hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

2802 Commits

Author SHA1 Message Date
Michael Nebel
3ba893dfa8 C#: Remove System.Data.SqlClient 4.8.2 stub. 2022-08-09 13:15:44 +02:00
Michael Nebel
7c68947035 C#: Update flow summaries expected out as we now include ASP.NET Core as stubs for these tests. 2022-08-09 13:08:34 +02:00
Michael Nebel
6d96da1838 C#: Use ASP.NET Core stub instead of Microsoft.Extensions.Primitives and manual written ASP.NET Core stubs. 2022-08-09 13:08:34 +02:00
Michael Nebel
63b06d50b0 C#: Delete ServiceStack 5.11.0 and related projects. 2022-08-09 13:08:34 +02:00
Michael Nebel
094dcf989e C#: Update FlowSummaries test expected file (this is required since the .NET Runtime stubs have been updated). 2022-08-09 13:08:34 +02:00
Michael Nebel
d76b069bc5 C#: Manual changes to stubs to ensure compilation. 2022-08-09 13:08:34 +02:00
Michael Nebel
73b6697ea6 C#: Add ServiceStack 6.2.0 and friends. 2022-08-09 13:08:17 +02:00
Michael Nebel
b90a404658 Merge pull request #9636 from michaelnebel/csharp/sinkmodelcsv 
C#: Convert Sinks to CSV format for SymmetricAlgorithm.
 2022-08-09 09:05:12 +02:00
Tamas Vajk
36c913061c C#: Fix dataflow for default constructors 2022-08-09 07:46:27 +02:00
Tamas Vajk
1a92fc90e0 C#: Add test to demonstrate missing dataflow for default constructors 2022-08-09 07:46:27 +02:00
Michael Nebel
6febbc5966 C#: Update .NET Core and ASP.NET Core. 2022-08-08 13:29:20 +02:00
Raul Garcia
5a7b6532a9 Updated to handle lambda statements (previously false negatives) + a couple of bug fixes. 2022-07-29 13:47:53 -07:00
Raul Garcia
9b79668ed2 Addressing some of the feedback. Work still pending 2022-07-20 10:58:01 -07:00
Raul Garcia
7f725137e5 Addressing some of the feedback. Work pending. 2022-07-20 10:56:44 -07:00
Michael Nebel
66232a8054 C#: Fix typo. 2022-07-18 14:28:49 +02:00
Michael Nebel
e6e82ef56d C#: Update test with Decrypt example. 2022-07-18 14:28:49 +02:00
Michael Nebel
52a9fb0de7 C#: Add test for decrypt. 2022-07-18 14:28:49 +02:00
Raul Garcia
62c28571c6 making changes based on feedback during PR 2022-07-01 17:35:02 -07:00
Raul Garcia
202a0916a3 IdentityModel_tokenvalidation 2022-06-23 09:03:16 -07:00
Michael Nebel
8899bf7f05 C#: Update tests. 2022-06-22 13:03:23 +02:00
Michael Nebel
24ba5cc06e Merge pull request #9025 from michaelnebel/csharp/generatedrefactor 
C#: Provenance column in Models as Data CSV format.
 2022-06-22 10:34:31 +02:00
Mathias Vorreiter Pedersen
35c8ca15f5 Merge pull request #8912 from rdmarsh2/rdmarsh2/fix-ir-globals 
C++: Fix IR variable reuse for global var inits
 2022-06-20 16:45:39 +01:00
Michael Nebel
cf3cb292b7 C#: Update the model generator to use provenance column printing. 2022-06-20 16:20:01 +02:00
Michael Nebel
e0a96e16c3 C#: Update entity framework flow summaries test. 2022-06-20 16:20:01 +02:00
Michael Nebel
da0b9db57f C#: Update flow summary printing in test cases to reflect provenance. 2022-06-20 16:20:01 +02:00
Michael Nebel
32b69d3e0c C#: Update external models tests. 2022-06-20 16:20:01 +02:00
Michael Nebel
e3a5f7b8a3 C#: Introduce provenance column in CSV format for Models as data summaries, sources and sinks. 2022-06-20 16:20:01 +02:00
Tamás Vajk
f737804035 Merge pull request #9610 from tamasvajk/fix/global-statements 
C#: Fix global statement extraction
 2022-06-20 12:54:36 +02:00
Michael Nebel
70203633a1 Merge pull request #9393 from michaelnebel/csharp/asptaintedmember 
C#: ASP.NET Core like members are tainted
 2022-06-20 12:11:16 +02:00
Tamas Vajk
51f0a928dc C#: Fix global statement extraction by extracting statements inside the implicit main method context 2022-06-20 10:09:11 +02:00
Tamas Vajk
c460e5757b C#: Add extractor error test for global statement extraction 2022-06-20 09:42:18 +02:00
Rasmus Wriedt Larsen
b65a10d1ef Inline Expectation Tests: sync 2022-06-17 17:38:19 +02:00
Michael Nebel
1f2f2fff7f C#: Update testcases with examples. 2022-06-16 08:43:06 +02:00
Michael Nebel
ef0a3d0a79 C#: Add testcase for controller parameter types tainted members. 2022-06-16 08:38:31 +02:00
Michael Nebel
93007f89c8 C#: Move ASP Net Core stubs into stubs folder. 2022-06-16 08:38:31 +02:00
Robert Marsh
5f77552c37 Merge branch 'main' into rdmarsh2/fix-ir-globals 2022-06-13 12:43:08 -04:00
Rasmus Wriedt Larsen
50196d099b Inline Expectation Tests: sync 2022-06-03 11:39:57 +02:00
Michael Nebel
9cab92b16f C#: Update flow summaries test after rebase. The rebase included a fix to the isAutoGenerated predicate, which means that a summary is only considered autogenerated, if no hand-written version exist. This affects the printing as well. 2022-05-25 08:28:15 +02:00
Michael Nebel
5b405bb4cf C#: Update FlowSummaries test with generated printing (needed due to rebase). 2022-05-25 08:28:15 +02:00
Michael Nebel
ba7238d6e2 C#: Update XML Injectiont test output after rebase (query has been turned into a path-problem and the output is now affected by the added summaries for NameValueCollection). 2022-05-25 08:28:15 +02:00
Michael Nebel
75532432af C#: Update flow summaries test (note that the test doesn't correctly print the generated flag at the moment). 2022-05-25 08:28:15 +02:00
Michael Nebel
c8ede58704 C#: Flow summaries has now been added for Exception stack trace, but not for ToString. The latter will be encoded as an extra taintstep in the analysis. To reduce noise for all uses of an exception itself an isSanitizerIn is introduced. 2022-05-25 08:28:15 +02:00
Michael Nebel
4d6d1c8376 C#: Since NameValueCollection now has a flow summary for the string indexer it is no longer consider an unsafe external api, which is why it has disappared from the result. 2022-05-25 08:28:14 +02:00
Michael Nebel
ee027f845c C#: Since NameValueCollection now has a flow summary for the indexer it is considered a SafeExternalApiCallable and will thus not be included in the result of the test. 2022-05-25 08:28:14 +02:00
Michael Nebel
e2d6cd20c7 C#: Update tests due to new summaries for ProcessStartInfo. 2022-05-25 08:28:14 +02:00
Michael Nebel
9b8636aa23 C#: Update test because we now have a flow summary the string indexer for NameValueCollection. 2022-05-25 08:28:14 +02:00
Michael Nebel
d9c7ba471d C#: Update taint steps test as the generated models now include a model for the getters for KeyValuePair (we only had manual summaries for the constructor). 2022-05-25 08:28:14 +02:00
Michael Nebel
f8e729025f C#: Add generated Dotnet Runtime summary models that allows to up two reads and two stores and update flow summaries test. 2022-05-25 08:28:14 +02:00
Michael Nebel
daace0fe68 Merge pull request #9270 from michaelnebel/csharp/summarized-callable-fix 
C#: Summarized callable
 2022-05-24 16:36:44 +02:00
Tom Hvitved
728ccafe2b Merge pull request #9024 from hvitved/dataflow/content-flow-lib 
Data flow: Introduce `ContentDataFlow.qll`
 2022-05-24 15:09:16 +02:00