hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

703 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
2b7882e6e5 Merge pull request #5032 from aschackmull/dataflow/subpaths 
Dataflow: Add subpaths query predicate.
 2021-09-08 11:52:41 +02:00
Tamas Vajk
469993f6d3 C#: Fix member order (yet again) in stubbing 
With explicit interface implementation, the same member name can show up multiple times in a type declaration. This commit defines an explicit order
for these members.
 2021-09-07 15:26:03 +02:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
Tamás Vajk
c63fd4a254 Merge pull request #6260 from tamasvajk/feature/method-name 
C#: Change generic method names to include <> and type args/params
 2021-09-07 12:09:27 +02:00
Tamas Vajk
b7f13a7e1f C#: Change generic method names to include <> and type args/params 2021-09-06 11:48:22 +02:00
Tamas Vajk
3560853f36 C#: Fix ordering of stubbed type members, implemented interfaces, and location comments 2021-09-03 09:53:34 +02:00
Tom Hvitved
592a42231f C#: Fix test for InsecureSQLConnection.ql 2021-08-26 13:48:56 +02:00
Tamás Vajk
763de4fff9 Merge pull request #6425 from raulgarciamsft/insecureRandom_potential_fix 
C#: Adding Membership.GeneratePassword() as a bad source of random data
 2021-08-19 11:16:26 +02:00
Tom Hvitved
44ff623d8c Merge pull request #5508 from edvraa/deserializers 
deserialization sinks
 2021-08-17 11:41:52 +02:00
Raul Garcia
2708326624 Update csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-08-05 16:33:01 -07:00
Tom Hvitved
9eb3f28ef1 C#: Add missing nodes predicate to XSS queries 2021-08-05 13:53:52 +02:00
Raul Garcia (MSFT)
7340a1293f Fixing query & test 2021-08-04 19:37:57 -07:00
edvraa
d1e41689bb Merge with main 2021-08-04 14:25:34 +03:00
edvraa
1682e993bc Merge with Main 2021-07-12 11:32:47 +03:00
Tom Hvitved
4de4753c67 C#: Remove Query.qll top-level modules 2021-07-04 09:35:27 +02:00
Tom Hvitved
c812d4e4e8 C#: Add Query suffix to libraries that should only be imported by queries 2021-07-04 09:35:26 +02:00
Tamas Vajk
5e2770339f Add adjusted expected files 2021-07-01 16:09:11 +02:00
Tamas Vajk
03d1a3e0ad Trim test files + remove duplicate newlines 2021-07-01 16:09:11 +02:00
Tamas Vajk
4900ecfabe Manual fixes 2021-07-01 16:09:11 +02:00
Tamas Vajk
c29d11087b C#: Start using 'options' files in tests 2021-07-01 16:08:47 +02:00
Tamas Vajk
b0447089d9 C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlClient) 2021-06-23 15:04:57 +02:00
Tamas Vajk
9ba1529f19 Fix nested class names in comments of stubs expected test file 2021-06-23 09:38:29 +02:00
Tamas Vajk
b40b6f40b6 Change frameworks folder to _frameworks 2021-06-23 09:26:55 +02:00
Tamas Vajk
e4b02e377c Add .net core and asp.net core stubs 2021-06-23 09:26:54 +02:00
Tamas Vajk
fec0ddd2d2 Add test for tuples with arity < 2 2021-06-23 09:26:54 +02:00
Tamas Vajk
b725f6e547 Handle types that are defined in multiple assemblies 2021-06-23 09:26:54 +02:00
Tamas Vajk
88c97bd34e Generate stubs per assembly 2021-06-23 09:26:53 +02:00
Tamas Vajk
ba238578d1 Add stubbing tests 2021-06-23 09:26:53 +02:00
Tom Hvitved
0af44a7f94 C#: Changes to Type::{getQualifier,hasQualifiedName} 2021-06-16 19:36:05 +02:00
Tamas Vajk
1ce7c631ff Fix failing tests 2021-06-03 13:01:42 +02:00
Tamás Vajk
a7030c7fed Merge pull request #5308 from tamasvajk/feature/flow-sources-sinks 
C#: Add Console.Read* to local flow sources
 2021-04-23 16:36:16 +02:00
edvraa
c9c9758e01 Make similarly named files in tests and qhelp in sync 2021-04-22 12:23:46 +03:00
Tamas Vajk
2a6f979ce6 C# Add line of code metric query 2021-04-21 10:42:06 +02:00
edvraa
c3deb48efa Charpred for InstanceMethodSink 2021-04-16 17:19:42 +03:00
edvraa
3aedd2c1f4 Use TaintTracking2 2021-04-15 22:12:01 +03:00
Tamas Vajk
b4d35b52c3 C#: Add Console.Read* to local flow sources 2021-04-12 14:19:17 +02:00
Tamás Vajk
992a4df12f Merge pull request #5619 from tamasvajk/feature/fix-default-argument-value-extraction 
C# Improve default argument value extraction
 2021-04-09 14:58:35 +02:00
Tamas Vajk
c069c3384e Fix tests 2021-04-08 12:07:36 +02:00
Tamas Vajk
ffcb345916 C#: Add Dapper support to SQL injection queries 2021-04-06 17:06:20 +02:00
Tamas Vajk
98001c494f C#: Add Dapper stub and new SqlInjection test cases 2021-04-06 13:30:31 +02:00
Tom Hvitved
d4ce42ac4f Merge pull request #5416 from hvitved/csharp/rework-summaries 
C#: Rework flow summary implementation
 2021-03-26 09:47:15 +01:00
Tom Hvitved
b94c189946 C#: Remove VulnerablePackage.ql query 2021-03-25 09:50:24 +01:00
Tom Hvitved
eeb8c74666 C#: Remove filter and external queries 
These are legacy queries that are no longer used.
 2021-03-25 09:50:01 +01:00
Tom Hvitved
6d6150d051 C#: Change some data-flow toString()s 2021-03-23 16:42:58 +01:00
edvraa
ac29184521 deserialization sinks 2021-03-20 21:50:46 +02:00
Tom Hvitved
88b7ad001f C#: Take phi nodes into account in Steps::getARead() 2021-03-16 13:55:30 +01:00
Tom Hvitved
cb8e2d451d C#: Add test for DeadStoreOfLocal.ql 2021-03-16 13:52:41 +01:00
Tamas Vajk
3e0245a7fc Fix test case for RuntimeChecksBypass 2021-03-04 12:47:21 +01:00
Tamas Vajk
cb4ed90c5c Fix failing tests 2021-03-03 16:58:48 +01:00
Tamas Vajk
6205ec233c Fix more failing tests 2021-03-02 09:21:24 +01:00