Skip to content

Commit 1e27135

Browse files
jeongsoolee09jeongsoolee09
authored
Merge pull request #129 from advanced-security/mbaluda/xsjs
XSJS queries and CodeQL update
2 parents f273554 + ff32774 commit 1e27135

File tree

68 files changed

+1568
-29519
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

68 files changed

+1568
-29519
lines changed

.github/codeql/codeql-config.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@ name: "My CodeQL config"
22

33
queries:
44
- uses: security-extended
5-
# for ui5/cap queries
65
- uses: ./javascript/frameworks/ui5/src/codeql-suites/javascript-security-extended.qls
76
- uses: ./javascript/frameworks/cap/src/codeql-suites/javascript-security-extended.qls
7+
- uses: ./javascript/frameworks/xsjs/src/codeql-suites/javascript-security-extended.qls
88

99
paths-ignore:
1010
- "**/frameworks/*/test/models"

.github/workflows/javascript.sarif.expected

Lines changed: 1 addition & 29389 deletions
Large diffs are not rendered by default.

README.md

Lines changed: 5 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -1,38 +1,5 @@
1-
# SAP UI5 with CodeQL
2-
3-
CodeQL queries and supporting models for the SAP UI5 JavaScript framework
4-
5-
### Queries
6-
- [XSS](javascript/frameworks/UI5/src/UI5Xss/UI5Xss.ql)
7-
- [Log Injection](javascript/frameworks/UI5/src/UI5LogInjection/UI5LogInjection.ql)
8-
- [Clickjacking](javascript/frameworks/UI5/src/UI5Clickjacking/UI5Clickjacking.ql)
9-
10-
### Modeled UI5 framework elements
11-
- UI5 AMD-style components (also via jQuery)
12-
- MVC elements:
13-
- UI5 Controllers and Data Models (literal/external JSON models)
14-
- UI5 [declarative Views](DeclarativeApp.png) (XML/JSON/HTML/JS)
15-
- Library/custom UI5 Controls
16-
- Project naming conventions (e.g. Control-Renderer)
17-
- Source/Sink definition via [ModelAsData extensions](javascript/frameworks/UI5/ext/ui5-data-extensions.yml#L61-L97)
18-
- Controls inheritance via [ModelAsData extensions](javascript/frameworks/UI5/ext/ui5-data-extensions.yml#L42-L59)
19-
20-
### Supported Features with tests
21-
The following tables list the main supported features with corresponding test cases
22-
#### Detecting XSS and Log injection vulnerabilities
23-
|test | library controls | [MaD sources sinks](javascript/frameworks/UI5/ext/ui5-data-extensions.yml#L61-L97) | custom controls | UI5View | JS dataflow | HTML APIs | sanitizer | acc.path via handler |
24-
| - | :-: | :-: | :-: | :-: | :-: | :-: | :-: | :-: |
25-
| [xss-html-control](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/1033) | ✅︎ | ✅︎ | | XMLView |
26-
| [xss-custom-control-api1](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/1051)| ✅︎ | ✅︎ | ✅︎ | XMLView | | classic |
27-
| [xss-custom-control-api2](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/250)| ✅︎ | ✅︎ | ✅︎ | XMLView | | DOM |
28-
| [xss-json-view](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/247)<br/>[xss-html-view](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/245)<br/>[xss-js-view](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/246) | ✅︎ | ✅︎ | | JsonView<br/>HTMLView<br/>JSView |
29-
| [log-html-control-df](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/275) | ✅︎ | ✅︎ | |XMLView| ✅︎ |
30-
| [sanitized](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/277)| ✅︎ | ✅︎ | ✅︎ | XMLView | ✅︎ | DOM | ✅︎ |
31-
| [xss-event-handlers](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/335)| ✅︎ | ✅︎ | ✅︎ | XMLView | | | | ✅︎ |
32-
33-
#### Detecting Clickjacking vulnerabilities
34-
| test | secure | insecure frameOptions | missing frameOptions |
35-
| - | :-: | :-: | :-: |
36-
| [clickjacking-deny-all](javascript/frameworks/UI5/test/queries/UI5Clickjacking/clickjacking-deny-all/index.html#L10) | ✅︎ | |
37-
| [clickjacking-allow-all:l9](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/240)<br/>[clickjacking-allow-all:l28](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/241) | | ✅︎ |
38-
| [clickjacking-default-all](https://github.com/advanced-security/codeql-sap-js/security/code-scanning/330) | | | ✅︎ |
1+
# Overview
2+
[CodeQL](https://codeql.github.com/) models and queries for the SAP frameworks:
3+
- [CAP](javascript/frameworks/cap) (https://cap.cloud.sap/)
4+
- [UI5](javascript/frameworks/ui5) (https://sapui5.hana.ondemand.com/)
5+
- [XSJS](javascript/frameworks/xsjs) (https://www.npmjs.com/package/@sap/async-xsjs)

javascript/frameworks/cap/ext/qlpack.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ library: true
33
name: advanced-security/javascript-sap-cap-models
44
version: 0.2.0
55
extensionTargets:
6-
codeql/javascript-all: "^0.9.1"
7-
codeql/javascript-queries: "^0.8.16"
6+
codeql/javascript-all: "^1.1.0"
7+
codeql/javascript-queries: "^1.0.3"
88
dataExtensions:
99
- "*.model.yml"

javascript/frameworks/cap/lib/codeql-pack.lock.yml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -2,23 +2,23 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/dataflow:
5-
version: 0.2.7
5+
version: 1.0.3
66
codeql/javascript-all:
7-
version: 0.9.1
7+
version: 1.1.0
88
codeql/mad:
9-
version: 0.2.16
9+
version: 1.0.3
1010
codeql/regex:
11-
version: 0.2.16
11+
version: 1.0.3
1212
codeql/ssa:
13-
version: 0.2.16
13+
version: 1.0.3
1414
codeql/tutorial:
15-
version: 0.2.16
15+
version: 1.0.3
1616
codeql/typetracking:
17-
version: 0.2.16
17+
version: 1.0.3
1818
codeql/util:
19-
version: 0.2.16
19+
version: 1.0.3
2020
codeql/xml:
21-
version: 0.0.3
21+
version: 1.0.3
2222
codeql/yaml:
23-
version: 0.2.16
23+
version: 1.0.3
2424
compiled: false

javascript/frameworks/cap/lib/qlpack.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,5 @@ version: 0.2.0
55
suites: codeql-suites
66
extractor: javascript
77
dependencies:
8-
codeql/javascript-all: "^0.9.1"
8+
codeql/javascript-all: "^1.1.0"
99
advanced-security/javascript-sap-cap-models: "^0.2.0"

javascript/frameworks/cap/src/codeql-pack.lock.yml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -2,23 +2,23 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/dataflow:
5-
version: 0.2.7
5+
version: 1.0.3
66
codeql/javascript-all:
7-
version: 0.9.1
7+
version: 1.1.0
88
codeql/mad:
9-
version: 0.2.16
9+
version: 1.0.3
1010
codeql/regex:
11-
version: 0.2.16
11+
version: 1.0.3
1212
codeql/ssa:
13-
version: 0.2.16
13+
version: 1.0.3
1414
codeql/tutorial:
15-
version: 0.2.16
15+
version: 1.0.3
1616
codeql/typetracking:
17-
version: 0.2.16
17+
version: 1.0.3
1818
codeql/util:
19-
version: 0.2.16
19+
version: 1.0.3
2020
codeql/xml:
21-
version: 0.0.3
21+
version: 1.0.3
2222
codeql/yaml:
23-
version: 0.2.16
23+
version: 1.0.3
2424
compiled: false

javascript/frameworks/cap/src/qlpack.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ version: 0.2.0
55
suites: codeql-suites
66
extractor: javascript
77
dependencies:
8-
codeql/javascript-all: "^0.9.1"
8+
codeql/javascript-all: "^1.1.0"
99
advanced-security/javascript-sap-cap-models: "^0.2.0"
1010
advanced-security/javascript-sap-cap-all: "^0.2.0"
1111
default-suite-file: codeql-suites/javascript-code-scanning.qls

javascript/frameworks/cap/test/codeql-pack.lock.yml

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,29 +2,29 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/dataflow:
5-
version: 0.2.7
5+
version: 1.0.3
66
codeql/javascript-all:
7-
version: 0.9.1
7+
version: 1.1.0
88
codeql/javascript-queries:
9-
version: 0.8.16
9+
version: 1.0.3
1010
codeql/mad:
11-
version: 0.2.16
11+
version: 1.0.3
1212
codeql/regex:
13-
version: 0.2.16
13+
version: 1.0.3
1414
codeql/ssa:
15-
version: 0.2.16
15+
version: 1.0.3
1616
codeql/suite-helpers:
17-
version: 0.7.16
17+
version: 1.0.3
1818
codeql/tutorial:
19-
version: 0.2.16
19+
version: 1.0.3
2020
codeql/typetracking:
21-
version: 0.2.16
21+
version: 1.0.3
2222
codeql/typos:
23-
version: 0.2.16
23+
version: 1.0.3
2424
codeql/util:
25-
version: 0.2.16
25+
version: 1.0.3
2626
codeql/xml:
27-
version: 0.0.3
27+
version: 1.0.3
2828
codeql/yaml:
29-
version: 0.2.16
29+
version: 1.0.3
3030
compiled: false

javascript/frameworks/cap/test/qlpack.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,8 @@ name: advanced-security/javascript-sap-cap-queries-tests
33
version: 0.2.0
44
extractor: javascript
55
dependencies:
6-
codeql/javascript-all: "^0.9.1"
7-
codeql/javascript-queries: "^0.8.16"
6+
codeql/javascript-all: "^1.1.0"
7+
codeql/javascript-queries: "^1.0.3"
88
advanced-security/javascript-sap-cap-queries: "^0.2.0"
99
advanced-security/javascript-sap-cap-models: "^0.2.0"
1010
advanced-security/javascript-sap-cap-all: "^0.2.0"

0 commit comments

Comments
 (0)