hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,324 Commits 1,672 Branches 157 Tags
cf76d31161bafaa5152a4e45793f9e46ef16ede2
Commit Graph

10 Commits

Author SHA1 Message Date
Max Schaefer
4100ab2919 JavaScript: Add another test to show that flow through functions still works. 2020-10-14 10:03:27 +01:00
Max Schaefer
1c04c07f07 JavaScript: Eliminate source of false positives in UnsafeShellCommandConstruction. 2020-10-14 10:03:04 +01:00
Max Schaefer
cd33d358aa JavaScript: Add a test showing a false positive from UnsafeShellCommandConstruction due to infeasible paths. 
The path from the API entry point to the sink contains a "return" step. A client of the library cannot match that step, resulting in an infeasible path.
 2020-10-12 14:50:47 +01:00
Erik Krogh Kristensen
320879bc1e recognize colon in command-prefixes 2020-09-07 13:12:38 +02:00
Erik Krogh Kristensen
dc8042adeb introduce conistency-checking for CWE-078 2020-07-06 12:47:56 +02:00
Erik Krogh Kristensen
2b2d691e45 don't treated a property from a tainted object as tainted when there exists a dominating write 2020-06-25 23:00:52 +02:00
Erik Krogh Kristensen
815671f5d0 add sanitizer guard for typeof undefined 2020-06-04 21:32:26 +02:00
Erik Krogh Kristensen
5b569a4d6d add a sanitizer for chained replace-calls 2020-05-19 19:16:58 +02:00
Erik Krogh Kristensen
fc7e9eb8c8 add test for non-tracked aliasing 2020-05-18 22:40:41 +02:00
Erik Krogh Kristensen
c8cf958c8a add test cases for js/shell-command-constructed-from-input 2020-05-17 10:32:27 +02:00