hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 22:44:52 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,980 Commits 1,741 Branches 165 Tags
b75486bb5829495f69a739d0bdbe5d8dafddccc4
Commit Graph

344 Commits

Author SHA1 Message Date
Max Schaefer
3b1e6c362c JavaScript: Address review comments. 2019-11-14 17:11:59 +00:00
Erik Krogh Kristensen
e49b5e4afc up precision from low to medium, and fix tab/spaces 2019-11-14 17:42:16 +01:00
Erik Krogh Kristensen
7137a64b7d Added query for detecting XSS that happens through an exception 2019-11-14 17:04:00 +01:00
Max Schaefer
f804d316d7 Update javascript/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2019-11-13 12:24:19 +00:00
Max Schaefer
ab583b7994 JavaScript: Add query IncompleteUrlSchemeCheck.ql. 2019-11-13 10:27:18 +00:00
Max Schaefer
155cea7b5b Revert "JavaScript: Improve double-escaping query" 2019-11-12 22:54:12 +00:00
Sauyon Lee
0040c9fb4c Update links to OWASP cheat sheet 2019-11-06 20:21:47 -08:00
semmle-qlci
eb6e8866fa Merge pull request #2247 from max-schaefer/odasa-8149 
Approved by asger-semmle, esbena
 2019-11-05 09:40:54 +00:00
Max Schaefer
016808b92e JavaScript: Address review comments. 2019-11-04 17:00:12 +00:00
Max Schaefer
3bbded57d3 JavaScript: Autoformat. 2019-10-30 14:49:18 +00:00
Max Schaefer
bb0771b36c JavaScript: Deal with escape-unescape-escape (and similar) chains. 2019-10-30 14:49:01 +00:00
Max Schaefer
8c133ff61d JavaScript: Deal with (un-)escaping on captured variables. 2019-10-30 14:46:50 +00:00
Max Schaefer
a8214ce7ee JavaScript: Fix regexes for escaping schemes. 2019-10-30 14:15:59 +00:00
Max Schaefer
5349e0f881 JavaScript: Recognise wrapped chains of replacements. 2019-10-30 13:14:38 +00:00
Max Schaefer
02d16b1dc9 JavaScript: Recognise wrapped string replacement functions. 2019-10-30 13:01:17 +00:00
Max Schaefer
aaeca32519 JavaScript: Recognize string escaping using .replace with a callback. 2019-10-30 12:45:32 +00:00
Max Schaefer
bd1c99d8a4 JavaScript: Recognise JSON.stringify and JSON.parse as escaper/unescaper. 2019-10-30 12:38:05 +00:00
Max Schaefer
63f24476e9 JavaScript: Refactor DoubleEscaping.ql. 2019-10-30 10:59:14 +00:00
Max Schaefer
278ea90049 JavaScript: Collapse flow labels at start/end nodes to avoid duplication. 2019-10-29 15:24:40 +00:00
Max Schaefer
316962233c JavaScript: Factor out MidPathNode into its own class. 2019-10-29 15:24:40 +00:00
semmle-qlci
d2f3574427 Merge pull request #2165 from erik-krogh/dosHigh 
Approved by asger-semmle
 2019-10-25 16:28:07 +01:00
Erik Krogh Kristensen
1ae8e25603 change precision of js/loop-bound-injection and fix a false positive 2019-10-22 09:21:19 +02:00
Esben Sparre Andreasen
5a983cb535 JS: add query js/shell-command-injection-from-environment 2019-10-21 23:31:55 +02:00
Esben Sparre Andreasen
e1d7434be4 JS: add query js/useless-regexp-character-escape 2019-10-16 00:15:54 +02:00
semmle-qlci
e2c941c577 Merge pull request #1916 from erik-krogh/taintedLength 
Approved by asger-semmle, xiemaisi
 2019-09-23 11:47:48 +01:00
Erik Krogh Kristensen
7671b6759b import DataFlow::PathGraph from the ql file instead of the qll file 2019-09-19 11:59:45 +02:00
semmle-qlci
57a6c0c20d Merge pull request #1918 from esben-semmle/js/improve-getAResponseDataNode 
Approved by asger-semmle
 2019-09-18 14:03:45 +01:00
semmle-qlci
b4b7314757 Merge pull request #1941 from xiemaisi/js/fix-incorrect-suffix-check-performance 
Approved by asger-semmle
 2019-09-18 12:31:46 +01:00
Esben Sparre Andreasen
ac6554b7da Merge branch 'master' into js/improve-getAResponseDataNode 2019-09-17 13:18:41 +02:00
Max Schaefer
df739e0fca JavaScript: Fix performance regression in IncorrectSuffixCheck. 2019-09-16 15:25:17 +01:00
Esben Sparre Andreasen
a5645e168a JS: exclude keys from whitelist 2019-09-16 10:13:18 +02:00
Esben Sparre Andreasen
0e2d2f8662 JS: whitelist some hardcoded dummy-passwords in two queries 2019-09-16 10:11:43 +02:00
Erik Krogh Kristensen
3fb64abb09 fix consistency and spelling in the documentation 
suggestions from the documentation team

Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
 2019-09-13 14:52:11 +01:00
Erik Krogh Kristensen
c4f27ed4cc rename TaintedLength to LoopBoundInjection 2019-09-13 11:12:01 +01:00
Erik Krogh Kristensen
673e883c21 use superscript to denote the size of the tainted object 2019-09-13 11:00:11 +01:00
Erik Krogh Kristensen
5b2b60f132 change DOS to DoS, and other small documentation fixes 
Co-Authored-By: Max Schaefer <max@semmle.com>
 2019-09-13 10:26:01 +01:00
Erik Krogh Kristensen
119b1ffb80 changes based on review from max 2019-09-12 16:30:42 +01:00
Erik Krogh Kristensen
3d359bc8dc Merge remote-tracking branch 'upstream/master' into taintedLength 2019-09-12 15:24:36 +01:00
Erik Krogh Kristensen
30f1bcf5bc updated query ID and expected output 2019-09-12 15:24:33 +01:00
Erik Krogh Kristensen
2db0cdf4e2 two small qhelp fixes 2019-09-12 10:00:08 +01:00
Erik Krogh Kristensen
493a31d98d more fixes based on review 2019-09-11 12:53:59 +01:00
Erik Krogh Kristensen
bec522f0df small changes based on review feedback 2019-09-11 11:26:59 +01:00
Esben Sparre Andreasen
086c473c18 JS: sharpen js/http-to-file-access 2019-09-11 12:05:33 +02:00
Esben Sparre Andreasen
ee106ccff9 JS: simplify asExpr().getStringValue() calls 2019-09-11 10:56:57 +02:00
Esben Sparre Andreasen
aab17850d1 JS: eliminate redundant ConstantString casts 2019-09-11 10:56:49 +02:00
semmle-qlci
16c95d8c5e Merge pull request #1876 from esben-semmle/js/more-delimiter-stripping-whitelisting 
Approved by xiemaisi
 2019-09-11 09:16:57 +01:00
Esben Sparre Andreasen
f7bfc472c1 JS: treat server responses as untrusted for command injections 2019-09-11 09:38:18 +02:00
Erik Krogh Kristensen
72bbd4ded1 fix spelling mistake 2019-09-10 17:13:44 +01:00
Erik Krogh Kristensen
6bb9781466 remove <br/> tags 2019-09-10 16:57:15 +01:00
Erik Krogh Kristensen
97fc10e669 Add query for detecting potential DOS form a tainted .length property 2019-09-10 14:59:48 +01:00