hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
72,445 Commits 1,673 Branches 157 Tags
e1aff15f2980f277cdd5c148f192d17b1ebb67cc
Commit Graph

10392 Commits

Author SHA1 Message Date
Asger F
054558d7b5 JS: Include content properties in type-tracker properties 
Reminder: we have two PropertyName classes because the one in Contents.qll can't depend on DataFlow::Node.
 2024-12-03 09:58:54 +01:00
Asger F
8bca66493f JS: Add test showing lack of inclusion in PropertyName 2024-12-03 09:57:02 +01:00
Asger F
cab8a40d00 JS: Fix accidental recursion 2024-11-29 14:23:57 +01:00
Asger F
9c6b6981e2 JS: Add test to restrict dependencies 2024-11-29 14:23:56 +01:00
Asger F
2f0c80a98b JS: Include summary steps in type tracking 2024-11-29 14:23:55 +01:00
Asger F
440cbb7f0a JS: Add inline-expectation test for type tracking 2024-11-29 14:23:54 +01:00
Asger F
6349903110 JS: Move FlowSummary/Summaries.qll into testUtilities 2024-11-29 14:23:52 +01:00
Asger F
e34064e3b5 JS: Initial instantiation of sumamry type tracking 
Instantiates the library without using it yet.
 2024-11-29 14:23:50 +01:00
Asger F
df12f255ac JS: Rename propagatesFlowExt -> propagatesFlow 2024-11-29 14:23:49 +01:00
Asger F
805fd0b46e JS: Refine speculative step definition 2024-11-26 15:56:56 +01:00
Asger F
8818fcc207 JS: Benign test output changes 2024-11-26 15:47:13 +01:00
Asger F
c94a01e6b6 JS: Remove reference to argsParseStep 
This was removed as part of the PR that introduced threat models.
 2024-11-26 15:36:47 +01:00
Asger F
bf62582f53 JS: Implement 'speculativeTaintStep' 
It is a mandatory part of the interface now; just providing a bare-bones implementation for rather than 'none()'
 2024-11-26 15:36:46 +01:00
Asger F
82d61e4194 Merge branch 'js/shared-dataflow-branch' into js/shared-dataflow-merge-main 2024-11-26 15:36:16 +01:00
Asger F
f073f3b791 JS: Rename file to foo.test.js 2024-11-26 13:44:00 +01:00
Asger F
65da9b41b5 JS: Add cross-file test in InsecureRandom 2024-11-26 13:43:24 +01:00
Asger F
b4bd8e701c JS: Add test for file classification change 2024-11-26 12:33:39 +01:00
Asger F
930a7b6e28 JS: Update output changes to nodes/edges/subpaths 2024-11-21 13:33:39 +01:00
Asger F
7a77432024 JS: Update lost result in insecure-download 
The VariableCapture library consumes one component of the access path limit, which means we lose this result
 2024-11-21 13:33:10 +01:00
Asger F
1ac7591faf JS: Update missed flow in capture-flow.js 
We previously caught this flow because of a heuristic in capture flow. We'll have to fix it properly later.
 2024-11-21 12:57:34 +01:00
Asger F
9dad2d62d7 JS: Update DataFlowConsistency 2024-11-21 12:54:11 +01:00
Asger F
ce00bd2cc9 JS: More docs 2024-11-21 11:06:43 +01:00
Asger F
4e62a512c5 JS: Only apply exception propagator when no other summary applies 
Previously a few Promise-related methods were special-cased, which is no longer needed.
 2024-11-21 11:01:05 +01:00
Asger F
84820adf3c Add test for exception flow out of finally() 2024-11-21 11:01:03 +01:00
Asger F
948d21ca07 JS: Propagate exceptions from summarized callables by default 2024-11-21 10:24:31 +01:00
Asger F
dcdb2e5133 JS: Fix callback check so it works without parameters 2024-11-21 10:24:29 +01:00
Asger F
b7dd455aff JS: Add test case 2024-11-21 09:21:36 +01:00
Asger F
d52bc971b8 Merge branch 'main' into js/shared-dataflow-merge-main 2024-11-20 14:05:03 +01:00
Asger F
d1c9e47d23 JS: More aggressive test file classification 2024-11-19 13:23:32 +01:00
Asger F
01669908f2 JS: Block InsecureRandomness flow into test files 2024-11-19 13:23:31 +01:00
Asger F
80a5a5909e JS: Use getUnderlyingValue() a few places in VariableCapture 2024-11-19 13:23:29 +01:00
Asger F
d2daec4c66 JS: Add tests explaining why the IIFE in f2 didn't work 2024-11-19 13:23:24 +01:00
Asger F
023dcce400 JS: Disable variable capture heuristic 
Bailing out can be more expensive as the resulting jump steps themselves
cause perf issues. The limit of 100 variables per scope has also been
added in the interim, which handles the cases that this needed to cover.
 2024-11-18 13:44:10 +01:00
Asger F
37676f41aa JS: Remove jump steps from IIFE steps 2024-11-18 13:38:34 +01:00
Asger F
7f2eae0966 JS: Add test case for false flow through IIFEs 
We generate local flow steps into and out of IIFEs, but these come jump steps automatically, resulting in FPs.
 2024-11-18 13:34:35 +01:00
Asger F
7acc5689cf JS: Port exception steps to a universal summary 2024-11-18 13:27:58 +01:00
Asger F
5ed362f7d6 JS: Add exception test case 2024-11-18 13:23:09 +01:00
Napalys
1304ab7065 Added change notes 2024-11-18 08:05:51 +01:00
Napalys
bed1f25b3f JS: Fix: Now Array.prototype.with is properly flagged as taint step 2024-11-15 10:35:34 +01:00
Napalys
f04fd5cdcc JS: Add: Test case for Array.protype.with taint step 2024-11-15 10:27:44 +01:00
Napalys
631a3770ec JS: Add: change notes 2024-11-15 09:16:21 +01:00
Napalys Klicius
6fa3ff39a0 Merge branch 'main' into napalys/toSpliced-support 2024-11-14 16:56:32 +01:00
Napalys Klicius
c8c15a0899 Merge pull request #17910 from Napalys/napalys/matchAll-support 
JS: Support for matchAll
 2024-11-14 15:36:20 +01:00
Napalys
b333f523df JS: Fix: now one can determine regex via Array.prototype.toSpliced function call. 2024-11-14 15:35:03 +01:00
Napalys
2b0def1ed3 JS: Add: Test case for checking if regex via using toSpliced 2024-11-14 15:31:38 +01:00
Napalys
52330e834c JS: Add: Test case for checking if regex via using splice 2024-11-14 15:29:05 +01:00
Napalys
84234d59b9 JS: Fix: Ensure toSpliced with spread operator is flagged 2024-11-13 17:21:34 +01:00
Napalys
8512cb44ff JS: Add: Test cases for toSpliced with spread operator 2024-11-13 17:18:09 +01:00
Napalys
cf90430ec0 JS: Add: Missing test case for splice spread operator 2024-11-13 17:07:17 +01:00
Napalys
2df3d1b251 JS: Fix: Ensure toSpliced is flagged by taint tracking in test suite (ed44358143) 2024-11-13 15:58:20 +01:00