hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

C#: Update @name for two queries

Browse Source
This commit is contained in:
Tom Hvitved
2019-06-27 10:03:03 +02:00
parent c7983a0d9d
commit b6cf13510c
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
change-notes/1.21/analysis-csharp.md
View File

@@ -8,8 +8,8 @@ C# analysis now supports the extraction and analysis of many C# 8 features. For
| **Query** | **Tags** | **Purpose** |
|-----------------------------------------------|------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Class defines a field that uses an ICryptoTransform class in a way that would be unsafe for concurrent threads (`cs/thread-unsafe-icryptotransform-field-in-class`) | concurrency, security, external/cwe/cwe-362 | Highlights classes with fields that make use of a static `System.Security.Cryptography.ICryptoTransform` object. Using these classes in concurrent threads is dangerous. It may result in an error and may also give incorrect results. Results are not shown on [LGTM](https://lgtm.com/rules/1507931833866/) by default. |
| Potential usage of an object implementing ICryptoTransform class in a way that would be unsafe for concurrent threads (`cs/thread-unsafe-icryptotransform-captured-in-lambda`) | concurrency, security, external/cwe/cwe-362 | Highlights instances of classes where a field of type `System.Security.Cryptography.ICryptoTransform` is captured by a lambda, and appears to be used in a thread initialization method. Results are not shown on [LGTM](https://lgtm.com/rules/1508141845995/) by default. |
| Thread-unsafe use of a static ICryptoTransform field (`cs/thread-unsafe-icryptotransform-field-in-class`) | concurrency, security, external/cwe/cwe-362 | Highlights classes with fields that make use of a static `System.Security.Cryptography.ICryptoTransform` object. Using these classes in concurrent threads is dangerous. It may result in an error and may also give incorrect results. Results are not shown on [LGTM](https://lgtm.com/rules/1507931833866/) by default. |
| Thread-unsafe capturing of an ICryptoTransform object (`cs/thread-unsafe-icryptotransform-captured-in-lambda`) | concurrency, security, external/cwe/cwe-362 | Highlights instances of classes where a field of type `System.Security.Cryptography.ICryptoTransform` is captured by a lambda, and appears to be used in a thread initialization method. Results are not shown on [LGTM](https://lgtm.com/rules/1508141845995/) by default. |
## Changes to existing queries