hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 16:04:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,982 Commits 1,679 Branches 158 Tags
c185cededfaa727cf7b86ec37ed51203c69597a1
Commit Graph

304 Commits

Author SHA1 Message Date
Asger Feldthaus
c185cededf JS: More pruning and more data flow 2020-02-04 15:06:42 +00:00
Erik Krogh Kristensen
5ff958a9cf fix compilation of PrototypePollutionUtility after refactor 2020-02-03 09:39:41 +01:00
Erik Krogh Kristensen
72114a48f5 rename getASourceAccess to getAnAliasedSourceNode 2020-01-31 15:34:58 +01:00
Erik Krogh Kristensen
279c584bb8 fix FP in js/path-injection by recognizing more prefix checks 2020-01-31 11:03:11 +01:00
Asger F
701d9989be Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-28 12:46:51 +00:00
Asger F
310dd05185 Update javascript/ql/src/Security/CWE-352/MissingCsrfMiddleware.ql 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-28 12:46:34 +00:00
Asger Feldthaus
b98db62e82 JS: Recognize req.user a cookie access 2020-01-24 09:44:20 +00:00
Asger Feldthaus
a68bb9ffd1 JS: Ignore calls and csrf/captcha access 2020-01-23 15:32:05 +00:00
Asger Feldthaus
b1ec3e1bf2 JS: Add test and dont check predecessors 2020-01-23 14:59:03 +00:00
Asger Feldthaus
406c6eb981 JS: Sharpen missing CSRF middleware query 2020-01-23 14:22:49 +00:00
Asger F
7a1d068f1c Update javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.qhelp 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-01-16 09:47:18 +00:00
Asger Feldthaus
2245882441 JS: Add change note and fix cwe tags 2020-01-14 10:53:40 +00:00
Asger Feldthaus
d76859b7df JS: Address review comments 2020-01-14 10:53:00 +00:00
Asger F
9bd3c4a11c JS: Add sanitizer for "in" exprs 2020-01-14 10:53:00 +00:00
Asger F
bd9405ab84 JS: Guard against more FPs 2020-01-14 10:52:59 +00:00
Asger F
738123d3f5 JS: More sanitizers 2020-01-14 10:52:59 +00:00
Asger F
f7543aec95 JS: Support Reflect.ownKeys 2020-01-14 10:52:59 +00:00
Asger F
8af233307a JS: Support enumeration through Object.entries 2020-01-14 10:52:59 +00:00
Asger F
ac2f0a8e11 JS: Do not require flow from key -> rhs 2020-01-14 10:52:59 +00:00
Asger F
96bf9db200 JS: Add another test and more barriers 2020-01-14 10:52:59 +00:00
Asger F
bc7871078a JS: Fix FPs from Object.create(null) 2020-01-14 10:52:59 +00:00
Asger F
654f145772 JS: Add PrototypePollutionUtility query 2020-01-14 10:52:59 +00:00
Erik Krogh Kristensen
e27a69960d update description 2019-11-27 11:17:19 +01:00
Erik Krogh Kristensen
b5a57986c6 small changes based on review feedback 2019-11-26 15:57:31 +01:00
Erik Krogh Kristensen
f284b3a2bb Merge remote-tracking branch 'upstream/master' into exceptionXss 2019-11-26 10:54:04 +01:00
Erik Krogh Kristensen
7ee12a3420 change doc based on review feedback 2019-11-26 10:48:24 +01:00
Erik Krogh Kristensen
f40d79271d cleanup module imports and update expected outputs 2019-11-22 13:55:47 +01:00
Max Schaefer
1951461f55 JavaScript: Simplify DoubleEscaping. 
Undo previous work on generalising the concept of a replacement, which did not work out.
 2019-11-22 09:24:34 +00:00
Max Schaefer
ff002a7af4 JavaScript: Whitelist more harmless incomplete escapes. 2019-11-22 09:24:34 +00:00
Max Schaefer
659cc812fe JavaScript: Rephrase two predicates to help the optimiser. 2019-11-22 09:24:34 +00:00
Max Schaefer
db3eaa23ef JavaScript: Introduce modelling of String.prototype.replace and use it in two queries. 2019-11-22 09:24:34 +00:00
Max Schaefer
12ea81af9c JavaScript: Move getAMatchedConstant(RegExpTerm) into the library. 2019-11-22 09:24:34 +00:00
Max Schaefer
a5a5debdc7 JavaScript: Move getStringValue(RegExpLiteral) into the library. 2019-11-22 09:24:34 +00:00
Max Schaefer
0edb70f373 JavaScript: Deal with escape-unescape-escape (and similar) chains. 2019-11-22 09:24:34 +00:00
Max Schaefer
cb54618a5d JavaScript: Deal with (un-)escaping on captured variables. 2019-11-22 09:24:34 +00:00
Max Schaefer
61aa075e8d JavaScript: Fix regexes for escaping schemes. 2019-11-22 09:24:34 +00:00
Max Schaefer
4f899a9b0d JavaScript: Recognize string escaping using .replace with a callback. 2019-11-22 09:24:34 +00:00
Max Schaefer
5dcf55e113 JavaScript: Refactor DoubleEscaping.ql. 2019-11-22 09:24:34 +00:00
semmle-qlci
8cca9b05ea Merge pull request #2393 from max-schaefer/js/improve-incomplete-sanitization-docs 
Approved by mchammer01
 2019-11-21 16:04:19 +00:00
Max Schaefer
cb20de8070 JavaScript: Add a warning to IncompleteSanitization help. 
Sanitizing away multi-character strings using regular expressions is tricky business, and we should probably warn about it.
 2019-11-20 11:57:50 +00:00
Max Schaefer
5565be14fc JavaScript: Teach IncompleteSanitization to flag incomplete path sanitizers. 2019-11-19 15:06:16 +00:00
Erik Krogh Kristensen
1b81526691 Merge remote-tracking branch 'upstream/master' into exceptionXss 2019-11-17 09:29:54 +01:00
Erik Krogh Kristensen
3b9847e075 apply suggestions from max 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-17 09:01:48 +01:00
Erik Krogh Kristensen
e95cceef1d import all the shared XSS sources and sinks 2019-11-15 15:41:53 +01:00
Erik Krogh Kristensen
65a018ceed use flow labels to avoid dual configurations 2019-11-15 14:37:46 +01:00
Asger F
66db38266b JS: Add qldoc to HostnameRegexpShared 2019-11-15 09:27:21 +00:00
Asger F
77e5305b9b Update javascript/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2019-11-15 09:27:21 +00:00
Asger F
4d1f7836f2 JS: Check for [^.] 2019-11-15 09:27:21 +00:00
Asger F
a7a90b4b7e JS: Disregard capture groups in lookaround assertions 2019-11-15 09:27:20 +00:00
Asger F
153d34638b JS: Fix a FP 2019-11-15 09:27:20 +00:00