hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

701 Commits

Author SHA1 Message Date
Michael Nebel
baea74fa1b C#: Add new testexamples and update expected testoutput. 2023-02-28 13:21:31 +01:00
Michael Nebel
0ed48616a7 C#: Use stubs for CWE-321/HardcodedSymmetricEncryptionKey. 2023-01-31 13:21:00 +01:00
Michael Nebel
9808482c41 C#: Update Minimal stubs from source testcase expected output. 2023-01-31 13:21:00 +01:00
Michael Nebel
3510f465b2 C#: Use stubs for ThreadUnsafeICryptoTransformLambda. 2023-01-31 13:21:00 +01:00
Michael Nebel
f3555b1076 C#: Update options files as some classes has been moved to other dll's. 2023-01-31 13:21:00 +01:00
Michael Nebel
fd74c10b06 C#: Use stubs for ThreadUnsafeICryptoTransform. 2023-01-31 13:21:00 +01:00
Michael Nebel
14888d4382 C#: Use stubs for CWE-327 test cases. 2023-01-31 13:21:00 +01:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Arthur Baars
06736e3e91 Add .gitattributes for Windows test files 2022-12-19 12:39:01 +01:00
Jami Cogswell
b789534b6c add csharp tests 2022-12-01 15:11:16 -05:00
Tom Hvitved
5bcb9b285a Merge pull request #11142 from JarLob/const 
C#: Extend `Constant Condition` query with `String.IsNullOrEmpty`.
 2022-11-29 14:32:48 +01:00
Erik Krogh Kristensen
f7b5a4d170 Merge pull request #11203 from erik-krogh/shouldBePath 
C#: update cs/assembly-path-injection cs/hardcoded-key to path-problems
 2022-11-15 16:24:05 +01:00
erik-krogh
887062d339 update cs/assembly-path-injection and cs/hardcoded-key to path-problems 2022-11-11 10:55:36 +01:00
JarLob
e122f94c1c Move to isBooleanConstant 2022-11-07 13:38:05 +01:00
JarLob
74ee101592 Extend Constant Condition query with String.IsNullOrEmpty. 2022-11-07 13:05:37 +01:00
Michael Nebel
fec4d1992d C#: Update telemetry expected output. 2022-11-04 11:20:33 +01:00
erik-krogh
318718c428 update expected output 2022-09-30 14:51:41 +02:00
erik-krogh
7098e7b102 change more queries to start with "This " 2022-09-30 13:29:18 +02:00
erik-krogh
77eeabe8e5 changed to address review 2022-09-29 13:39:59 +02:00
erik-krogh
326666ac85 update the alert-messages of csharp queries 2022-09-26 14:01:39 +02:00
Michael Nebel
9ace52114c C#: Update expected test output. 2022-09-23 13:06:48 +02:00
Michael Nebel
7c74cc6420 C#: Update expected test output - including false positive. 2022-09-23 13:04:04 +02:00
Michael Nebel
e45e06b675 C#: Add LogForging testcase based on ASP.NET. 2022-09-23 13:02:42 +02:00
Michael Nebel
39402b842e C#: Add ASP.NET Core stubs to LogForging tests. 2022-09-23 12:59:15 +02:00
Michael Nebel
96a46a007f C#: Use stubs in the CWE-117 LogForging test. 2022-09-23 12:49:12 +02:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
erik-krogh
c7aa58252a change "does not seem to check" to "does not check" in unchecked-cast-in-equals queries 2022-08-25 12:31:58 +02:00
Ian Lynagh
5d97bb35d0 Make *.cs non-executable 2022-08-24 16:54:34 +01:00
Ian Lynagh
b9a4b5ab9a Make *.qlref non-executable 2022-08-24 16:53:16 +01:00
Ian Lynagh
4cd618f81c Make *.expected non-executable 2022-08-24 16:51:50 +01:00
erik-krogh
1c0f2251e2 Merge branch 'main' into msgConsis 2022-08-24 14:38:57 +02:00
Michael Nebel
ad671f7fb4 C#: Update test expected output after addition of negative summaries. 2022-08-24 09:58:53 +02:00
erik-krogh
7e0bd5bde4 update expected output of tests 2022-08-22 21:41:47 +02:00
Tom Hvitved
f275885258 C#: Add a cshtml-based XSS test 2022-08-18 15:24:04 +02:00
Michael Nebel
15906338dc Merge pull request #9923 from michaelnebel/csharp/webgoat 
C#: SQL Injection improvements for SQLite.
 2022-08-15 13:22:25 +02:00
Michael Nebel
79a716488b Merge pull request #10003 from michaelnebel/csharp/stubsenum 
C#: Stub generator improvements.
 2022-08-15 12:14:06 +02:00
Michael Nebel
af473db067 C#: Add function pointer test case in stub generation. 2022-08-12 14:56:52 +02:00
Michael Nebel
7c7c335b0e C#: Update stub generator expected output. 2022-08-12 13:01:15 +02:00
Michael Nebel
b052fbf41c C#: Add enum long type testcase. 2022-08-12 12:51:31 +02:00
Michael Nebel
9ff94120d8 C#: Update stub generator test(s) expected output. 2022-08-12 12:48:24 +02:00
Michael Nebel
d023f840de C#: Add Enum examples in stub generator test code. 2022-08-12 12:48:24 +02:00
Tamas Vajk
7a406d8e41 C#: Fix unsafe deserialization with JsonConvert.DeserializeObject 
Remove false positives when `JsonConvert.DeserializeObject` is called with not necessarily unsafe settings.
 2022-08-11 11:00:46 +02:00
Tamas Vajk
6e6bd208b1 C#: Add test case for JsonConvert.DeserializeObject in unsafe deserialization tests 2022-08-11 11:00:23 +02:00
Michael Nebel
c3adb990a3 C#: Update SQL Injection with testcase with found vulnerability. 2022-08-10 14:49:20 +02:00
Michael Nebel
504160fee4 C#: Update expected file for Sql injection and Second Order sql injection (note that this is already a second order sql injection). 2022-08-10 14:49:20 +02:00
Michael Nebel
5c47ae3f98 C#: Add testcase for unsanitized filename used in Filestream. 2022-08-10 14:49:20 +02:00
Michael Nebel
1355931b50 C#: Update SecondOrder SQL Injection test case expected output with vulnerability from test case. 2022-08-10 14:49:19 +02:00
Michael Nebel
2b51e03223 C#: Add SecondOrder SQL injection example, where reading from a file. 2022-08-10 11:08:27 +02:00
Michael Nebel
344770f06a C#: Update Sqlinjection test query output with new results. 2022-08-10 11:08:27 +02:00