github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
3 016 коммитов 1 544 Ветки 131 Тег 485 MiB
Граф коммитов

933 Коммитов

Автор SHA1 Сообщение Дата
Asger F cf3dfcae21 JS: recognize A.substr(0, B.length) == B 2019-01-18 10:40:48 +00:00
Asger F f9951f67fe JS: add simple variants of StringOps::EndsWith 2019-01-18 10:40:48 +00:00
Asger F b6626995cf JS: bugfix in indexOf-based include test 2019-01-18 10:40:48 +00:00
Asger F d603824feb JS: add StringOps::StartsWith and StringOps::Includes 2019-01-18 10:40:18 +00:00
Asger F 107ec3b687 JS: add test with self=this variable 2019-01-18 10:39:02 +00:00
Asger F 78bd76048a JS: add test with closures 2019-01-18 10:39:02 +00:00
Asger F 0bb6692c19 JS: add 'this' as possible access path root 2019-01-18 10:39:02 +00:00
semmle-qlci 5e712b3ff6
Merge pull request #784 from asger-semmle/dedup-promiseTaintStep 
Approved by esben-semmle
 2019-01-18 08:52:09 +00:00
Asger F a8d750f086 JS: update header doc in Promises.qll 2019-01-17 15:26:45 +00:00
Asger F e9c4f13a31 JS: Remove trailing whitespace again 2019-01-17 13:10:15 +00:00
Asger F 7a344c8546 JS: Add resolved promise taint test case 2019-01-17 13:08:55 +00:00
Asger F b6fdbdcf84 JS: deduplicate promiseTaintStep 2019-01-17 13:04:16 +00:00
Asger F 882b337c15 JS: Move ResolvedPromiseDefinition into StandardLibrary.qll 2019-01-17 13:02:03 +00:00
Asger F fc27b26bd5 JS: Remove duplicate PromiseFlowStep 2019-01-17 12:56:40 +00:00
Asger F 66901dc7b8 JS: remove duplicate ES2015PromiseDefinition 2019-01-17 12:55:38 +00:00
Max Schaefer 8f8068695d JavaScript: Bump extractor version to avoid trap cache. 2019-01-17 09:30:18 +00:00
Max Schaefer ce65fcedc1 JavaScript: Abort AutoBuild if an exception happens in one of the extractor threads. 2019-01-17 09:29:49 +00:00
Max Schaefer 7765c6d486 JavaScript: Await termination of extractor threadpool. 2019-01-17 09:29:49 +00:00
Max Schaefer 3b5315aa7e JavaScript: Improve logging. 2019-01-17 09:29:49 +00:00
Max Schaefer a6cb63e9c8 JavaScript: Make number of threads configurable through `LGTM_INDEX_THREADS`. 
If the number of threads specified is one or lower, we fall back onto single-threaded extraction.
 2019-01-17 09:29:49 +00:00
Max Schaefer d625ebf86d JavaScript: Extract JavaScript files after TypeScript files. 
This way we only start multi-threaded extraction after the TypeScript parser has already been shut down, reducing the chance of running out of memory.
 2019-01-17 09:29:49 +00:00
Max Schaefer 57133f91ff JavaScript: Prevent interleaved progress messages on stdout. 2019-01-17 09:29:49 +00:00
Max Schaefer 1c84dc011a JavaScript: Parallelise extraction of JavaScript (but not TypeScript) files. 2019-01-17 09:29:49 +00:00
Max Schaefer 8014ded973 JavaScript: Remove static state in `JSDocParser`. 2019-01-17 09:29:49 +00:00
Max Schaefer 5832f7c3ad JavaScript: Pull `ExtractorState` out of `FileExtractor`. 2019-01-17 09:29:49 +00:00
Max Schaefer 335d43b122 JavaScript: Make `AutoBuild` less stateful. 2019-01-17 09:29:49 +00:00
Max Schaefer a058d7a502
JavaScript: Fix examples in flow-summaries.rst 
The S-expression examples still used the old order of parameters for `parameter` and `member`.
 2019-01-17 09:12:40 +00:00
Asger F 9aaea40719 JS: address comments and support TrackedNode 2019-01-16 11:12:38 +00:00
Asger F 6d1eab8a4b JS: support flow out of "this" in constructor call 2019-01-16 11:09:38 +00:00
Max Schaefer 4a7e0fe104
Merge pull request #766 from asger-semmle/ts-compiler-3.2 
TS: Support TypeScript 3.2
 2019-01-16 08:49:45 +00:00
semmle-qlci 5bc17923b1
Merge pull request #665 from asger-semmle/js-property-concat-sanitizer 
Approved by esben-semmle, xiemaisi
 2019-01-16 08:44:55 +00:00
semmle-qlci cf3a4ac956
Merge pull request #767 from esben-semmle/js/unknown-bound-event-handler-receiver 
Approved by xiemaisi
 2019-01-16 08:36:11 +00:00
semmle-qlci 8655e5ae17
Merge pull request #768 from xiemaisi/js/call-summaries 
Approved by asger-semmle
 2019-01-16 08:35:31 +00:00
Max Schaefer 0360df6e05 JavaScript: Improve terminology and comments. 2019-01-15 09:01:39 +00:00
Asger F a7b0f7e2ce TS: upgrade script, version string, stats 2019-01-14 18:26:09 +00:00
Asger F 3ed9575529 TS: add support for bigints 2019-01-14 18:26:09 +00:00
Asger F 1c6deb65cd TS: update test expectation 2019-01-14 18:15:30 +00:00
Asger F 5fc4147a23 TS: bump TypeScript compiler dependency to 3.2.1 2019-01-14 15:56:50 +00:00
Asger F f4c89601ff JS: fix typo 2019-01-14 15:34:01 +00:00
Asger F ad6add383c JS: improve concatenation-sanitizer for property injection 2019-01-14 15:34:01 +00:00
semmle-qlci 955bad0618
Merge pull request #640 from asger-semmle/lodash-case 
Approved by esben-semmle
 2019-01-14 07:59:59 +00:00
semmle-qlci 7bb8edd16d
Merge pull request #720 from esben-semmle/js/more-flow-parsing 
Approved by xiemaisi
 2019-01-14 07:58:28 +00:00
Esben Sparre Andreasen b35c4b2a9a JS: support FP pattern for js/unbound-event-handler-receiver 2019-01-14 08:47:37 +01:00
semmle-qlci 9c41b214ee
Merge pull request #748 from esben-semmle/js/fix/js/useless-assignment-to-property 
Approved by xiemaisi
 2019-01-13 21:40:35 +00:00
Esben Sparre Andreasen 64346e1321 JS: bump extractor version for improved support for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen c26ae26f53 JS: support explicit type arguments for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen 45a4026385 JS: support additional export statements for Flow 2019-01-13 22:10:56 +01:00
Esben Sparre Andreasen c6f9a043ca JS: support additional import statements for Flow 2019-01-13 22:10:56 +01:00
semmle-qlci 04c15028ab
Merge pull request #750 from aschackmull/javascript/autoformat 
Approved by xiemaisi
 2019-01-11 16:35:38 +00:00
Anders Schack-Mulligen db9407bae5 Javascript: Update .expected files. 2019-01-11 14:27:16 +01:00
semmle-qlci b0dd3dfeb1
Merge pull request #502 from xiemaisi/js/summaries 
Approved by asger-semmle
 2019-01-11 10:27:03 +00:00
Max Schaefer f9d704bdcf JavaScript: Add example of indirect command injection. 2019-01-11 10:24:41 +00:00
Anders Schack-Mulligen e58094c732 Javascript: Autoformat. 2019-01-11 11:02:42 +01:00
Max Schaefer 7d2d33840a JavaScript: Track flow through forwarding higher-order calls. 2019-01-11 09:15:58 +00:00
Max Schaefer 59bac829b1 JavaScript: Refactor `flowsIntoHigherOrderCall` predicate. 2019-01-11 08:34:09 +00:00
Max Schaefer edc5117dfd JavaScript: Track flow into (simple) higher-order function calls. 
The only case we support for now are functions that invoke one of their arguments, passing another argument as input.
 2019-01-11 08:11:15 +00:00
Max Schaefer 414ab8ea8c JavaScript: Refactor `argumentPassing`. 2019-01-11 07:57:58 +00:00
Esben Sparre Andreasen d0372dd290 JS: reuse a variable 2019-01-11 08:34:17 +01:00
Esben Sparre Andreasen d3543b74c0 JS: fixup: use the basic block of the actual write (ODASA-7636) 2019-01-11 08:34:17 +01:00
Asger F 2b803693f1 JS: add comment about how to generate isLodashMember 2019-01-10 14:00:20 +00:00
semmle-qlci f474fdd0f9
Merge pull request #731 from xiemaisi/js/performance-fiddling 
Approved by asger-semmle, esben-semmle
 2019-01-10 10:01:02 +00:00
Max Schaefer 583734a4e2 JavaScript: Fix semantic merge conflict. 
https://github.com/Semmle/ql/pull/698 removed `document.cookie` as a remote flow source, which some of the tests relied on. We now use `location.search` instead.
 2019-01-09 16:09:06 +00:00
Max Schaefer 97e6c75b94 JavaScript: Remove a few other deprecated predicates and classes. 2019-01-09 09:23:59 +00:00
Max Schaefer db8e436046 JavaScript: Remove deprecated flow tracking predicates. 2019-01-09 09:23:59 +00:00
Max Schaefer 8a93c6aa65 JavaScript: Remove a few deprecated classes. 2019-01-09 09:23:59 +00:00
Max Schaefer 5d1d94ebf1 JavaScript: Remove deprecated old call graph library. 2019-01-09 09:23:59 +00:00
Max Schaefer db713fb359 JavaScript: Remove deprecated backward-compatibility layer in security libraries. 2019-01-09 09:23:59 +00:00
Max Schaefer feb9693fea JavaScript: Remove old data flow library. 2019-01-09 09:23:59 +00:00
Max Schaefer 3d44f0c6e0 JavaScript: Autoformat new libraries. 2019-01-09 09:13:14 +00:00
Max Schaefer fb53a69880 Revert "JavaScript: Add `ImportFromCSV` to `javascript.qll`." 
This reverts commit d03f82beb1f7d4634615f527b3d275043eeda1c5.
 2019-01-09 09:10:45 +00:00
Max Schaefer e960bd967f JavaScript: Make configuration IDs explicit in the API. 2019-01-09 09:10:45 +00:00
Max Schaefer 8f1c5db8be JavaScript: Change encoding of member and parameter portals for readability. 2019-01-09 09:10:45 +00:00
Max Schaefer a7ea7309d4 JavaScript: Fold a predicate to improve performance in the presence of many configurations with many sources/sinks. 2019-01-09 09:10:44 +00:00
Max Schaefer 9a64224344 JavaScript: Cache portal computation. 2019-01-09 09:09:58 +00:00
Max Schaefer 2295353b56 JavaScript: Add `ImportFromCSV` to `javascript.qll`. 2019-01-09 09:09:58 +00:00
Max Schaefer 94242b3b94 JavaScript: Exclude step summary query from `flow-summaries` suite. 
In its current form, this query produces way too many results.
 2019-01-09 09:09:58 +00:00
Max Schaefer fae419c5d2 JavaScript: Add guide to using summaries. 2019-01-09 09:09:58 +00:00
Max Schaefer 8e36c60326 JavaScript: Add a few examples that cause cyclic portals. 2019-01-09 09:09:58 +00:00
Max Schaefer 132570940a JavaScript: Add support for annotation comments specifying additional sources and sinks. 2019-01-09 09:09:58 +00:00
Max Schaefer bdf29d010a JavaScript: Allow summary details to be omitted. 
If a summary does not specify a configuration, it is taken to apply to all configurations without custom sanitisers/barriers.

If a source summary does not specify a flow label, `data` is assumed.

If a sink summary does not specify a flow label, both `data` and `taint` are assumed.

Flow step summaries cannot omit flow labels.

Note that the standard extraction queries always provide explicit configurations and flow labels, and hence do not exercise this functionality.
 2019-01-09 09:09:58 +00:00
Max Schaefer 7c87c43511 JavaScript: Import flow summaries through external predicates. 2019-01-09 09:09:58 +00:00
Max Schaefer 90ad8e3858 JavaScript: Import flow summaries from CSV data. 2019-01-09 09:09:58 +00:00
Max Schaefer f4fed3657d JavaScript: Add flow summary extraction queries. 2019-01-09 09:09:58 +00:00
Max Schaefer 6d893d4be7 JavaScript: Allow additional sources, sinks and steps to specify flow labels. 2019-01-09 09:09:57 +00:00
Max Schaefer 98a763ae4b JavaScript: Add QL library for modelling portals between npm packages. 2019-01-09 09:06:55 +00:00
Max Schaefer 7e7899faba JavaScript: Add predicate `DataFlow::Node.getTopLevel()`. 2019-01-09 09:05:11 +00:00
Max Schaefer 3e56e9eaf9 JavaScript: Add predicate `AbstractCallable.getDefinition`. 2019-01-09 09:05:09 +00:00
Asger F 45a5d0ee3a JS: autoformat 2019-01-08 12:30:07 +00:00
Asger F 6816f33a3d JS: Handle case-insensitive lodash imports 2019-01-08 12:29:28 +00:00
Max Schaefer 8951eaead3 JavaScript: Improve caching of `getACallee` and related predicates. 2019-01-08 09:42:44 +00:00
Max Schaefer 627583fffa JavaScript: Refactor `UselessConditional` for performance. 2019-01-08 09:40:49 +00:00
Max Schaefer de429752d1 JavaScript: Restructure implementation of `DataFlow::SourceNode`. 
It now uses a facade pattern similar to `InvokeNode`: the range of the class is defined by an abstract class `DataFlow::SourceNode::Range`, while the actual behaviour is defined by the (no longer abstract) `SourceNode` class itself.

Clients that want to add new source nodes need to extend `DataFlow::SourceNode::Range`, those that want to refine the behaviour of existing source nodes should extend `DataFlow::SourceNode` itself.

While this is technically a breaking API change, I think separating the two aspects in this way is cleaner and makes it easier to use, and improves performance as well.
 2019-01-08 08:01:20 +00:00
Max Schaefer 31bb39a810 JavaScript: Autoformat all QL files. 2019-01-07 10:15:45 +00:00
Max Schaefer b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
semmle-qlci 6b27dcabc5
Merge pull request #704 from asger-semmle/ts-binary-exprs 
Approved by esben-semmle
 2019-01-04 08:37:41 +00:00
semmle-qlci 8174fb51ae
Merge pull request #705 from asger-semmle/loop-index-concurrent-modification 
Approved by mc-semmle, xiemaisi
 2019-01-03 17:06:12 +00:00
semmle-qlci 6c768263d2
Merge pull request #716 from xiemaisi/js/cosmetics 
Approved by esben-semmle
 2019-01-03 16:11:50 +00:00
Asger F f24313a215 JS: address doc review 2019-01-03 10:49:36 +00:00
Max Schaefer 0a2df6c00d JavaScript: Highlight id attribute (not entire element) in `AmbiguousIdAttribute`. 2019-01-02 11:44:02 +00:00
Asger F bc59e65222 JS: update suite file 2019-01-02 11:42:47 +00:00