2802 Commits

Author	SHA1	Message	Date
Tom Hvitved	6345816acf	Rework ContentDataFlow implementation	2022-05-24 10:34:06 +02:00
Michael Nebel	eed02a2a9f	C#: Fix issue with isAutoGenerated predicate and make sure that data flow only use relevant summaries.	2022-05-24 08:21:38 +02:00
Tom Hvitved	9cc9991c74	C#: Update ContentDataFlow test ... Illustrates missing flow when the sink is inside a method that is also part of a `subpath`.	2022-05-23 13:05:28 +02:00
Michael Nebel	bf958ff5bb	Merge pull request #9255 from michaelnebel/csharp/test-clearscontent ... C#: Remove default clears content.	2022-05-23 10:30:30 +02:00
Michael Nebel	217c414b6e	C#: Now that SummarizedCallableDefaultClears content has been removed, we need to explicitly say that fields are cleared.	2022-05-23 08:58:09 +02:00
Michael Nebel	f141336f64	C#: Fake location of methods as we want to use the defined summaries for testing purposes.	2022-05-22 15:14:58 +02:00
Robert Marsh	6d267be1a1	C++: merge main and accept test changes	2022-05-20 14:37:09 -04:00
Anders Schack-Mulligen	8beef45599	Merge pull request #9195 from aschackmull/java/perf-local-flow ... Java: Performance fixes for local flow relation	2022-05-20 12:38:02 +02:00
Tom Hvitved	3ebd4af24e	C#: Fix another test	2022-05-19 16:23:31 +02:00
Michael Nebel	575b8376f3	C#: Update Flow summaries QL test code based on refactor.	2022-05-19 14:41:24 +02:00
Tom Hvitved	0a52420581	C#: Add ContentDataFlow test	2022-05-19 13:28:56 +02:00
Anders Schack-Mulligen	48ab5b2403	C#/Ruby/Java: Fix references.	2022-05-18 09:27:54 +02:00
Tom Hvitved	23ee033a57	C#: Review fixes	2022-05-18 07:48:21 +02:00
Michael Nebel	6f7af11517	C#: Needs to be updated as SummaryParameterNodes are printed slightly different.	2022-05-18 07:48:21 +02:00
Michael Nebel	b41bb3fe08	C#: System.Web.HttpResponse.Write is now considered safe (known) and will this not show up as untrusted external API.	2022-05-18 07:48:21 +02:00
Michael Nebel	97c6d7884d	C#: Source and Sink models are now also considered summarized callables and thus considered safe as they are known external APIs.	2022-05-18 07:48:21 +02:00
Michael Nebel	0e3fc464a3	C#: Use SummarizedCallable external instead of the internal.	2022-05-18 07:48:20 +02:00
Michael Nebel	b578fcb069	C#: Use the external SummarizedCallable implementation.	2022-05-18 07:48:20 +02:00
Michael Nebel	68055bc022	C#: Update flow summaries test code.	2022-05-18 07:48:20 +02:00
Tom Hvitved	f2e28c311a	Merge pull request #9180 from hvitved/csharp/entity-framework-sql-sinks ... C#: Add missing EntityFramework SQL sinks	2022-05-17 09:50:49 +02:00
Tom Hvitved	15449b701f	C#: Add missing EntityFramework SQL sinks	2022-05-16 20:57:40 +02:00
Nick Rolfe	a50601c367	C#: fix typos in comments	2022-05-12 14:28:40 +01:00
Tom Hvitved	333780e635	Merge pull request #8898 from hvitved/dataflow/clear-expect-summary-components ... Data flow: Introduce 'with/without content' summary components	2022-05-11 15:16:42 +02:00
Michael Nebel	9b855c30cc	Merge pull request #9043 from michaelnebel/csharp/xml-injection-path ... C#: Convert xml injection query to a path problem.	2022-05-09 07:18:01 +02:00
Tom Hvitved	2972af2602	C#: Introduce 'with/without content' summary components	2022-05-05 14:25:48 +02:00
Michael Nebel	3c347cab98	C#: Update test output to reflect that the query is now a path-problem query.	2022-05-05 13:13:25 +02:00
Michael Nebel	b8ec2254e8	C#: Update unit tests (looks like new NFloat operator has been introduced).	2022-05-03 16:36:32 +02:00
Robert Marsh	fe52dd93ef	C++: sync and accept new consistency test	2022-04-29 15:29:07 -04:00
Tom Hvitved	a0e003e33c	C#: Add FP test for cs/useless-cast-to-self	2022-04-29 11:59:51 +02:00
Erik Krogh Kristensen	ff73dbc35c	delete redundant imports	2022-04-22 12:55:28 +02:00
Michael Nebel	c79c9dd573	C#: Don't generate models for any higher order callables.	2022-04-19 12:50:51 +02:00
Michael Nebel	f6fd401df1	C#: Add some testcases, where we don't get a summary due to the use of simple types.	2022-04-19 12:50:51 +02:00
Michael Nebel	f9e5c6b77d	C#: Don't use simple types in summaries test cases as these will be excluded in generation purely based on the type.	2022-04-19 12:50:51 +02:00
Michael Nebel	72d4c97463	Merge pull request #8628 from michaelnebel/csharp/generatedkind ... C#: Introduce generated flag as a part of the kind column for flow summaries	2022-04-07 08:43:30 +02:00
Tom Hvitved	02b11084bc	C#: Add more tests for cs/useless-cast-to-self	2022-04-06 09:36:59 +02:00
Michael Nebel	412699f407	C#: Modify generator and update test output with updated kind column.	2022-04-05 12:51:01 +02:00
Michael Nebel	8e1fa35367	C#: Add testcase, where generated flow summary is ignored.	2022-04-05 08:55:12 +02:00
Michael Nebel	30dc4ae788	C#: Add testcase with multiple generated flow summaries.	2022-04-05 08:55:12 +02:00
Michael Nebel	689e8f1952	C#: Small testcase with a summary flow model that is listed as generated.	2022-04-05 08:55:12 +02:00
Michael Nebel	8c3be653c2	C#: Update test output.	2022-04-04 16:07:46 +02:00
Michael Nebel	5cb2bd9245	C#: Exclude IEquatable Equals implementations.	2022-04-01 11:39:41 +02:00
Michael Nebel	02a0cbf0f4	C#: Add test cases.	2022-04-01 11:32:10 +02:00
Michael Nebel	c139850cd6	Merge pull request #8609 from michaelnebel/csharp/operatorsummaries ... C#: Operator flow	2022-04-01 09:04:04 +02:00
Michael Nebel	5c13391580	C#: Add test cases for operators.	2022-03-30 15:09:44 +02:00
Michael Nebel	bfb206c810	C#: Let ExternalApi extend DataFlowCallable instead of Callable.	2022-03-29 14:52:57 +02:00
Michael Nebel	4f00666591	C#: Add query and test case for supported external taint.	2022-03-29 14:49:37 +02:00
Michael Nebel	18b1b51d07	C#: Add test for known sources telemetry query.	2022-03-29 14:49:37 +02:00
Michael Nebel	a7ece69f2b	C#: Add test for supported sinks query.	2022-03-29 14:49:37 +02:00
Michael Nebel	e4f6321851	C#: Add test for unsupported uses of library code.	2022-03-29 14:49:37 +02:00
Michael Nebel	e014cae7df	C#: Add test and output for all library usages.	2022-03-29 14:49:37 +02:00