747 Commits

Author	SHA1	Message	Date
Erik Krogh Kristensen	c0152a46bc	rename getAReferencedExpression to getASimpleReferenceExpression and add examples of what it can parse	2022-05-05 11:02:47 +02:00
Erik Krogh Kristensen	8e2b00d209	make the big disjunctions more readable by using a set literal	2022-05-04 16:15:17 +02:00
Erik Krogh Kristensen	31a4de902e	add missing security severity	2022-05-04 16:15:17 +02:00
Erik Krogh Kristensen	df4bfef8c7	expand the qhelp for js/actions/injection	2022-05-04 16:14:59 +02:00
Erik Krogh Kristensen	48fb01f9f7	set js/actions/injection as a high precision warning query	2022-05-04 16:14:54 +02:00
Erik Krogh Kristensen	2a65d1d3ec	move js/actions/injection out of experimental	2022-05-04 16:14:19 +02:00
Stephan Brandauer	3f13a5e082	fix a FN for prototype polluting function query	2022-04-28 22:00:09 +02:00
Erik Krogh Kristensen	ff73dbc35c	delete redundant imports	2022-04-22 12:55:28 +02:00
Khang. Võ Vĩ	f4581ae866	fix PrototypePollutingAssignment examples	2022-04-22 11:55:45 +07:00
Erik Krogh Kristensen	6799232009	fix typo in qldoc	2022-04-19 11:09:27 +02:00
Erik Krogh Kristensen	2e5d435bea	add CWE-400, and add a reference to DoS attacks	2022-04-14 18:37:50 +02:00
Erik Krogh Kristensen	41bdd8f4da	minor fixes	2022-04-13 10:11:07 +02:00
Erik Krogh Kristensen	a2d2626c9c	add security severity	2022-04-12 16:34:00 +02:00
Erik Krogh Kristensen	d64df30724	reintroduce the reverted qhelp	2022-04-12 16:33:06 +02:00
Erik Krogh Kristensen	e2b7f7d05d	reintroduce the number sinks	2022-04-12 16:26:10 +02:00
Erik Krogh Kristensen	688b2b6898	use the Query.qll pattern	2022-04-12 15:52:52 +02:00
Erik Krogh Kristensen	8fb54c3f32	move js/resource-exhaustion out of experimental	2022-04-12 15:51:36 +02:00
Arthur Baars	15c54f6100	Merge pull request #8354 from aibaars/incomplete-url-string-sanitization ... Incomplete url string sanitization	2022-03-31 10:59:51 +02:00
Erik Krogh Kristensen	cf94c93b1a	Merge pull request #8481 from erik-krogh/schemeChain ... JS: recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check	2022-03-25 11:13:10 +01:00
Arthur Baars	bf888f0f0b	Merge remote-tracking branch 'upstream/main' into incomplete-url-string-sanitization ... Conflicts: config/identical-files.json javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.qll ruby/ql/src/queries/security/cwe-020/IncompleteUrlSubstringSanitization.qll	2022-03-18 16:09:20 +01:00
Arthur Baars	4a27928728	Ruby/JS add missing ^ in qhelp	2022-03-18 14:00:10 +01:00
Arthur Baars	431b60506e	Merge remote-tracking branch 'upstream/main' into incomplete-hostname	2022-03-18 13:05:34 +01:00
Erik Krogh Kristensen	235aa9c24e	recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check	2022-03-18 10:37:20 +01:00
Erik Krogh Kristensen	f083e87fa1	refactor the js/xss query to use three flowlabels and one configuration	2022-03-16 22:32:08 +01:00
Arthur Baars	ab93b3784b	Merge remote-tracking branch 'upstream/main' into incomplete-hostname	2022-03-16 12:31:12 +01:00
Erik Krogh Kristensen	2442beaf9a	add missing severities to JS queries	2022-03-16 10:40:34 +01:00
Erik Krogh Kristensen	195ce9c58a	add some API-nodes to js/disabling-certificate-validation	2022-03-14 21:33:13 +01:00
Arthur Baars	cf4b834536	Address comments	2022-03-11 14:25:34 +01:00
Erik Krogh Kristensen	69353bb014	patch upper-case acronyms to be PascalCase	2022-03-11 11:10:33 +01:00
Arthur Baars	747c7f6b5e	JS/Ruby: share implementation of IncompleteUrlSubstringSanitization query	2022-03-09 12:11:14 +01:00
Erik Krogh Kristensen	4734f1916e	Merge pull request #7598 from erik-krogh/fieldOnlyUsedInCharPred ... QL: field only used in charPred	2022-03-08 11:25:57 +01:00
Arthur Baars	98f56f4d60	Js/Ruby: Share IncompleteHostnameRegExp.ql	2022-03-07 16:10:08 +01:00
Arthur Baars	9e8930c192	Ruby: IncompleteHostnameRegExp.ql	2022-03-07 16:10:08 +01:00
CodeQL CI	62ee8fce3a	Merge pull request #8186 from asgerf/js/request-forgery-docs-followup ... Approved by esbena, hubwriter	2022-02-23 11:46:37 +00:00
Stephan Brandauer	a664e02d04	Merge pull request #8014 from kaeluka/js/functionality-from-untrusted-source ... JS: Functionality from untrusted sources query (CWE-830)	2022-02-23 12:45:31 +01:00
Stephan Brandauer	1ed71e15f3	apply docreview feedback	2022-02-23 11:21:22 +01:00
Asger Feldthaus	22ba43fff6	JS: Minor fixup in the client-side request forgery qhelp	2022-02-23 10:54:26 +01:00
Stephan Brandauer	c17d8b145a	Merge pull request #8054 from asgerf/js/split-request-forgery ... JS: split request forgery query into server-side and client-side variants	2022-02-23 10:27:16 +01:00
Erik Krogh Kristensen	73f2e89f3e	Merge pull request #8165 from erik-krogh/protoWrite ... JS: support more property writes in js/prototype-pollution-utility	2022-02-22 21:30:22 +01:00
Erik Krogh Kristensen	517e17d422	support more property writes in js/prototype-pollution-utility, and generalize ObjectDefinePropertyAsPropWrite	2022-02-22 13:23:34 +01:00
Stephan Brandauer	2278e7f6e6	CWE 830 polish error messages	2022-02-22 11:41:54 +01:00
Stephan Brandauer	82330391c3	CWE-830 add support for setting attributes via setAttribute method	2022-02-22 11:41:54 +01:00
Stephan Brandauer	d80cd1aeb5	CWE 830 test where both branches in a ternary are unsafe	2022-02-22 11:41:53 +01:00
Stephan Brandauer	2934aa1a3a	rewrite docs, improve error messages, etc	2022-02-22 11:41:53 +01:00
Stephan Brandauer	d2335b65d5	stylistic improvements after review	2022-02-22 11:41:53 +01:00
Stephan Brandauer	9aec4437e2	polish qhelp for CWE-830 and add test file	2022-02-22 11:41:53 +01:00
Stephan Brandauer	44d86569ac	remove illegal chars from comments	2022-02-22 11:41:53 +01:00
Stephan Brandauer	fd77e27ed9	replace taint tracking by type tracking and merge remaining queries for CWE-830	2022-02-22 11:41:53 +01:00
Stephan Brandauer	8cafa6d562	improve error message in CWE-830	2022-02-22 11:41:53 +01:00
Stephan Brandauer	780fa97869	always require integrity checking for certain CDNs	2022-02-22 11:41:53 +01:00