Skip to content

JS: recognize array elements from JQuery objects as DOM values #6487

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 17, 2021
Merged

JS: recognize array elements from JQuery objects as DOM values #6487

merged 1 commit into from
Aug 17, 2021

Conversation

erik-krogh
Copy link
Contributor

@erik-krogh erik-krogh commented Aug 16, 2021
edited
Loading

Recognizes some more sinks for CVE-2019-20921

Performance evaluation looks good.
One new result, which looks like a TP.

@github-actions github-actions bot added the JS label Aug 16, 2021
@erik-krogh erik-krogh added Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish no-change-note-required This PR does not need a change note JS:changes-sources-or-sinks Changes taint sources/sinks for the JS analysis and removed Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish labels Aug 16, 2021
@erik-krogh erik-krogh marked this pull request as ready for review August 17, 2021 06:58
@erik-krogh erik-krogh requested a review from a team as a code owner August 17, 2021 06:58
@codeql-ci codeql-ci merged commit 92804a3 into github:main Aug 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asgerf asgerf asgerf approved these changes

Assignees
No one assigned
Labels
JS:changes-sources-or-sinks Changes taint sources/sinks for the JS analysis JS no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@erik-krogh @asgerf @codeql-ci