Граф коммитов

182 Коммитов

Автор SHA1 Сообщение Дата
AlexTereshenkov 3e6f8fb6be
Add bind-socket-all-network-interfaces Python query (#2048)
Add bind-socket-all-network-interfaces Python query
2019-10-03 11:23:11 +01:00
Jonas Jensen 8bed418022 C++: enable the QL-based CFG code 2019-10-03 10:04:24 +02:00
Robert Marsh 68c38ba34a C++: Add change note 2019-10-02 11:38:20 -07:00
yh-semmle 3313af5189
Merge pull request #2036 from aschackmull/java/eq-ssa-guard
Java: Improve guards for equal ssa variables.
2019-10-02 12:00:59 -04:00
Tom Hvitved b66479c028 C#: Add change note 2019-10-02 16:31:26 +02:00
Anders Schack-Mulligen 0154e31e64 Java: Add change note. 2019-10-02 11:47:53 +02:00
Erik Krogh Kristensen aa1368741b rename suspicious-method-name to suspicious-method-name-declaration 2019-10-01 14:37:07 +02:00
Jonas Jensen 7c319efb8b C++: Data flow through reference parameters 2019-10-01 10:43:49 +02:00
Jonas Jensen f417640da4
Merge pull request #1938 from dave-bartolomeo/dave/InNOut
C++: Rename predicates in `FunctionInputsAndOutputs.qll` and add QLDoc
2019-09-30 13:30:19 +02:00
Erik Krogh Kristensen 0320f0f26b add query for detecting suspisous method names in TypeScript 2019-09-30 13:05:50 +02:00
Dave Bartolomeo 28aa7dcae2 C++: Fix PR feedback 2019-09-26 13:56:43 -07:00
Max Schaefer d4fca84898 JavaScript: Improve XSS sanitizer detection.
We now use local data flow to detect more regexp-based sanitizers.
2019-09-23 17:07:06 +01:00
Jonas Jensen 898976121b
Merge pull request #1987 from geoffw0/toomanyformat
CPP: WrongNumberOfFormatArguments.ql Fix
2019-09-23 16:05:11 +02:00
semmle-qlci e2c941c577
Merge pull request #1916 from erik-krogh/taintedLength
Approved by asger-semmle, xiemaisi
2019-09-23 11:47:48 +01:00
semmle-qlci 7a57a3c743
Merge pull request #1996 from xiemaisi/js/fix-illegal-invocation-refl
Approved by esben-semmle
2019-09-23 09:16:33 +01:00
Max Schaefer 149ae5d7ab JavaScript: Fix IllegalInvocation.
This fixes false positives that arise when a call such as `f.apply` can either be interpreted as a reflective invocation of `f`, or a normal call to method `apply` of `f`.
2019-09-23 07:44:14 +01:00
Erik Krogh Kristensen 814c5537be update name of loop bound injection in change-notes 2019-09-20 22:56:08 +02:00
Geoffrey White accb8246d4 CPP: Change note. 2019-09-20 15:15:35 +01:00
Calum Grant b31cd8ab32
Merge pull request #1982 from hvitved/csharp/null-maybe-dynamic
C#: Remove false positives from `cs/dereferenced-value-may-be-null`
2019-09-20 14:46:01 +01:00
Calum Grant 8408e90b5f C#: Change note & docs. 2019-09-20 14:44:07 +01:00
semmle-qlci 6d9d859119
Merge pull request #1934 from asger-semmle/node-js-classification
Approved by esben-semmle
2019-09-20 09:50:34 +01:00
Tom Hvitved fb68d839a9 C#: Add change note 2019-09-20 10:40:20 +02:00
Robert Marsh fd88f7a3ce
Merge pull request #1884 from jbj/dataflow-addressof
C++: Data flow through address-of operator (&)
2019-09-19 09:15:43 -07:00
semmle-qlci 6f2e485ace
Merge pull request #1950 from xiemaisi/js/rate-limiter-flexible
Approved by esben-semmle
2019-09-19 12:45:45 +01:00
Erik Krogh Kristensen 3ef187f7f2
Add external/cwe/cwe-834 tag in change notes for js/loop-bound-injectoin
Co-Authored-By: Max Schaefer <max@semmle.com>
2019-09-19 11:30:15 +02:00
Esben Sparre Andreasen b631bfc8eb
Merge branch 'master' into node-js-classification 2019-09-19 09:42:26 +02:00
semmle-qlci 57a6c0c20d
Merge pull request #1918 from esben-semmle/js/improve-getAResponseDataNode
Approved by asger-semmle
2019-09-18 14:03:45 +01:00
semmle-qlci 479fca9e30
Merge pull request #1946 from xiemaisi/js/top-level-await
Approved by asger-semmle
2019-09-18 12:32:09 +01:00
Max Schaefer 3970ead7ab JavaScript: Add support for `rate-limiter-flexible` package. 2019-09-18 12:25:33 +01:00
Max Schaefer 9ff5c7007a JavaScript: Add support for top-level `await`. 2019-09-18 09:56:21 +01:00
Esben Sparre Andreasen ac6554b7da
Merge branch 'master' into js/improve-getAResponseDataNode 2019-09-17 13:18:41 +02:00
Jonas Jensen fd6d06fe6f C++: Data flow through address-of operator (&)
The data flow library conflates pointers and their objects in some
places but not others. For example, a member function call `x.f()` will
cause flow from `x` of type `T` to `this` of type `T*` inside `f`. It
might be ideal to avoid that conflation, but that's not realistic
without using the IR.

We've had good experience in the taint tracking library with conflating
pointers and objects, and it improves results for field flow, so perhaps
it's time to try it out for all data flow.
2019-09-17 13:16:34 +02:00
Asger F f8eff06aa1 JS: Change note 2019-09-17 11:20:39 +01:00
Esben Sparre Andreasen c9d31e90fe JS: add change notes 2019-09-16 10:11:43 +02:00
Erik Krogh Kristensen 3fb64abb09
fix consistency and spelling in the documentation
suggestions from the documentation team

Co-Authored-By: shati-patel <42641846+shati-patel@users.noreply.github.com>
2019-09-13 14:52:11 +01:00
Erik Krogh Kristensen 5b2b60f132
change DOS to DoS, and other small documentation fixes
Co-Authored-By: Max Schaefer <max@semmle.com>
2019-09-13 10:26:01 +01:00
Erik Krogh Kristensen 17a71a97c5 add loop-bound-injection to change-notes 2019-09-12 15:28:14 +01:00
Calum Grant e330d5a6c6
Merge pull request #1549 from hvitved/csharp/cfg/loop-unrolling
C#: Loop unrolling for `foreach` statements
2019-09-12 10:24:26 +01:00
semmle-qlci 72db219c13
Merge pull request #1910 from xiemaisi/js/unused-index-variable
Approved by esben-semmle, shati-semmle
2019-09-11 14:33:32 +01:00
Max Schaefer 500cde68c3 JavaScript: Add new query `UnusedIndexVariable`. 2019-09-11 11:36:50 +01:00
Esben Sparre Andreasen 086c473c18 JS: sharpen js/http-to-file-access 2019-09-11 12:05:33 +02:00
semmle-qlci 16c95d8c5e
Merge pull request #1876 from esben-semmle/js/more-delimiter-stripping-whitelisting
Approved by xiemaisi
2019-09-11 09:16:57 +01:00
Esben Sparre Andreasen f7bfc472c1 JS: treat server responses as untrusted for command injections 2019-09-11 09:38:18 +02:00
Asger F 194a1c3530 JS: Change note 2019-09-09 15:42:43 +01:00
semmle-qlci e899250e87
Merge pull request #1894 from asger-semmle/fp-incorrect-suffix-check
Approved by xiemaisi
2019-09-09 15:33:47 +01:00
semmle-qlci 89cba089b4
Merge pull request #1892 from asger-semmle/event-handler-sink
Approved by esben-semmle
2019-09-09 15:33:21 +01:00
Asger F b6690bb644 JS: Add change note 2019-09-09 12:45:03 +01:00
Calum Grant 3734552081 C#: Add change note for datetime queries. 2019-09-06 16:45:02 +01:00
Asger F dfd18a51ee JS: Change note 2019-09-06 16:03:16 +01:00
Robert Marsh 94c625f03f
Merge pull request #1777 from jbj/ast-field-flow-defbyref
C++: Don't use definitionByReference for data flow
2019-09-05 10:23:28 -07:00
semmle-qlci fd2e8486e4
Merge pull request #1862 from asger-semmle/prototype-pollution-angular-merge
Approved by esben-semmle
2019-09-05 12:50:58 +01:00
Esben Sparre Andreasen a9665f53b8 JS: whitelist quote stripping for js/incomplete-sanitization 2019-09-05 09:47:49 +01:00
Jonas Jensen 114c2fe0d4 Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref 2019-09-05 09:33:45 +02:00
Robert Marsh a3290503ec
Merge pull request #1806 from jbj/localExprFlow
C++: Add localExprFlow and localExprTaint
2019-09-04 10:38:46 -07:00
Asger F 93a3f571ec JS: Add change note 2019-09-04 16:14:51 +01:00
Jonas Jensen cdcc716675
Merge pull request #1867 from geoffw0/erafix9
CPP: Add date to JapaneseEraDate.ql
2019-09-04 13:16:04 +02:00
Jonas Jensen 3ba650911c
Merge pull request #1847 from geoffw0/erafix8
CPP: Deal with two very similar Japanese era queries
2019-09-04 09:57:10 +02:00
Geoffrey White 84112d3630 CPP: Change note. 2019-09-03 18:30:24 +01:00
semmle-qlci 6778f28424
Merge pull request #1854 from asger-semmle/prototype-pollution-precision
Approved by esben-semmle, xiemaisi
2019-09-03 10:50:24 +01:00
Jonas Jensen d7681bf122 C++: Don't use definitionByReference for data flow
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
2019-09-03 11:49:01 +02:00
Tom Hvitved 4b32ee77e6 C#: Add change note 2019-09-03 09:35:58 +02:00
Asger F c71a66a045 JS: Add change note 2019-09-02 11:05:07 +01:00
Max Schaefer 91e46cd6fd JavaScript: Fix parsing of asynchronous generator methods. 2019-09-02 09:56:42 +01:00
semmle-qlci 6d55d1f7c0
Merge pull request #1707 from asger-semmle/canonical-name-call-graph
Approved by xiemaisi
2019-09-02 09:45:24 +01:00
Max Schaefer 742c9708a9
Merge pull request #1828 from asger-semmle/jsdoc-relation
JS: Make getDocumentation handle chain assignments
2019-09-02 08:43:40 +01:00
Jonas Jensen 63311739a5 C++: Add localExprFlow and localExprTaint
This is for ODASA-8053.
2019-09-02 09:29:10 +02:00
yh-semmle f54545522e
Merge pull request #1759 from aschackmull/java/flow-exploration
Java/C++/C#: Add support for dataflow exploration by partial paths.
2019-08-30 17:00:17 -04:00
Asger F 45941869ad JS: Change note 2019-08-30 18:25:39 +01:00
Asger F 9533ca0926 JS: Change note 2019-08-30 18:19:49 +01:00
Asger F 3186942906 JS: Add change note 2019-08-30 16:05:13 +01:00
semmle-qlci a97aefe0c3
Merge pull request #1835 from xiemaisi/js/dom-fixes
Approved by asger-semmle
2019-08-30 14:45:06 +01:00
Taus a2841b4245
Merge pull request #1763 from markshannon/python-cwe-312
Python: Two new queries for CWE-312.
2019-08-30 15:28:56 +02:00
Anders Schack-Mulligen 455bb6cd15 Java/C++/C#: Add change notes. 2019-08-30 14:35:21 +02:00
Anders Schack-Mulligen 6749f7a1b7
Merge pull request #1843 from lukecartey/java/add-missing-sql-apis
Java: Add missing SQL query APIs.
2019-08-30 14:27:40 +02:00
Luke Cartey e118f9a5f9 Add change note. 2019-08-30 10:48:37 +01:00
Mark Shannon 811815aa4e Merge branch 'master' into python-cwe-312 2019-08-30 10:39:04 +01:00
Tom Hvitved ae5fb7f330 C#: Introduce `BarrierGuard`s 2019-08-30 09:37:16 +02:00
Geoffrey White b254e1f48e CPP: Change note. 2019-08-29 18:24:29 +01:00
Calum Grant 424ab3ed6a C#: Analysis change notes. 2019-08-29 18:12:58 +01:00
Mark Shannon 4f172bd075 Python: Add change note for CWE-312 queries. 2019-08-29 16:05:11 +01:00
Jonas Jensen c8a9ec465e C++: New change-notes file for 1.23 2019-08-28 13:36:57 +02:00
Max Schaefer 78ce290de3 JavaScript: Fix `DomMethodCallExpr.interpretsArgumentsAsHTML`. 2019-08-28 11:22:03 +01:00