hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
92bb4b3da87ba7cdad07c053a76bae897b493fe8
codeql/javascript/ql/test
History
Asger F 4568967a76 JS: Do not use legacy taint steps in TaintedUrlSuffix 
Tainted URL suffix steps are added as configuration-specific additional
steps, which means implicit reads may occur before any of these steps.

These steps accidentally included the legacy taint steps which include
a step from 'arguments' to all positional parameters. Combined with the
implicit read, arguments could escape their array index and flow to
any parameter while in the tainted-url flow state.
2024-08-29 13:48:30 +02:00
..
ApiGraphs
JS: Add test for use steps
2024-04-17 14:46:00 +02:00
experimental
Merge branch 'main' into js/shared-dataflow-merge-main
2024-08-02 13:18:38 +02:00
library-tests
JS: Update a test that no longer fails
2024-08-27 11:35:37 +02:00
query-tests
JS: Do not use legacy taint steps in TaintedUrlSuffix
2024-08-29 13:48:30 +02:00
testUtilities
JS: Add InlineFlowTest
2024-08-27 11:35:10 +02:00
tutorials
CI: accept other diagnostic format related test changes
2024-06-19 11:33:50 +02:00
.project
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
.qlpath
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
format.json
Allow mixed whitespace in JavaScript test sources
2018-11-08 11:06:42 -08:00
qlpack.lock.yml
Packaging: Rafactor Javascript core libraries
2021-08-25 12:15:56 -07:00
qlpack.yml
JS: Add InlineExpectationsTest
2024-01-30 13:20:57 +01:00