparre Andreasen	0e2d2f8662	JS: whitelist some hardcoded dummy-passwords in two queries	2019-09-16 10:11:43 +02:00
Erik Krogh Kristensen	3fb64abb09	fix consistency and spelling in the documentation ... suggestions from the documentation team Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>	2019-09-13 14:52:11 +01:00
Erik Krogh Kristensen	c4f27ed4cc	rename TaintedLength to LoopBoundInjection	2019-09-13 11:12:01 +01:00
Erik Krogh Kristensen	673e883c21	use superscript to denote the size of the tainted object	2019-09-13 11:00:11 +01:00
Erik Krogh Kristensen	5b2b60f132	change DOS to DoS, and other small documentation fixes ... Co-Authored-By: Max Schaefer <max@semmle.com>	2019-09-13 10:26:01 +01:00
Erik Krogh Kristensen	119b1ffb80	changes based on review from max	2019-09-12 16:30:42 +01:00
Erik Krogh Kristensen	3d359bc8dc	Merge remote-tracking branch 'upstream/master' into taintedLength	2019-09-12 15:24:36 +01:00
Erik Krogh Kristensen	30f1bcf5bc	updated query ID and expected output	2019-09-12 15:24:33 +01:00
Erik Krogh Kristensen	2db0cdf4e2	two small qhelp fixes	2019-09-12 10:00:08 +01:00
Erik Krogh Kristensen	493a31d98d	more fixes based on review	2019-09-11 12:53:59 +01:00
Erik Krogh Kristensen	bec522f0df	small changes based on review feedback	2019-09-11 11:26:59 +01:00
Esben Sparre Andreasen	086c473c18	JS: sharpen js/http-to-file-access	2019-09-11 12:05:33 +02:00
Esben Sparre Andreasen	ee106ccff9	JS: simplify asExpr().getStringValue() calls	2019-09-11 10:56:57 +02:00
Esben Sparre Andreasen	aab17850d1	JS: eliminate redundant ConstantString casts	2019-09-11 10:56:49 +02:00
semmle-qlci	16c95d8c5e	Merge pull request #1876 from esben-semmle/js/more-delimiter-stripping-whitelisting ... Approved by xiemaisi	2019-09-11 09:16:57 +01:00
Esben Sparre Andreasen	f7bfc472c1	JS: treat server responses as untrusted for command injections	2019-09-11 09:38:18 +02:00
Erik Krogh Kristensen	72bbd4ded1	fix spelling mistake	2019-09-10 17:13:44 +01:00
Erik Krogh Kristensen	6bb9781466	remove <br/> tags	2019-09-10 16:57:15 +01:00
Erik Krogh Kristensen	97fc10e669	Add query for detecting potential DOS form a tainted .length property	2019-09-10 14:59:48 +01:00
semmle-qlci	e899250e87	Merge pull request #1894 from asger-semmle/fp-incorrect-suffix-check ... Approved by xiemaisi	2019-09-09 15:33:47 +01:00
Asger F	7007698de4	JS: Fix the FP	2019-09-06 15:39:40 +01:00
Anders Schack-Mulligen	ca45fb5a60	JavaScript: Autoformat.	2019-09-06 09:04:51 +02:00
Esben Sparre Andreasen	a9665f53b8	JS: whitelist quote stripping for js/incomplete-sanitization	2019-09-05 09:47:49 +01:00
Asger F	5aa948cd17	JS: Add angular.merge sink to prototype pollution query	2019-09-04 16:14:51 +01:00
Asger F	a41a23fdba	JS: Raise precision of prototype-pollution query	2019-09-02 11:00:24 +01:00
Max Schaefer	020d31c3b6	JavaScript: Fix inconisstency in TaintedPath.qhelp.	2019-08-12 10:29:41 +01:00
Max Schaefer	80cfe070d4	JavaScript: Fix inconsistency in MissingRegExpAnchor.qhelp.	2019-08-12 10:29:21 +01:00
semmle-qlci	77ae2bc8b7	Merge pull request #1684 from asger-semmle/protopollution-qhelp ... Approved by xiemaisi	2019-08-05 11:06:34 +01:00
Asger F	fcc51a8407	JS: Fix lodash version in proto pollution qhelp	2019-08-02 16:42:36 +01:00
semmle-qlci	34cdf7c96b	Merge pull request #1677 from xiemaisi/js/flow-summary-fixes ... Approved by esben-semmle	2019-08-02 14:02:47 +01:00
Max Schaefer	e06ed503ec	JavaScript: Make flow summaries work for non-taint configurations. ... With flow labels it often makes more sense to use a `DataFlow::Configuration` rather than a `TaintTracking::Configuration`, so flow summaries should support both.	2019-08-02 11:45:41 +01:00
semmle-qlci	07b97dcc07	Merge pull request #1672 from asger-semmle/flowlabel-issers ... Approved by xiemaisi	2019-08-02 10:05:41 +01:00
Asger F	e09c22e67d	JS: Add FlowLabel.isData() and .isTaint()	2019-08-01 15:22:51 +01:00
Esben Sparre Andreasen	bf4a324a86	JS: add query js/indirect-command-line-injection	2019-07-31 09:24:25 +02:00
Max Schaefer	d3016593e4	JavaScript: Remove extra backslashes in MissingRegExpAnchor.qhelp.	2019-07-29 15:23:09 +01:00
Chris Gavin	bce153648e	JavaScript: Update link to the OWASP XSS prevetion cheat sheet.	2019-06-24 23:21:14 +01:00
Max Schaefer	d233cea79d	JavaScript: Lower precision of PasswordInConfigurationFile. ... In spite of recent improvements, this query is still too noisy to show by default.	2019-06-05 08:09:19 +01:00
Max Schaefer	a4876270ec	JavaScript: Tweak PasswordInConfigurationFile alerts. ... Only highlight first line, and include the password in the alert message.	2019-06-05 08:09:19 +01:00
semmle-qlci	80ff63a3bb	Merge pull request #1387 from esben-semmle/js/unanchored-url-regex ... Approved by mc-semmle, xiemaisi	2019-06-03 17:27:08 +01:00
Esben Sparre Andreasen	04868e5b97	JS: format qhelp examples	2019-06-03 17:05:19 +02:00
Esben Sparre Andreasen	9e0a97e82f	JS: address qhelp review comments	2019-06-03 16:39:39 +02:00
Esben Sparre Andreasen	bf51c54338	JS: add RegExpPatternSource::getAParse to hide the subclasses	2019-06-03 14:23:22 +02:00
Max Schaefer	d8a101df6d	JavaScript: Shrink Configurations.qll some more.	2019-06-03 10:32:25 +01:00
Esben Sparre Andreasen	14644270ac	JS: fix comment typo	2019-06-03 08:32:35 +02:00
Esben Sparre Andreasen	7018a38691	JS: improve tests and regexp for js/regex/missing-regexp-anchor	2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen	3289c629f7	JS: address minor review comments	2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen	0fa73b8331	JS: add query js/regex/missing-regexp-anchor	2019-06-03 08:29:52 +02:00
Esben Sparre Andreasen	69db54a03a	JS: add anchors to js/incomplete-hostname-regexp examples	2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen	3358e49698	JS: refactor the predicate RegExp::regexp to three classes. ... This preserves the ad hoc message formatting in IncompleteHostnameRegExp.ql	2019-06-03 08:27:49 +02:00
Esben Sparre Andreasen	98ae2597bb	JS: refactor IncompleteHostnameRegExp::regexp to RegExp.qll	2019-06-03 08:27:49 +02:00