hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
71,674 Commits 1,673 Branches 157 Tags
d1c9e47d231834736824a4d615a38a041a37f50e
Commit Graph

71674 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger F
d1c9e47d23 JS: More aggressive test file classification 2024-11-19 13:23:32 +01:00
Asger F
01669908f2 JS: Block InsecureRandomness flow into test files 2024-11-19 13:23:31 +01:00
Asger F
80a5a5909e JS: Use getUnderlyingValue() a few places in VariableCapture 2024-11-19 13:23:29 +01:00
Asger F
d2daec4c66 JS: Add tests explaining why the IIFE in f2 didn't work 2024-11-19 13:23:24 +01:00
Asger F
023dcce400 JS: Disable variable capture heuristic 
Bailing out can be more expensive as the resulting jump steps themselves
cause perf issues. The limit of 100 variables per scope has also been
added in the interim, which handles the cases that this needed to cover.
 2024-11-18 13:44:10 +01:00
Asger F
37676f41aa JS: Remove jump steps from IIFE steps 2024-11-18 13:38:34 +01:00
Asger F
7f2eae0966 JS: Add test case for false flow through IIFEs 
We generate local flow steps into and out of IIFEs, but these come jump steps automatically, resulting in FPs.
 2024-11-18 13:34:35 +01:00
Asger F
7acc5689cf JS: Port exception steps to a universal summary 2024-11-18 13:27:58 +01:00
Asger F
5ed362f7d6 JS: Add exception test case 2024-11-18 13:23:09 +01:00
Asger F
33b7ba41ca Merge pull request #17535 from asgerf/jss/use-use-flow 
JS: Follow use-use flow after a post-update
 2024-11-18 12:48:58 +01:00
Asger F
80ee372ddf JS: Replace an unused value with _ 2024-11-12 11:24:17 +01:00
Asger F
637baabe37 JS: Clarify why there are no SSA definitions 2024-11-12 11:23:35 +01:00
Asger F
2fb108419c JS: Only parameter-calls as lambda calls 2024-10-29 08:32:15 +01:00
Asger F
1e9e57e46e JS: Fix missing qldoc 2024-10-29 08:32:14 +01:00
Asger F
52ba91a7f8 JS: Updates to nodes/edges in tests 
Only changes to nodes/edges for various reasons, no actual result changes
 2024-10-29 08:32:13 +01:00
Asger F
1243188825 JS: Update CleartextLogging with fixed FP 2024-10-29 08:32:11 +01:00
Asger F
18b39460f5 JS: Add regained results in UnsafeJQueryPlugin 
These were marked as 'NOT OK' in the test file, but weren't previously flagged for some reason
 2024-10-29 08:32:10 +01:00
Asger F
d3e70c1e97 JS: Add in-barrier to XSS query 
This is a bit of a bandaid to cover issues with the push() method on next/router being
treated as an array push, which causes it to flow into other taint sources.
 2024-10-29 08:32:08 +01:00
Asger F
1b85feb1fa JS: Add imprecise post-update steps for when a captured var/this is not tracked precisely 
With the capture library we sometimes bails out of handling certain functions for scalability reasons.

This means we have a notion of "captured but imprecisely-tracked" variables and 'this'. In these cases we go back to propagating flow from a post-update node to the local source.
 2024-10-29 08:32:07 +01:00
Asger F
d557c7689c JS: Update a test that now has more precise output 2024-10-29 08:32:06 +01:00
Asger F
1efef2ca3c JS: Change rule for getPostUpdateForStore 
This causes less wobbles in test outputs
 2024-10-29 08:32:05 +01:00
Asger F
ad52b71922 JS: Update immutable.js test to clarify why it stopped working 
The Immutable model uses the 'd' and 'f' properties to model Map content, but the test doesn't actually mention those properties, so they were missing from the PropertyName class.

The flow was previously found spuriously by the regular Map model, which also adds flow through the  get/set calls. This flow is however no longer found since it relied on a step from post-update back to getALocalSource which is no longer present.
 2024-10-29 08:32:03 +01:00
Asger F
c0997c28cb JS: Reveal issue with immutable.js test 
Fixed in the next commit
 2024-10-29 08:32:02 +01:00
Asger F
4473e6d977 JS: Update test with some post-update consistency checks gone 
For a constructor call, the return value acts as the post-update node for the 'this' argument. The fact that constructor calls are sometimes PostUpdateNodes causes some of these harmless alerts.

The warnings have disappeared in some cases because we no longer target getALocalSource() so the target is no longer the constructor call.
 2024-10-29 08:32:01 +01:00
Asger F
cb874945bf Test updates from introduction of implicit 'this' 2024-10-29 08:31:59 +01:00
Asger F
bd94fe1574 JS: Explain false positive in test case 2024-10-29 08:31:58 +01:00
Asger F
e05e077b33 JS: Block jump steps through 'this' now that the capture lib handles 'this' 2024-10-29 08:31:57 +01:00
Asger F
16b08b74eb JS: Add test showing potential for FPs when handling refinement guards 2024-10-29 08:31:55 +01:00
Asger F
958602e43e JS: Cache getARead (as per instructions in the SSA library) 2024-10-22 12:46:20 +02:00
Asger F
e784813c3b JS: Make barrier guards work with use-use flow 2024-10-22 12:46:19 +02:00
Asger F
67fdd864c9 JS: Add TODO 2024-10-22 12:46:18 +02:00
Asger F
81af9a1658 Fix missing flow through super calls 2024-10-22 12:46:17 +02:00
Asger F
12370e9210 JS: Use VariableOrThis in variable capture as well 2024-10-22 12:46:16 +02:00
Asger F
0ebe8bdd91 JS: Add test for missing capture flow for 'this' 2024-10-22 12:46:15 +02:00
Asger F
d31499d727 JS: introduce implicit this uses in general 2024-10-22 12:46:14 +02:00
Asger F
8dc0505f84 JS: Add test for missing flow into 'this' in field initializers 2024-10-22 12:46:13 +02:00
Asger F
c3c003b275 JS: Fix post-update flow into 'this' 2024-10-22 12:46:11 +02:00
Asger F
9fc99d6f9d JS: Fix store into object literals that have a post-update node 2024-10-22 12:46:11 +02:00
Asger F
d626e79ed3 JS: Add two test cases for missing flow 2024-10-22 12:46:10 +02:00
Asger F
992c144559 JS: Add qldoc to file 2024-10-22 12:46:09 +02:00
Asger F
beaacf96b3 JS: Rename Internal -> Cached since whole file is internal now 2024-10-22 12:46:08 +02:00
Asger F
3fca27bee2 JS: Fix indentation 
Only formatting changes
 2024-10-22 12:46:07 +02:00
Asger F
ed0af958a9 JS: Add Public module and only expose that 
Indentation will be fixed in next commit
 2024-10-22 12:46:06 +02:00
Asger F
3b663bd2f6 JS: Remove BasicBlockInternal module and mark relevant predicates as public 
This exposes the predicates publicly, but will be hidden again in the next commit.
 2024-10-22 12:46:04 +02:00
Asger F
211b42d0ce JS: Move BasicBlocks.qll -> internal/BasicBlocksInternal.qll 2024-10-22 12:46:03 +02:00
Asger F
9e600424cc JS: Remove unused predicate 2024-10-22 12:46:02 +02:00
Asger F
78e961cef3 JS: Add use-use flow 2024-10-22 12:46:01 +02:00
Asger F
81e74d8bb5 JS: Add test case for spurious flow from lack of use-use 2024-10-22 12:46:00 +02:00
Asger F
7363b578b1 JS: Instantiate shared SSA library 
JS: Remove with statement comment
 2024-10-22 12:45:58 +02:00
Asger F
a258489551 JS: Refactor some internal methods to make them easier to alias 
We need these to return the dominator instead of declaring it in the parameter list, so that we can use it directly to fulfill part of the signature for the SSA library.

We can't rewrite it with an inline predicate since the SSA module calls with a transitive closure '*', which does not permit inline predicates.
 2024-10-22 12:45:57 +02:00