Max Schaefer
7ee0ba36af
JavaScript: Fix expected test output.
2018-12-05 10:14:25 +00:00
Aditya Sharad
3caf4e52a7
Merge rc/1.19 into next.
2018-12-04 12:39:41 +00:00
semmle-qlci
3d058a2895
Merge pull request #603 from xiemaisi/js/fix-inconsistent-new
...
Approved by asger-semmle, esben-semmle
2018-12-03 16:48:55 +00:00
Max Schaefer
8627ddbe4b
JavaScript: Adjust alert message.
2018-12-03 12:38:00 +00:00
Max Schaefer
3351650895
JavaScript: Make InconsistentNew give fewer results.
2018-11-30 16:13:46 +00:00
Max Schaefer
b17518a5eb
JavaScript: Refactor InconsistentNew to improve performance.
...
All the filtering is now done in `getALikelyCallee`, to which I have also added an additional parameter that improves the join in the `select` clause.
I've also simplified the alert message to no longer use `toString`, which isn't meant for alert messages anyway. (This is an old query.)
2018-11-30 15:40:45 +00:00
Jonas Jensen
9babb4366b
Merge remote-tracking branch 'upstream/master' into mergeback-20181130
2018-11-30 10:13:33 +01:00
semmle-qlci
adc15cad07
Merge pull request #574 from xiemaisi/js/avoid-materialisation
...
Approved by esben-semmle
2018-11-30 08:30:14 +00:00
Asger F
f85e30aa6c
Merge pull request #571 from xiemaisi/js/numeric-constant-interpreted-as-code
...
JavaScript: Add new query `HardcodedDataInterpretedAsCode`.
2018-11-29 17:07:48 +00:00
Max Schaefer
8637eaf100
JavaScript: Address review comments.
2018-11-29 10:48:44 +00:00
mc
83d4fb6711
Merge pull request #559 from xiemaisi/js/invalid-dynamic-method-call
...
JavaScript: Documentation review for new query `UnvalidatedDynamicMethodCall`.
2018-11-29 09:59:53 +00:00
Max Schaefer
5f16406ad7
JavaScript: Add new query HardcodedDataInterpretedAsCode.
2018-11-29 09:52:31 +00:00
Max Schaefer
94a5722c2a
JavaScript: Model taint propagation through new Buffer and Buffer.from.
2018-11-29 09:52:31 +00:00
Max Schaefer
4091cf410d
JavaScript: Improve detection of require calls.
2018-11-29 09:52:31 +00:00
Max Schaefer
506236994f
JavaScript: Address doc review comments.
2018-11-29 09:49:13 +00:00
semmle-qlci
d64067aaae
Merge pull request #558 from xiemaisi/js/sanitise-access-paths
...
Approved by asger-semmle
2018-11-29 08:27:58 +00:00
Max Schaefer
45574d4eaa
JavaScript: Minor change to documentation to facilitate opening another PR.
2018-11-28 13:53:28 +00:00
semmle-qlci
57a976d668
Merge pull request #555 from xiemaisi/js/invalid-dynamic-method-call
...
Approved by esben-semmle
2018-11-28 13:52:51 +00:00
Max Schaefer
fb78e14db1
JavaScript: Add support for sanitising dynamic property accesses.
...
This generalises our previous handling of sanitisers operating on property accesses to support dynamic property accesses where the property name is an SSA variable by representing them as access paths.
2018-11-28 12:37:53 +00:00
Max Schaefer
9c98aaf4bd
JavaScript: Refactor a few predicates to avoid materialisations.
2018-11-28 10:51:29 +00:00
Max Schaefer
39f1c7904b
JavaScript: Address review comments.
2018-11-28 09:44:58 +00:00
Max Schaefer
f1c538a97b
JavaScript: Restrict RemotePropertyInjection query to avoid double-reporting.
...
This query now only flags user-controlled property and header writes, method calls are handled by the new unsafe/unvalidated method call queries.
2018-11-28 08:16:31 +00:00
Max Schaefer
2889e07eb8
JavaScript: Add new query UnvalidatedDynamicMethodCall.
2018-11-28 08:16:31 +00:00
Asger F
623a80fe90
TS: declassify files with unrecognized shebang line
2018-11-27 14:59:03 +00:00
Aditya Sharad
5d5bfc215e
Merge rc/1.19 into next.
2018-11-27 12:04:46 +00:00
Max Schaefer
cf1e7cff3f
JavaScript: Move an auxiliary predicate into shared library.
2018-11-27 12:03:25 +00:00
Max Schaefer
8e54c7ab6c
Merge pull request #503 from asger-semmle/unsafe-global-object-access
...
JS: add method name injection query
2018-11-26 15:56:20 +00:00
Esben Sparre Andreasen
2d7f09d321
JS(ql): support nullish coalescing operators
2018-11-26 10:31:19 +01:00
Esben Sparre Andreasen
a2a798e59c
JS(extractor): support nullish coalescing operators
2018-11-26 09:45:19 +01:00
Max Schaefer
93f4ee8813
JavaScript: Remove Eclipse metadata files for extractor.
2018-11-26 08:24:33 +00:00
Aditya Sharad
c20b688a3f
Merge master into next.
2018-11-23 16:36:31 +00:00
semmle-qlci
04c2b23abd
Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds
...
Approved by asger-semmle
2018-11-23 12:40:40 +00:00
Asger F
b5008d8685
TS: only transfer offsets as part of the AST
2018-11-22 16:20:47 +00:00
Esben Sparre Andreasen
8c7ca38b8d
JS(extractor): improve parser support for flowtype syntax
2018-11-22 14:09:09 +01:00
Esben Sparre Andreasen
b780f82869
JS: sharpen js/clear-text-logging (ODASA-7485)
2018-11-22 13:38:43 +01:00
Asger F
61ef6552c3
JS: handle both data() and taint() source labels
2018-11-22 09:59:31 +00:00
semmle-qlci
4e72a08b8d
Merge pull request #507 from esben-semmle/js/mixed-static-intance-this-access-inheritance
...
Approved by xiemaisi
2018-11-21 16:07:25 +00:00
semmle-qlci
f5d3274655
Merge pull request #508 from esben-semmle/js/indirect-global-call-with-default-arguments
...
Approved by xiemaisi
2018-11-21 16:06:46 +00:00
semmle-qlci
746b13a1bc
Merge pull request #510 from xiemaisi/js/exclude-minified
...
Approved by asger-semmle
2018-11-21 16:06:22 +00:00
Asger F
27c9326e70
JS: address doc review
2018-11-21 14:19:14 +00:00
Esben Sparre Andreasen
72c4ef4d90
JS: fixup optional chaining on CallWithNonLocalAnalyzedReturnFlow
2018-11-21 14:18:14 +01:00
Asger F
8c7e19567b
JS: fix string value of taint configuration
2018-11-21 12:35:35 +00:00
Asger F
4ae2493798
JS: rename query to Unsafe Dynamic Method Access
2018-11-21 12:34:18 +00:00
Max Schaefer
19aa12106c
JavaScript: Teach AutoBuild to exclude minified files from extraction by default .
...
This adds default exclusion filters for `**/*.min.js` and `**/*-min.js` to the JavaScript auto-builder, meaning that files matching these patterns will no longer be extracted,
unless they are re-included in the `.lgtm.yml` file.
Alerts in minified code aren't shown by default anyway, so we can save ourselves some work by not analyzing them in the first place.
While including minified files in the snapshot can in theory improve analysis results in non-minified files, this is likely to be rare in practice.
2018-11-21 12:27:39 +00:00
Asger F
cb832b1de9
Merge branch 'unsafe-global-object-access' of github.com:asger-semmle/ql into unsafe-global-object-access
2018-11-21 11:14:21 +00:00
Asger F
84d642612e
JS: more comments
2018-11-21 11:14:13 +00:00
Max Schaefer
fa761c07bd
Update javascript/ql/src/Security/CWE-094/MethodNameInjection.ql
...
Co-Authored-By: asger-semmle <42069257+asger-semmle@users.noreply.github.com >
2018-11-21 10:55:38 +00:00
Esben Sparre Andreasen
caea6212ed
JS: use inheritance in js/mixed-static-instance-this-access
2018-11-21 09:48:37 +01:00
Esben Sparre Andreasen
01ad9ed8bc
JS: address review comments
2018-11-21 09:19:20 +01:00
Esben Sparre Andreasen
41b45352aa
JS(ql): support optional chaining
2018-11-21 08:57:10 +01:00