hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

101 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
cebd24156c support that the base is not a method-call in getAChainedMethodCall 2022-03-09 11:12:04 +01:00
Erik Krogh Kristensen
203212657e recognize modules imported by AMD imports as library inputs 2022-02-23 10:39:45 +01:00
Erik Krogh Kristensen
eb56a5aef3 support more patterns that recognize valid numbers 2022-02-10 19:50:35 +01:00
Erik Krogh Kristensen
d6721ec574 implement a isNaN guard for unsafe-shell-command-construction 2022-02-09 09:51:57 +01:00
Erik Krogh Kristensen
0584a6acaf recognize a nodejs re-exports in a loop 2022-02-07 10:12:38 +01:00
Erik Krogh Kristensen
c664d7cfb3 add a getMaybePromisifiedCall method in API graphs, and use it to model child_process 2021-08-25 10:27:09 +02:00
Erik Krogh Kristensen
17c4bbbc4e allow parameters that end with "Command" in js/shell-command-constructed-from-input 2021-04-12 09:57:40 +02:00
Erik Krogh Kristensen
30ba69d991 treat "files" in a package.json as main modules, if "main" is not present 2021-04-08 14:42:12 +02:00
Erik Krogh Kristensen
365b4d722d backtrack string-concatenations from shell-execution sinks 2021-04-07 15:34:54 +02:00
CodeQL CI
073a43ce74 Merge pull request #5606 from erik-krogh/shellInput 
Approved by esbena
 2021-04-07 14:30:31 +01:00
Erik Krogh Kristensen
c9f54ea1ad update expected output 2021-04-07 12:37:17 +00:00
CodeQL CI
fd4e8f8282 Merge pull request #5526 from erik-krogh/quotedShell 
Approved by esbena
 2021-04-07 08:39:01 +01:00
Erik Krogh Kristensen
41b89669a9 add joined paths as a sink to js/shell-command-constructed-from-input 2021-04-06 12:14:00 +02:00
Erik Krogh Kristensen
3d49b8cb91 consider quoted string concatenations as sanitizers for js/shell-command-injection-from-environment 2021-03-25 15:17:02 +01:00
Erik Krogh Kristensen
77ba7b473d Merge branch 'main' into topPack 2021-03-25 11:52:58 +01:00
Erik Krogh Kristensen
3b6b40489f Merge branch 'main' into topPack 2021-03-25 09:58:15 +01:00
Erik Krogh Kristensen
c146b27c1a Merge branch 'main' into shellTrue 2021-03-24 20:09:23 +01:00
Erik Krogh Kristensen
8949b9eb0a add shell interpreted arrays as sinks for js/shell-command-constructed-from-input 2021-03-19 15:59:06 +01:00
Erik Krogh Kristensen
d489d63b8e recognize object transformations in module.exports when looking for library inputs 2021-03-18 20:54:33 +01:00
Erik Krogh Kristensen
28ad667578 add model for async-execute 2021-03-18 19:40:46 +01:00
Erik Krogh Kristensen
67a5831ac0 update expected output 2021-03-18 13:59:44 +01:00
Erik Krogh Kristensen
010d580f8e add model for multiparty 2021-02-11 09:34:04 +01:00
Erik Krogh Kristensen
61b4ffec3d add remote flow from the Formidable library 2021-02-11 09:34:04 +01:00
Erik Krogh Kristensen
a03f4ed3cd add remote flow source for busboy 2021-02-11 09:34:02 +01:00
Erik Krogh Kristensen
e2fbf8a68c add files uploaded with multer as RemoteFlowSource 2021-02-11 09:33:15 +01:00
Erik Krogh Kristensen
2aa59a3f8b support sanitizers that sanitize individual chars in js/shell-command-constructed-from-input 2021-01-07 13:58:25 +01:00
Erik Krogh Kristensen
bfd8d1b1e9 Merge branch 'main' into revertSum 2021-01-06 23:04:08 +01:00
Erik Krogh Kristensen
f1cee70e82 add class-field flowstep to js/shell-command-constructed-from-input 2021-01-06 14:37:00 +01:00
Erik Krogh Kristensen
530a4aea35 Merge branch 'main' into shellSanitizer 2020-12-22 13:57:15 +01:00
CodeQL CI
2bb96369f1 Merge pull request #4868 from erik-krogh/boundShell 
Approved by esbena
 2020-12-22 03:35:42 -08:00
Erik Krogh Kristensen
da9a4e5267 add test 2020-12-22 11:22:25 +01:00
Esben Sparre Andreasen
ab4f3ea259 JS: fixup for execa.shell and execa.shellSync models 2020-12-22 09:06:18 +01:00
Esben Sparre Andreasen
ba714a1214 JS: add execa.shell tests 2020-12-22 09:01:43 +01:00
Erik Krogh Kristensen
876ba7ef2d add typeof sanitizer to js/shell-command-constructed-from-input 2020-12-21 14:16:55 +01:00
Erik Krogh Kristensen
fd0d5c9e46 add command parsing model for "commander" 2020-11-27 09:58:00 +00:00
Erik Krogh Kristensen
653ebf7668 add command parsing model for "dashdash" 2020-11-27 09:57:05 +00:00
Erik Krogh Kristensen
269de49196 add model for "meow" 2020-11-27 09:57:05 +00:00
Erik Krogh Kristensen
c5ac98d2e8 add command parsing model for command-line-args 2020-11-27 09:57:05 +00:00
Erik Krogh Kristensen
f33cd8bc8e add command parsing model for argparse 2020-11-27 09:57:05 +00:00
Erik Krogh Kristensen
45067ee651 add command parsing model for "arg" 2020-11-27 09:57:05 +00:00
Erik Krogh Kristensen
821b4be522 more accurately model command parsers that take process.argv as an argument 2020-11-27 09:56:50 +00:00
Max Schaefer
4100ab2919 JavaScript: Add another test to show that flow through functions still works. 2020-10-14 10:03:27 +01:00
Max Schaefer
1c04c07f07 JavaScript: Eliminate source of false positives in UnsafeShellCommandConstruction. 2020-10-14 10:03:04 +01:00
Max Schaefer
cd33d358aa JavaScript: Add a test showing a false positive from UnsafeShellCommandConstruction due to infeasible paths. 
The path from the API entry point to the sink contains a "return" step. A client of the library cannot match that step, resulting in an infeasible path.
 2020-10-12 14:50:47 +01:00
Max Schaefer
dc7b447895 JavaScript: Make alert locations for command injection more precise. 2020-09-23 14:07:36 +01:00
Max Schaefer
439aadf0b6 JavaScript: Do even more type tracking in command injection. 2020-09-23 14:07:36 +01:00
Max Schaefer
ef18b39124 JavaScript: Fix use of type backtracker in IndirectCommandArgument.qll. 2020-09-23 14:07:36 +01:00
Max Schaefer
825fc2228b JavaScript: Add two new command-injection tests. 2020-09-23 14:07:36 +01:00
Erik Krogh Kristensen
320879bc1e recognize colon in command-prefixes 2020-09-07 13:12:38 +02:00
CodeQL CI
a4f8b19ae4 Merge pull request #3876 from erik-krogh/CWE078-Correctness 
Approved by esbena
 2020-08-03 15:38:51 +01:00