codeql

mirror of https://github.com/github/codeql.git synced 2026-05-11 01:39:28 +02:00

Author	SHA1	Message	Date
Asger F	afdcb1e075	JS: Handle jQuery objects from Parameter.getAnInitialUse()	2019-10-07 08:29:42 +01:00
Asger F	fb181c2d14	JS: Use type info and type tracking in jQuery	2019-10-07 08:29:42 +01:00
Asger F	b4f67f20af	JS: Extract types and signatures for functions	2019-09-26 10:17:58 +01:00
Asger F	97494290de	JS: Add getOverloadIndex()	2019-09-26 10:17:58 +01:00
Max Schaefer	d4fca84898	JavaScript: Improve XSS sanitizer detection. We now use local data flow to detect more regexp-based sanitizers.	2019-09-23 17:07:06 +01:00
semmle-qlci	825a3d2917	Merge pull request #1954 from asger-semmle/type-tracking-through-captured-vars Approved by xiemaisi	2019-09-23 12:10:30 +01:00
semmle-qlci	e2c941c577	Merge pull request #1916 from erik-krogh/taintedLength Approved by asger-semmle, xiemaisi	2019-09-23 11:47:48 +01:00
Max Schaefer	149ae5d7ab	JavaScript: Fix IllegalInvocation. This fixes false positives that arise when a call such as `f.apply` can either be interpreted as a reflective invocation of `f`, or a normal call to method `apply` of `f`.	2019-09-23 07:44:14 +01:00
semmle-qlci	6f2e485ace	Merge pull request #1950 from xiemaisi/js/rate-limiter-flexible Approved by esben-semmle	2019-09-19 12:45:45 +01:00
Erik Krogh Kristensen	7671b6759b	import DataFlow::PathGraph from the ql file instead of the qll file	2019-09-19 11:59:45 +02:00
Erik Krogh Kristensen	bbf7e56e47	remove unused import in query	2019-09-19 11:49:20 +02:00
Max Schaefer	4e1e7bc127	JavaScript: Apply review suggestion. Co-Authored-By: Esben Sparre Andreasen <42067045+esben-semmle@users.noreply.github.com>	2019-09-19 09:40:28 +01:00
Asger F	71763af2d5	JS: Further restrict receiver type inference	2019-09-18 16:18:10 +01:00
Asger F	e724f92ee8	JS: Also summarize loads	2019-09-18 16:18:10 +01:00
Asger F	ffc69cb61e	JS: Summarize functions in type tracking	2019-09-18 16:17:59 +01:00
Max Schaefer	3970ead7ab	JavaScript: Add support for `rate-limiter-flexible` package.	2019-09-18 12:25:33 +01:00
Esben Sparre Andreasen	ac6554b7da	Merge branch 'master' into js/improve-getAResponseDataNode	2019-09-17 13:18:41 +02:00
Esben Sparre Andreasen	0e2d2f8662	JS: whitelist some hardcoded dummy-passwords in two queries	2019-09-16 10:11:43 +02:00
Erik Krogh Kristensen	3fb64abb09	fix consistency and spelling in the documentation suggestions from the documentation team Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>	2019-09-13 14:52:11 +01:00
Erik Krogh Kristensen	c4f27ed4cc	rename TaintedLength to LoopBoundInjection	2019-09-13 11:12:01 +01:00
semmle-qlci	d0d3882121	Merge pull request #1919 from esben-semmle/js/fixup-1 Approved by asger-semmle, xiemaisi	2019-09-13 10:40:38 +01:00
semmle-qlci	1313821a25	Merge pull request #1904 from erik-semmle/passportModel Approved by asger-semmle, esben-semmle	2019-09-13 10:38:14 +01:00
Erik Krogh Kristensen	5b2b60f132	change DOS to DoS, and other small documentation fixes Co-Authored-By: Max Schaefer <max@semmle.com>	2019-09-13 10:26:01 +01:00
Erik Krogh Kristensen	c2efb0afe7	two tiny qldoc changes	2019-09-12 16:58:07 +01:00
Erik Krogh Kristensen	119b1ffb80	changes based on review from max	2019-09-12 16:30:42 +01:00
Erik Krogh Kristensen	493a31d98d	more fixes based on review	2019-09-11 12:53:59 +01:00
Erik Krogh Kristensen	bec522f0df	small changes based on review feedback	2019-09-11 11:26:59 +01:00
Esben Sparre Andreasen	086c473c18	JS: sharpen js/http-to-file-access	2019-09-11 12:05:33 +02:00
Esben Sparre Andreasen	0e31cad027	JS: simplify `this.getStringValue()` to `getStringValue()`	2019-09-11 10:56:49 +02:00
Esben Sparre Andreasen	ee106ccff9	JS: simplify `asExpr().getStringValue()` calls	2019-09-11 10:56:57 +02:00
Esben Sparre Andreasen	aab17850d1	JS: eliminate redundant `ConstantString` casts	2019-09-11 10:56:49 +02:00
Esben Sparre Andreasen	e41080fb40	JS: add RemoteServerResponse as a heuristic remote flow source	2019-09-11 09:38:18 +02:00
Esben Sparre Andreasen	f7bfc472c1	JS: treat server responses as untrusted for command injections	2019-09-11 09:38:18 +02:00
Esben Sparre Andreasen	3e42b078e8	JS: minor additions to ClientRequest::getAResponseDataNode	2019-09-11 09:24:59 +02:00
Erik Krogh Kristensen	62d1f66fda	avoid extending the abstract LoopStmt class	2019-09-10 17:08:00 +01:00
Erik Krogh Kristensen	97fc10e669	Add query for detecting potential DOS form a tainted .length property	2019-09-10 14:59:48 +01:00
semmle-qlci	df1bf4a95b	Merge pull request #1907 from asger-semmle/mongoose-types Approved by xiemaisi	2019-09-10 12:05:57 +01:00
Max Schaefer	bdba647bf5	Merge pull request #1893 from erik-semmle/addXLinkHref JS: add xlink:href as xss target when using setAttribute	2019-09-09 15:56:47 +01:00
Asger F	ea446f2aa1	JS: Use type info in mongodb/mongoose model	2019-09-09 15:35:26 +01:00
Asger F	8e397ad203	JS: Use type tracking in mongodb/mongoose model	2019-09-09 15:35:23 +01:00
semmle-qlci	89cba089b4	Merge pull request #1892 from asger-semmle/event-handler-sink Approved by esben-semmle	2019-09-09 15:33:21 +01:00
Erik Krogh Kristensen	03b210a8e1	made the two Passport classes in the Express model private	2019-09-09 13:04:47 +01:00
semmle-qlci	2283195ebd	Merge pull request #1871 from asger-semmle/type-tracking-through-imports Approved by xiemaisi	2019-09-09 12:25:06 +01:00
Erik Krogh Kristensen	26f6b1d186	add model for passport.use in the Express model	2019-09-09 12:01:11 +01:00
Asger F	631ff27d31	JS: Use ValueNode for all ImportSpecifiers	2019-09-09 10:53:13 +01:00
Asger F	afcdc12e7b	JS: Use ValueNode, not SSA node, to model NamedImportSpecifier	2019-09-09 10:51:17 +01:00
Esben Sparre Andreasen	2a22471975	JS: address review comments	2019-09-09 10:31:40 +02:00
Esben Sparre Andreasen	5d6997c1c9	JS: additional extraction metrics cleanup	2019-09-09 09:05:12 +02:00
Esben Sparre Andreasen	03d38ca54b	JS: simplify cache interaction	2019-09-09 09:05:12 +02:00
Esben Sparre Andreasen	6dbe827dd3	JS: add QL classes for the extraction metrics	2019-09-09 09:05:12 +02:00

1 2 3 4 5 ...

1185 Commits