github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
57 853 коммитов 1 534 Ветки 130 Теги 471 MiB
Граф коммитов

8411 Коммитов

Автор SHA1 Сообщение Дата
Asger F b321151a28 JS: Restrict ExtendCall flow in proto pollution query 2023-04-17 08:20:18 +02:00
Asger F efb582b661 JS: Drive-by fix to newly gained FPs 2023-04-17 08:20:18 +02:00
Asger F 869c6d27fe JS: Add implied receiver steps 2023-04-17 08:20:18 +02:00
Asger F 74dbc71535 JS: Change Extend steps to PreCallGraphStep 2023-04-17 08:20:18 +02:00
github-actions[bot] 075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
jarlob e9dee3a185 Move `actions/github-script` out of Actions.qll 2023-04-14 14:26:23 +02:00
Erik Krogh Kristensen cece307c60
Merge pull request #12802 from erik-krogh/history-xss 
JS: add browser history as XSS sink
 2023-04-14 13:35:19 +02:00
jarlob 599ec5a3b4 Add comment 2023-04-14 10:52:11 +02:00
jarlob 3724ea1a7b Extract `where` parts into predicates 2023-04-14 10:49:56 +02:00
jarlob ac1c20673d Encapsulate github-script 2023-04-14 10:23:49 +02:00
jarlob d80c541da6 Encapsulate composite actions 2023-04-14 10:06:35 +02:00
smiddy007 ec97cdc8a0 Allow NonKeyCiphers to include truncated SHA-512 MDs in Forge JS library. 2023-04-13 23:16:20 -04:00
jarlob 94065764d5 Make predicate name clearer 2023-04-14 01:05:21 +02:00
jarlob 79218a3946 Use `YamlMapping` for modeling `Env` 2023-04-14 00:56:51 +02:00
jarlob dd52ef85cd Rename Env 2023-04-13 23:41:31 +02:00
jarlob 76834cbe53 Rename GlobalEnv 2023-04-13 23:13:56 +02:00
jarlob a8a6913512 Simplify `exists` according to the warning 2023-04-13 23:10:16 +02:00
jarlob 8234ea33f0 More details in the changes file. 2023-04-13 23:05:32 +02:00
jarlob 6790318769 Added the composite word 2023-04-13 22:58:32 +02:00
Jaroslav Lobačevski 8f1bccbb4d
Apply suggestions from code review (comments) 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2023-04-13 22:55:53 +02:00
Alex Eyers-Taylor c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Alex Ford 8c46bfd051
Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Tom Hvitved 3cc9dec9c8 Remove all `queries.xml` files 2023-04-13 11:18:58 +02:00
Arthur Baars ead8108aed Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-04-13 11:11:55 +02:00
Erik Krogh Kristensen cfb273ae01
Merge pull request #12799 from erik-krogh/oneColumn 
JS: use 1-based column locations for diagnostics
 2023-04-12 14:48:20 +02:00
Asger F b819f55203
Merge pull request #12792 from asgerf/js/redux-model-perf 
JS: add getForwardingFunction and use to sharpen useSelector model
 2023-04-12 14:09:59 +02:00
erik-krogh d3cc1d6991
update expected output of diagnostics test 2023-04-12 13:42:05 +02:00
erik-krogh b1957623c1
add browser history as XSS sink 2023-04-12 13:38:18 +02:00
Erik Krogh Kristensen 8cb54b748b
Merge pull request #12787 from tyage/add-router-sink 
JS: Add New XSS sink - Next.js router.push/replace
 2023-04-12 13:30:21 +02:00
Arthur Baars 83cd55cb29 Js/Yaml: add getFile() predicate 2023-04-11 16:01:44 +01:00
erik-krogh 3c4bd5b6a7
forward toString() etc. predicates from YamlNode to Locatable 2023-04-11 15:37:01 +02:00
erik-krogh b5e90483f5
improve the ESLint model to avoid overriding Yaml classes 2023-04-11 15:36:18 +02:00
Asger F aef0fa3c8a JS: Expand QLDoc 2023-04-11 14:16:36 +02:00
Asger F 2c65a49d7c JS: Add getForwardingFunction() to API graphs 2023-04-11 14:00:30 +02:00
Asger F 4ce03d4dc4 JS: Restrict useSelector steps to local callbacks 2023-04-11 13:33:46 +02:00
Asger F 3cc931306f JS: Add test for selector nodes with multiple access paths 2023-04-11 13:33:27 +02:00
Nate Johnson a0f4a5100f Insecure HTTP parser query for JavaScript 2023-04-09 20:38:55 -04:00
tyage 40d475863d Add change note 2023-04-08 18:36:50 +09:00
tyage 320cb99dbf Add replace method test 2023-04-08 18:31:48 +09:00
tyage 668e1accaa Remove unnecessary whiteline 2023-04-08 18:24:31 +09:00
tyage 7f9b8557ac Add Next.js router push as XSS sink 2023-04-08 18:18:34 +09:00
jarlob 72b66ffe97 Fix comment. 2023-04-07 10:01:14 +02:00
jarlob 7573c615f6 Fix warnings 2023-04-06 23:07:22 +02:00
jarlob 3745cccedd Fix warnings 2023-04-06 23:02:08 +02:00
jarlob af83d8af41 Add comment 2023-04-06 22:59:09 +02:00
jarlob 9c7eecf547 Add support for composite actions 2023-04-06 22:53:59 +02:00
jarlob baefeab2d1 fix tests 2023-04-06 19:11:04 +02:00
jarlob 0a878d4db9 Support yAml extensions 2023-04-06 19:07:38 +02:00
Arthur Baars 4fca4b668c JS: use shared YAML library 2023-04-06 15:11:35 +02:00
jarlob 40635e60d1 Improve documentation 2023-04-05 10:26:02 +02:00
jarlob 9fba7d31f1 Improve documentation 2023-04-05 10:24:07 +02:00
jarlob 40b7910473 Fix QLDoc warnings 2023-04-05 10:14:54 +02:00
jarlob eef1973b93 Change UI message 2023-04-05 10:05:24 +02:00
jarlob 5c5b9f99a8 Add simple taint tracking for env variables 2023-04-05 10:03:46 +02:00
github-actions[bot] ac426b1302 Post-release preparation for codeql-cli-2.12.6 2023-04-04 16:49:26 +00:00
Asger F 5cc7380bcd JS: Change note 2023-04-04 16:49:14 +02:00
jarlob 39ff3c72a2 Remove label sanitizer because it is prone to race conditions 2023-04-03 23:28:31 +02:00
jarlob 8ea418216c Look for script injections in actions/github-script 2023-04-03 23:13:28 +02:00
jarlob e941218e30 change notes added 2023-04-03 15:15:00 +02:00
jarlob ba5747dff3 fix formatting 2023-04-03 15:10:27 +02:00
jarlob c6eaf194a5 Remove empty.js as it is not needed anymore 2023-04-03 15:09:40 +02:00
jarlob 99d634c8a4 Add more sources, more unit tests, fixes to the GitHub Actions injection query 2023-04-03 15:02:02 +02:00
Asger F 53de9ae580
Merge pull request #12729 from asgerf/js/crypto-modernize 
JS: Modernize crypto libraries
 2023-04-03 12:16:22 +02:00
Jeroen Ketema 17bd9c12d7
JS: Fix qhelp after file rename 2023-04-03 09:25:19 +02:00
Erik Krogh Kristensen 1e1a692ee6
Merge pull request #12686 from erik-krogh/backtick-parse-error 
JS: add backticks around the concrete parse error
 2023-03-31 14:56:38 +02:00
Asger F 64cf27ab87 JS: Modernize crypto libraries 2023-03-31 14:49:23 +02:00
Asger F 40530ae14d JS: Simplfy with set literal 2023-03-31 12:04:56 +02:00
Asger F 4a06b81429 JS: Use API graphs in CryptoJS 2023-03-31 12:03:14 +02:00
Asger F dec1e4dfd6
Merge pull request #12666 from smiddy007/improve-insufficient-pw-hash-query 
JS: Improve insufficient pw hash query
 2023-03-31 11:58:41 +02:00
github-actions[bot] 0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
Erik Krogh Kristensen b382465078
Merge pull request #12679 from ctbellanti/improved-certificate-validation 
JS: Improved coverage for disabled certificate validation
 2023-03-30 16:24:33 +02:00
github-actions[bot] e87ce62f95 Post-release preparation for codeql-cli-2.12.5 2023-03-30 13:48:58 +00:00
erik-krogh 47783326c2
add test for https.createServer in DisablingCertificateValidation.ql 2023-03-30 14:15:25 +02:00
Asger F 43174cfe3a
Merge pull request #12668 from asgerf/js/jquery-callback-sinks 
JS: fix handling of jQuery sinks involving callback
 2023-03-30 12:42:53 +02:00
Jeroen Ketema 0acca2ba76
Merge pull request #12687 from jketema/unit-2 
Make imports of `codeql.util.Unit` private
 2023-03-29 13:07:12 +02:00
smiddy007 0eb61d39d3 formatting 2023-03-28 11:28:32 -04:00
smiddy007 fe3b0a56ca Removed unnecessary field 2023-03-28 11:27:23 -04:00
smiddy007 8e9f2185c8
Merge branch 'main' into improve-insufficient-pw-hash-query 2023-03-28 11:15:10 -04:00
smiddy007 123eb1e57b
Update javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-03-28 11:14:28 -04:00
Erik Krogh Kristensen 13c0effbd2
change to minor change 2023-03-28 15:27:16 +02:00
Erik Krogh Kristensen 451f6f01bb
Merge pull request #12633 from erik-krogh/more-global-flow 
JS: better callgraph support for global variables
 2023-03-28 15:19:50 +02:00
Jeroen Ketema 3b8ad087eb
Make imports of `codeql.util.Unit` private 2023-03-28 14:14:13 +02:00
Asger F 61a7ee9387 JS: Use getABoundFunctionValue instead of type-tracking 2023-03-28 12:56:03 +02:00
erik-krogh e5e20ab42c
add backticks around the concrete parse error 2023-03-28 10:57:13 +02:00
smiddy007 2caab8748e Merge branch 'improve-insufficient-pw-hash-query' of https://github.com/smiddy007/codeql into improve-insufficient-pw-hash-query 2023-03-27 15:20:24 -04:00
smiddy007 57ab5a06ae autoformatted 2023-03-27 15:20:08 -04:00
Chris Bellanti 6bf94e800b Added check to disabling certificate validation query 2023-03-27 12:16:20 -04:00
smiddy007 64b56ef107
Merge branch 'main' into improve-insufficient-pw-hash-query 2023-03-27 12:07:21 -04:00
smiddy007 3ef5f3070f small change 2023-03-27 12:02:35 -04:00
Erik Krogh Kristensen d3c3f2dc90
Merge pull request #12628 from erik-krogh/betterReDoS 
ReDoS: better super-linear algorithm
 2023-03-27 15:26:49 +02:00
Asger F 32d7a80221 JS: Change note 2023-03-27 14:56:57 +02:00
Asger F 92a681213d JS: Step through jQuery callback return values 2023-03-27 11:17:27 +02:00
Asger F bc2a772f3b JS: Add test case showing false negative 2023-03-27 11:08:39 +02:00
Jeroen Ketema 977f15f8a4
Merge pull request #12649 from jketema/unit 
Replace all definitions of `Unit` by `import codeql.util.Unit`
 2023-03-27 08:49:50 +02:00
smiddy007 4980948613 changenote 2023-03-26 23:07:32 -04:00
smiddy007 cef6b95b15 Fixed Conflicts due to recent changes to file 2023-03-26 22:32:34 -04:00
smiddy007 ad527b8f69
Added new example files and renamed existing ones 2023-03-26 21:53:22 -04:00
smiddy007 ccf152df00
Added support for progressive hashing in crypto-js module 2023-03-26 21:29:55 -04:00
Jeroen Ketema a87a9438c7
Replace all definitions of `Unit` by `import codeql.util.Unit` 2023-03-24 10:39:34 +01:00
erik-krogh 27c29303da
add test diagnostics test for internal error 2023-03-23 13:12:51 +01:00
erik-krogh e189b36e3f
materialize less strings when ranking states 2023-03-23 10:35:58 +01:00
erik-krogh 0462e2a6ea
update some expected output 2023-03-22 20:47:53 +01:00
Alex Ford 0f267e012a
Merge pull request #12631 from alexrford/js/weak-cryptographic-algorithm_space 
JS: add a missing space in alert message for `js/weak-cryptographic-algorithm`
 2023-03-22 14:12:35 +00:00
erik-krogh 2bba9057a0
better callgraph support for global variables 2023-03-22 13:49:33 +01:00
Erik Krogh Kristensen 663d4e8e3b
Merge pull request #12592 from erik-krogh/rhsRegress 
JS: Fix performance regression in the `GetLaterAccess` module.
 2023-03-22 12:55:56 +01:00
Alex Ford b000b9b5c0 JS: add a missing space in alert message for js/weak-cryptographic-algorithm 2023-03-22 11:12:13 +00:00
Erik Krogh Kristensen bdab57b9d3
Update javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-03-22 10:19:48 +01:00
erik-krogh b071d3557e
JS/PY/RB: add a worst-case test, that now performs OK 2023-03-22 10:13:18 +01:00
erik-krogh 801e0ff050
ReDoS: implement a better super-linear algorithm, with better worst-case performance 2023-03-22 10:13:16 +01:00
erik-krogh c023af7308
manual recursion, and other join-order 2023-03-21 15:22:10 +01:00
erik-krogh 070468ab68
fix performance 2023-03-21 15:19:38 +01:00
erik-krogh 34fe1a8f5e
use SSA in the GetLaterAccess module 2023-03-21 15:19:15 +01:00
Asger F 6d665da4dc
Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Erik Krogh Kristensen 0f813ce2e8
Merge pull request #12543 from erik-krogh/reg-perf 
ReDoS: restrict the edges considered in polynomial-redos for complex regular expressions
 2023-03-20 15:48:35 +01:00
Erik Krogh Kristensen 540542ceb5
Merge pull request #12518 from erik-krogh/more-express-sources 
JS: recognize more express URL related sources
 2023-03-20 08:49:11 +01:00
github-actions[bot] 981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
Asger F d537f86324
Merge pull request #12555 from asgerf/js/block-modes 
JS: Include weak block modes as sink in weak crypto algorithm
 2023-03-17 13:23:23 +01:00
erik-krogh e00c41c6e2
add change-note and bump version 2023-03-16 22:37:56 +01:00
erik-krogh a63739915d
add test confirming support for const type parameters 2023-03-16 22:37:35 +01:00
erik-krogh 2c1c41d8a3
add test confirming end-to-end support for well-typed decorators with the new TS 5.0 type ClassMethodDecoratorContext 2023-03-16 22:37:35 +01:00
Asger F bce1f29a7e JS: Add change note 2023-03-16 14:55:00 +01:00
Asger F 86a06bde72 JS: Flag crypto operations with weak block mode 2023-03-16 14:52:52 +01:00
Asger F e907d685f4 JS: Add crypto test with AES-ECB 2023-03-16 14:52:18 +01:00
github-actions[bot] fe4d27e8cc Release preparation for version 2.12.5 2023-03-16 12:58:50 +00:00
erik-krogh f718d78a9a
avoid redundant sources 2023-03-16 13:34:01 +01:00
erik-krogh 54ec047433
ReDoS: put an artificial limitation on the analysis in polynomial-redos for large regular expressions 2023-03-16 12:20:53 +01:00
erik-krogh a72436f6f1
recognize more express URL related sources 2023-03-15 10:14:31 +01:00
Arthur Baars fbe9823a42
Merge branch 'main' into henrymercer/polish-diagnostics 2023-03-14 23:42:33 +01:00
Henry Mercer 1394abcf98 JS: Update diagnostics IDs for consistency with rules 2023-03-14 21:44:19 +00:00
Henry Mercer 1f63c5d5e4 JS: Update parse error diagnostic name for consistency 2023-03-14 21:43:32 +00:00
Asger F feb7c49006
Merge pull request #12382 from asgerf/js/import-assertion 
JS: Support import assertions
 2023-03-14 14:56:32 +01:00
Asger F d953ad63fe
Merge pull request #12445 from asgerf/js/react-forward-ref 
JS: Handle forwardRef in React
 2023-03-14 13:21:16 +01:00
Asger F 8ab3f39b5e
Merge pull request #12423 from asgerf/js/trusted-types-global-flow 
JS: Track trusted types policy callbacks
 2023-03-14 13:09:50 +01:00
Erik Krogh Kristensen 060c37b6a2
Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Asger F 5461f94c6c
Merge pull request #12424 from asgerf/js/html-sanitizer-for-sql 
JS: Add html sanitizers as a taint step in a few queries
 2023-03-13 11:36:19 +01:00
Asger F 41dd63adc7 Handle forwardRef in React 2023-03-13 11:30:18 +01:00
erik-krogh 6c1ebd999e
Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Anders Schack-Mulligen 8d97fe9ed3 JavaScript: Autoformat 2023-03-10 09:41:20 +01:00
Henry Mercer 079451142e
Merge branch 'main' into codeql-ci/atm/release-0.4.9 2023-03-09 16:08:22 +00:00
github-actions[bot] a82aaea514 JS: Bump version of ML-powered library and query packs to 0.4.10 2023-03-09 15:54:49 +00:00
github-actions[bot] f0bb25bfce JS: Bump patch version of ML-powered library and query packs 2023-03-09 15:46:31 +00:00
Asger F 6e744093e2
Merge pull request #12398 from github/post-release-prep/codeql-cli-2.12.4 
Post-release preparation for codeql-cli-2.12.4
 2023-03-09 15:38:21 +01:00
Arthur Baars 942cd7c275
Merge pull request #12113 from erik-krogh/diagnostics 
JS: Implement diagnostics
 2023-03-09 12:57:06 +01:00
Arthur Baars 7ab0f88f78 JS: add link to docs to parse error diagnostic 2023-03-08 16:47:43 +01:00
Arthur Baars e5be8ab1e5 JS: add integration test for diagnostic messages 2023-03-08 16:04:49 +01:00
Asger F 05b5aea477 JS: Changenote 2023-03-07 13:15:44 +01:00
Asger F 856b50735d JS: Expand test case 2023-03-07 13:04:26 +01:00
Asger F 0affd898de JS: Track trusted type policy callbacks 2023-03-07 10:22:26 +01:00
Asger F 4f0e17bf97 JS: Add step to a few other queries 2023-03-07 09:39:40 +01:00
Asger F d4b4d22378 JS: Step through HTML sanitizers in SQL injection query 2023-03-06 15:10:26 +01:00
github-actions[bot] af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
Dave Bartolomeo b342e93989 Move change note to appropriate pack 2023-03-03 14:43:00 -05:00
github-actions[bot] 462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Asger F 37999eaea0 JS: Fix implicit this 2023-03-03 13:43:17 +01:00
Asger F f4b13e0955 JS: Update printAst expected output 2023-03-03 13:42:42 +01:00
Erik Krogh Kristensen d94e51aaf6
Merge pull request #12377 from erik-krogh/jHtml 
JS: add the html argument to the jQuery functions as an XSS sink
 2023-03-03 13:19:38 +01:00
Asger F 7f96fe725b JS: Change note 2023-03-03 12:21:20 +01:00
Asger F 7a55b003d2 JS: Fix location of assert clause 2023-03-03 12:21:20 +01:00
Asger F 38194c6ae7 JS: Extract import assertions to DB 2023-03-03 12:21:20 +01:00
erik-krogh a6c9af4182
add the html argument to the jQuery functions as an XSS sink 2023-03-03 11:09:53 +01:00
erik-krogh 94870b838f
add failing test 2023-03-03 11:08:33 +01:00
erik-krogh a928f4c9ef
add change-notes 2023-03-03 09:23:10 +01:00
erik-krogh f96d6accbb
delete old deprecations 2023-03-03 09:23:02 +01:00
github-actions[bot] 50c90bbc5c ATM: Update model pack dependency of ML-powered model building and query packs 2023-03-02 17:31:03 +00:00
Erik Krogh Kristensen 64dad3db8a
Merge pull request #12333 from kaspersv/kaspersv/fix-join-order 
ReflectedXss: Prevent bad join order
 2023-03-01 12:48:30 +01:00
Kasper Svendsen 86925646f3 ReflectedXss: Prevent bad join order 2023-02-28 12:06:27 +01:00
Erik Krogh Kristensen 50aa5e072a
Merge pull request #12177 from erik-krogh/alias-html 
JS: More precise type-test sanitizer guards in unsafe-html-construction
 2023-02-27 18:16:11 +01:00
Erik Krogh Kristensen 927c322b7b
Merge pull request #11769 from erik-krogh/moreSan 
JS: Sanitizer for `sanitizer(x) === true`
 2023-02-27 15:48:34 +01:00
Alex Ford 7c85448cba
Merge pull request #12080 from alexrford/js-use-shared-cryptography 
JS: Use shared `CryptographicOperation` concept
 2023-02-27 12:26:38 +00:00
erik-krogh 0e60fc5512
Merge branch 'main' into alias-html 2023-02-27 09:16:25 +01:00
Erik Krogh Kristensen f8f926ad50
Merge pull request #12175 from erik-krogh/reg-input 
JS: add process.env and process.argv etc. as source for `js/regex-injection`
 2023-02-27 09:12:02 +01:00
Erik Krogh Kristensen 4ffe20ae75
Merge pull request #12189 from erik-krogh/more-export 
JS: also consider relative exports when finding library inputs
 2023-02-27 09:02:55 +01:00
Henry Mercer eb1fe57590
Merge branch 'main' into codeql-ci/atm/release-0.4.8 2023-02-23 16:23:32 +00:00
github-actions[bot] 7e2b286f03 JS: Bump version of ML-powered library and query packs to 0.4.9 2023-02-23 16:12:23 +00:00
github-actions[bot] e02368f6fa JS: Bump patch version of ML-powered library and query packs 2023-02-23 16:04:39 +00:00
github-actions[bot] 8eb8daa4d4 Post-release preparation for codeql-cli-2.12.3 2023-02-16 17:23:25 +00:00
github-actions[bot] b0315119c6 Release preparation for version 2.12.3 2023-02-16 11:49:06 +00:00
Alex Ford 9cfd0f5f46 JS: fix qldoc 2023-02-16 11:00:37 +00:00
Alex Ford 1556b1a728
Merge branch 'main' into js-use-shared-cryptography 2023-02-15 17:13:53 +00:00
Alex Ford 1958b9dcd5 JS: add missing qldoc 2023-02-15 16:59:03 +00:00
Alex Ford 43af306d60 dynamic: more detailed qldoc for CryptographicOperation#getBlockMode() 2023-02-15 16:55:18 +00:00
Alex Ford e8cbf7287d JS: breaking change note for CryptographicOperation sync 2023-02-15 16:50:24 +00:00
Alex Ford 925b4a3fa8 JS: improve documentation on deprecated CryptographicOperation#getInput() predicate 2023-02-15 16:23:46 +00:00
Alex Ford d4d0b91085 dynamic: switch CryptographicOperation::Range#getBlockMode() back to being an abstract predicate 2023-02-15 16:23:46 +00:00
Alex Ford c7aaad9ed0 JS: avoid adding a deprecated CryptographicOperation#getInput to py/ruby 2023-02-15 16:23:46 +00:00
erik-krogh 51ddb55d7b
use tainted-object to precisely model that plain object are fine, but their properties are not 2023-02-15 15:02:03 +01:00
erik-krogh 09794fa836
delete PrefixStringSanitizer 2023-02-15 14:55:02 +01:00
Rasmus Wriedt Larsen c72dbc49fc
Merge pull request #12165 from RasmusWL/crypto-updates 
Python/Ruby/JS Crypto: Add a few algorithms + block modes
 2023-02-15 14:35:40 +01:00
erik-krogh bec8dc6775
add explicit this 2023-02-15 10:44:57 +01:00
erik-krogh b7305fd229
also consider relative exports when finding library inputs 2023-02-14 21:08:13 +01:00
erik-krogh de4f5017e1
add change-note 2023-02-14 18:36:07 +01:00
Alex Ford 8d90c02a67 JS: remove unused field 2023-02-14 15:24:22 +00:00
erik-krogh 393649b7ce
don't call environment variables for command-line arguments 2023-02-14 14:27:41 +01:00
erik-krogh 36478124ae
add process.env and process.argv etc. as source for `js/regex-injection` 2023-02-14 14:21:53 +01:00
erik-krogh 943bdeca6d
make `appliesTo` recursive 2023-02-14 14:16:45 +01:00
erik-krogh 9549cac3e5
add an additional barrier guard that finds "=== true" versions of previous barrier guards 2023-02-14 14:15:23 +01:00
erik-krogh c355a26657
add failing test 2023-02-14 14:12:35 +01:00
erik-krogh 3f0fe96f85
add `getBoolValue()` as a utility predicate on `BooleanLiteral` 2023-02-14 14:12:35 +01:00
Erik Krogh Kristensen 2f8c9a5a2c
Merge pull request #12171 from erik-krogh/reg-dot 
JS: dont recognize regexps that match dot as sanitizers
 2023-02-14 14:10:44 +01:00
Erik Krogh Kristensen e3e2df3247
Merge pull request #12166 from erik-krogh/more-html-san 
JS: add `HtmlSanitizer` as a sanitizer DOMBasedXss
 2023-02-14 14:09:56 +01:00
Erik Krogh Kristensen 028fcc7edf
Merge pull request #11959 from erik-krogh/ssrfSan 
JS: add encodeURIComponent as a sanitizer for request-forgery
 2023-02-14 13:39:53 +01:00
Erik Krogh Kristensen a498936f16
Merge pull request #12170 from erik-krogh/more-lib 
JS: More library inputs
 2023-02-14 13:38:00 +01:00
erik-krogh 4140598769
update expected output for experimental query 2023-02-14 00:08:13 +01:00
erik-krogh c17d057520
default to index.js when no main: is specified in package.json, and recognize more classes as library inputs 2023-02-13 21:24:41 +01:00
erik-krogh 68656274f4
dont recognize regexps that match dot as sanitizers 2023-02-13 17:36:51 +01:00
erik-krogh 6192544fb4
add test for express-ws as a source 2023-02-13 15:26:50 +01:00
erik-krogh b85bfc8ba6
add HtmlSanitizer as a sanitizer for DOMBasedXss 2023-02-13 11:57:29 +01:00
erik-krogh c258e44772
add failing test for spurious edge through sanitizer 2023-02-13 11:49:57 +01:00
Rasmus Wriedt Larsen 5235964b07
sync files 2023-02-13 10:44:12 +01:00
erik-krogh 91393a7bc8
add change-note 2023-02-12 23:28:01 +01:00
erik-krogh 6474cfd4c8
add support for express-ws 2023-02-12 23:25:27 +01:00
Henry Mercer e972cb069e
Merge branch 'main' into codeql-ci/atm/release-0.4.7 2023-02-07 21:31:08 +00:00
github-actions[bot] 4f76ebbb0b JS: Bump version of ML-powered library and query packs to 0.4.8 2023-02-07 19:44:25 +00:00
github-actions[bot] 30b2644f17 JS: Bump patch version of ML-powered library and query packs 2023-02-07 19:34:58 +00:00
erik-krogh ecafce8191
improve the CryptoJS model by using API::Node 2023-02-03 21:44:23 +01:00
Alex Ford 7768026e70
Merge branch 'main' into js-use-shared-cryptography 2023-02-03 15:18:30 +00:00
Alex Ford 6c35feaa98 ConceptsShared: add a default implementation of BlockMode CryptographicOperation#getBlockMode() for compatibility with external code 2023-02-03 14:39:32 +00:00
Alex Ford b968b59afc CryptoAlgorithms: make CryptographicAlgorithm#matchesName hold only if that algorithm is the most specific match 2023-02-03 14:15:32 +00:00
Alex Ford e17b3d975d JS: pick up CryptographicKeys used in asmCrypto encrypt/decrypt calls 2023-02-03 12:16:25 +00:00
Alex Ford 6b2a92a7ca JS: update CryptographicKey.expected 2023-02-03 12:12:47 +00:00
Mathias Vorreiter Pedersen 4e7ca1a175
Merge pull request #12082 from github/post-release-prep/codeql-cli-2.12.2 
Post-release preparation for codeql-cli-2.12.2
 2023-02-03 09:40:57 +00:00
github-actions[bot] faf21f3edb Post-release preparation for codeql-cli-2.12.2 2023-02-02 23:01:04 +00:00
Alex Ford b0b8f8725e JS: add some CryptographicOperation#getBlockMode() tests 2023-02-02 20:30:30 +00:00
Alex Ford aa2c532a78 JS: adjust test whitespace 2023-02-02 20:30:30 +00:00
Alex Ford c25dc978df JS: add blockMode to CryptographicOperation tests 2023-02-02 20:30:30 +00:00
Alex Ford 1435ef1862 CryptoAlgorithms: make CryptographicAlgorithm#matchesName split on underscores 2023-02-02 20:30:30 +00:00
Alex Ford 983055b8f9 JS: Use shared CryptographicOperation concept and implement BlockMode getBlockMode() 2023-02-02 20:30:30 +00:00
Alex Ford e5dfbe2c8d ConceptsShared: Add BlockMode#matchesString(string) predicate 2023-02-02 20:27:52 +00:00
Alex Ford 61095b3c58 ConceptsShared: Add deprecated DataFlow::Node CryptographicOperation#getInput() predicate 2023-02-02 20:27:05 +00:00
Kristen Newbury 231110ddca
Update javascript/ql/src/Security/CWE-312/CleartextLogging.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-02-02 11:12:44 -05:00
github-actions[bot] a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
Kristen Newbury dc5eb40d5f
Update JS CleartextLogging qhelp 2023-02-01 16:29:13 -05:00
yoff 7ae389bb28
Merge pull request #12026 from erik-krogh/nodePty 
JS: add code-injection sink for node-pty
 2023-01-31 13:27:32 +01:00
erik-krogh 0cefa98490
add missing word to the change-note 2023-01-31 11:53:17 +01:00
erik-krogh 95c19698c7
add change-note 2023-01-31 11:09:07 +01:00
erik-krogh e5e8496084
fix QL-for-QL warnings 2023-01-31 10:55:27 +01:00
erik-krogh 02da718786
add code-injection sink for node-pty 2023-01-30 15:14:25 +01:00
erik-krogh e3455a9b21
add support for axios used as a global variable 2023-01-29 22:55:20 +01:00
Erik Krogh Kristensen 99bad77972
Merge pull request #11906 from erik-krogh/moreStem 
JS: expand what is parsed as the stem of a pathexpr
 2023-01-25 08:44:44 +01:00
erik-krogh 49f5e89f36
update expected output for experimental query 2023-01-23 22:29:49 +01:00
Erik Krogh Kristensen fc66c905ff
Merge pull request #11859 from erik-krogh/moreShell 
JS: slightly broaden the regular expression that recognizes bad string-concats used as shell commands
 2023-01-23 22:26:17 +01:00
Henry Mercer 241951f53e
Merge branch 'main' into codeql-ci/atm/release-0.4.6 2023-01-23 18:24:36 +00:00
github-actions[bot] be481d975c JS: Bump version of ML-powered library and query packs to 0.4.7 2023-01-23 18:22:18 +00:00
github-actions[bot] 40a67d61d2 JS: Bump patch version of ML-powered library and query packs 2023-01-23 18:15:56 +00:00
erik-krogh 11894144aa
remove regular expression that did nothing 2023-01-23 16:38:09 +01:00
Erik Krogh Kristensen a10b45e0db
Merge pull request #11927 from mvogelgesang/express-rate-limit 
JS: Updated express-rate-limit example to match implementation examples f…
 2023-01-23 14:37:50 +01:00
erik-krogh 3cece50f78
add encodeURIComponent as a sanitizer for request-forgery 2023-01-23 13:53:53 +01:00
erik-krogh be8ef1b324
add failing test 2023-01-23 13:52:36 +01:00
Erik Krogh Kristensen 1ee9957838
Merge pull request #9807 from erik-krogh/endFilter 
JS: recognize "-->" as a bad tag filter
 2023-01-23 10:06:50 +01:00
Michael Nebel 69a42d8b1f
Merge pull request #11931 from michaelnebel/csharp/refactor 
Remove the Csv postfix of some predicate names.
 2023-01-23 09:09:48 +01:00
Mathias Vorreiter Pedersen e664662df9
Merge pull request #11944 from github/post-release-prep/codeql-cli-2.12.1 
Post-release preparation for codeql-cli-2.12.1
 2023-01-20 21:52:55 +00:00
github-actions[bot] b62cb6ba84 Post-release preparation for codeql-cli-2.12.1 2023-01-20 19:49:56 +00:00
Jean Helie 9e6f9c2705
Merge pull request #11709 from github/jhelie/add-shell-command-injection 
ATM: add boosted version for `ShellCommandInjectionFromEnvironment` query
 2023-01-20 16:03:30 +01:00
github-actions[bot] 005b3e4a47 Release preparation for version 2.12.1 2023-01-20 12:03:19 +00:00
Michael Nebel dc223cb82e Sync files and make corresponding changes for other languages. 2023-01-19 15:14:06 +01:00
Mark Vogelgesang a3ff0725a3 Removed change-note as it was not necessary 2023-01-18 16:08:29 -05:00
Mark Vogelgesang c9119848d9 Updated express-rate-limit example to match implementation examples found on packages README 2023-01-18 14:42:40 -05:00
erik-krogh 4b74dec18f
expand what is parsed as the stem of a pathexpr 2023-01-17 21:28:21 +01:00
Jean Helie fec7ea6964 ATM: add missing query help files 2023-01-17 12:20:17 +01:00
Jean Helie b08fa43fdf update tests 2023-01-17 12:20:17 +01:00
Jean Helie f07984bab2 update test data 2023-01-17 12:20:17 +01:00
Jean Helie 13aaa22df5 add bosted version of ShellCommandInjectionFromEnvironment 2023-01-17 12:20:17 +01:00
Erik Krogh Kristensen 8ccc384043
Merge pull request #11858 from erik-krogh/moreSpawn 
JS: track shell:true more in js/shell-command-constructed-from-input
 2023-01-16 13:24:50 +01:00
erik-krogh 71af8ab022
simplifications inspired by review 2023-01-13 13:18:52 +01:00
erik-krogh 7ae27bcc34
fix errors in JS printAst 2023-01-12 15:37:52 +01:00
Henry Mercer 70f1015fba
Merge branch 'main' into codeql-ci/atm/release-0.4.5 2023-01-12 12:32:25 +00:00
Pierre c3116b3f0f
Merge branch 'main' into turbo/experimental/combined 2023-01-11 18:02:55 +01:00
github-actions[bot] 76e121e359 JS: Bump version of ML-powered library and query packs to 0.4.6 2023-01-10 21:11:23 +00:00
github-actions[bot] dc88bdccc7 JS: Bump patch version of ML-powered library and query packs 2023-01-10 21:04:31 +00:00
erik-krogh 38ca68febb
recognize "-->" as a bad tag filter 2023-01-10 18:09:56 +01:00
Erik Krogh Kristensen 54c780bdf9
Merge pull request #11853 from erik-krogh/assignMore 
JS: add local flow when recognizing Object.assign calls for library-inputs
 2023-01-10 17:04:29 +01:00
Tony Torralba 72a11e737d
Merge pull request #11775 from atorralba/atorralba/all/omittable-exists 
All: Remove omittable exists variables
 2023-01-10 16:07:06 +01:00
erik-krogh 62b69bbd3e
autoformat 2023-01-10 15:38:13 +01:00
Erik Krogh Kristensen 6623e5fbf3
Merge pull request #11852 from erik-krogh/jsInfiniteChar 
JS: recognize an infinite repetition of a char-class like regex as a char-class like regex
 2023-01-10 15:32:22 +01:00
Erik Krogh Kristensen ce8836fb65
Update javascript/ql/lib/semmle/javascript/PackageExports.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2023-01-10 15:30:44 +01:00
erik-krogh 43696f5e27
add explicit this 2023-01-10 15:27:37 +01:00
erik-krogh 23a847b1cf
track shell:true more in js/shell-command-constructed-from-input 2023-01-10 15:27:37 +01:00
erik-krogh 5c388c554c fix that the `TypeTracker` was unrestricted for the base-case of `nonFirstLocationType` 2023-01-10 13:39:50 +01:00
erik-krogh e02b67af63 add failing test 2023-01-10 13:39:50 +01:00
Tony Torralba 3b6dae41cd JavaScript: Remove omittable exists variables 2023-01-10 13:37:21 +01:00
erik-krogh 79e161e046
slightly broaden the regular expression that recognizes bad string-concats used as shell commands 2023-01-10 12:49:37 +01:00
erik-krogh 9f100ef2c6
add local flow when recognizing Object.assign calls for library-inputs 2023-01-09 17:44:11 +01:00
erik-krogh 90f9e3f825
recognize an infinite repetition of a char-class like regex as a char-class like regex 2023-01-09 17:25:08 +01:00
erik-krogh 785c21f462
fix bad join-order in js/missing-this-qualifier 2023-01-09 16:06:26 +01:00
github-actions[bot] cdb8f67601 Post-release preparation for codeql-cli-2.12.0 2023-01-06 10:36:34 +00:00
Jeroen Ketema 170242f79c
Apply suggestions from code review 2023-01-05 17:57:19 +01:00
Nick Rolfe 6e07076151 tweak wording in 2.12 release notes 2023-01-05 16:46:44 +00:00
github-actions[bot] b6a8193785 Release preparation for version 2.12.0 2023-01-05 16:32:14 +00:00
Aditya Sharad ed73875fac
Merge pull request #11747 from adityasharad/tutorial/library-pack 
Tutorial: Move QL detective tutorial library into shared `codeql/tutorial` library pack
 2023-01-04 08:24:53 -08:00
Erik Krogh Kristensen cedc9c0bff
Merge pull request #11582 from erik-krogh/heuristics 
JS: Add experimental variants of common security queries with more sources
 2023-01-04 10:46:19 +01:00
Aditya Sharad 9988c19a42
Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
Calum Grant ad55706527
Merge branch 'main' into calumgrant/remove-lgtm 2023-01-03 10:27:30 +00:00
Arthur Baars 98c5b81456
Merge pull request #11723 from aibaars/alert-suppression 
CodeQL alert suppression
 2022-12-21 10:59:57 +01:00
Arthur Baars 035ad65e43 AlertSuppression: move library into util folder 2022-12-21 10:39:57 +01:00
Jacques b99c500435
Fix associated test 2022-12-20 12:51:13 +09:00
Jacques 97b8126385
Fix javascript 2022-12-20 12:45:59 +09:00
Aditya Sharad ed29b3e4d6
Shared packs: Depend on `codeql/tutorial` from all language libraries 
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
 2022-12-19 15:52:11 -08:00
Calum Grant e982e144a4 JS: Update qltest output 2022-12-19 17:22:51 +00:00
Arthur Baars a8be5d7274 AlertSuppression: add change notes 2022-12-19 17:02:52 +01:00
Arthur Baars 0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Calum Grant 4a37c01c5f JavaScript: Remove references to LGTM 2022-12-19 15:15:17 +00:00
Arthur Baars c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Arthur Baars 016c7a8ca7
Merge pull request #11719 from aibaars/alert-suppression-shared 
Shared AlertSuppression library
 2022-12-19 16:04:44 +01:00
erik-krogh 66be8cda06
remove more of the implementation into ConditionalBypassQuery.qll 2022-12-19 14:37:19 +01:00
Arthur Baars 8be882f815
Update javascript/ql/src/AlertSuppression.ql 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-19 14:35:16 +01:00
Arthur Baars 682bf6d3a7
Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-19 14:16:05 +01:00
yoff d4eb2b964c
Merge pull request #11699 from erik-krogh/shareHost 
Dynamic: Share more regexp code
 2022-12-19 13:29:53 +01:00
Arthur Baars 23f595bea1 JavaScript: use shared AlertSuppression.qll 2022-12-19 12:25:17 +01:00
erik-krogh 442749bb7f
JS: add heuristic variants of queries that use RemoteFlowSource 2022-12-19 12:01:22 +01:00
Jean Helie 31f7702a04
Merge pull request #11726 from github/jhelie/fix-endpoint-large-scale-script 
ATM: fix script updating endpoint large scale test data
 2022-12-19 10:55:30 +01:00
erik-krogh 35e8d6afd4
move getACommonTld into a utility module without parameters 2022-12-18 17:23:45 +01:00
erik-krogh 26c5480ee6
share {js,rb}/regex/missing-regexp-anchor 2022-12-18 17:23:41 +01:00
turbo 1e5426fca2 Create security-experimental suite helper and all language suite implementations 2022-12-18 15:44:08 +01:00
erik-krogh 355499ea52
move `getACommonTld` to the shared pack 2022-12-17 17:26:18 +01:00
erik-krogh f67d0bc8c0
put the shared HostnameRegexp code in the shared regex pack 2022-12-17 17:26:18 +01:00
Henry Mercer 30451ee950
Merge pull request #11681 from github/henrymercer/mergeback-3.8 
Merge `rc/3.8` back to `main`
 2022-12-16 17:43:12 +00:00
Jean Helie 938a7e828c update tests 2022-12-16 15:31:43 +01:00
Jean Helie cd0220b248 update autogenerated data for endpoint_large_scale 2022-12-16 14:03:01 +01:00
Jean Helie 904a4bd48b fix script updating endpoint_large_scale test data 2022-12-16 14:03:00 +01:00
Erik Krogh Kristensen 1500fa5f67
Merge pull request #10663 from pwntester/restify_improvements 
Javascript: Improve Restify support and add new Spife support
 2022-12-15 11:08:22 +01:00
Erik Krogh Kristensen 55558120d9
add explicit this 2022-12-14 20:59:28 +01:00
Alvaro Muñoz f46a8faf00 port RouteSetup API-based implementation to DataFlow one 2022-12-14 17:37:32 +01:00
turbo 4ec401a3f6 Tag all security queries in supported languages' experimental directories with an experimental tag 2022-12-14 17:15:50 +01:00
Asger F a92acf5218
Merge pull request #11689 from asgerf/js/missing-csrf-qhelp 
JS: Update MissingCsrfMiddleware after 'csurf' deprecation
 2022-12-14 15:50:32 +01:00
Alvaro Muñoz 818c2da1aa fix Spife tests (without heuristics) 2022-12-14 15:42:27 +01:00
Alvaro Muñoz 4cf7299d79 restore Spife.qll to working status 2022-12-14 15:41:53 +01:00
Alvaro Muñoz 14faff4477 fix restify tests 2022-12-14 15:38:35 +01:00
Alvaro Muñoz e1f05e960d Merge branch 'restify_improvements' of https://github.com/pwntester/codeql into restify_improvements 2022-12-14 13:11:13 +01:00
Alvaro Muñoz a71fc930a6 add tests 2022-12-14 13:11:02 +01:00
Asger F b63c658e3b JS: recognize tiny-csrf 2022-12-14 12:30:15 +01:00
Asger F 162419138d JS: Replace csurf -> lusca.csrf from example and qhelp 2022-12-14 12:30:15 +01:00
Henry Mercer 6023a1225c
Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4 
JS: Bump version numbers of ML-powered packs after 0.4.4 release
 2022-12-14 10:27:00 +00:00
Alvaro Muñoz 701676eea1
Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-14 10:18:47 +01:00
Erik Krogh Kristensen 8a89849476
Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Henry Mercer a3933fbf4f Bump minor versions of packs we regularly release 2022-12-13 18:59:24 +00:00
Henry Mercer 7167f078be Merge branch 'main' into henrymercer/mergeback-3.8 2022-12-13 18:40:53 +00:00
Henry Mercer 423374a7b8
Merge branch 'main' into codeql-ci/atm/release-0.4.4 2022-12-13 14:26:21 +00:00
github-actions[bot] 745823ca60 JS: Bump version of ML-powered library and query packs to 0.4.5 2022-12-13 13:32:52 +00:00
github-actions[bot] ea13925a92 JS: Bump patch version of ML-powered library and query packs 2022-12-13 13:28:09 +00:00
Asger F 6b15839221 JS: Add tests for the examples used in the docs 2022-12-13 11:33:12 +01:00
Asger F ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
Alvaro Muñoz 270a4355df format Restify.qll 2022-12-13 11:22:24 +01:00
Alvaro Muñoz 4ba3190d29 Replace API::Node with DataFlow::Node for Spife's RouteSetup 2022-12-13 11:10:04 +01:00
erik-krogh b3a9c1ca06
Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
Alvaro Muñoz 469d7f52dc Use fluent API instead of hasPropertyWrite 2022-12-12 10:46:50 +01:00
Alvaro Muñoz 1410d2838e
Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-12 09:54:02 +01:00
github-actions[bot] 343b7b1c8b Post-release preparation for codeql-cli-2.11.6 2022-12-11 18:15:04 +00:00
github-actions[bot] 0b2fb4f70a Release preparation for version 2.11.6 2022-12-10 15:49:35 +00:00
Asger F 387a673c10
Merge pull request #11567 from asgerf/js/data-extensions2 
JS: Move MaD models to data extensions
 2022-12-09 10:09:24 +01:00
Henry Mercer 280bb6864f
Merge pull request #11604 from github/codeql-ci/atm/release-0.4.3 
JS: Bump version numbers of ML-powered packs after 0.4.3 release
 2022-12-08 13:04:16 +00:00