hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

1366 Commits

Author SHA1 Message Date
Tom Hvitved
a344707baa C#: Add more data flow tests 
Add tests that exhibit missing type pruning.
 2019-12-10 15:46:31 +01:00
Tom Hvitved
78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
 2019-12-10 15:46:28 +01:00
Calum Grant
3049bf2c85 Merge pull request #2358 from cldrn/ASPNetPagesValidateRequest 
Adds CodeQL query to check for Pages with disabled built-in validation
 2019-12-09 13:05:03 +00:00
Tom Hvitved
25265bddc7 Merge pull request #2494 from calumgrant/cs/roslyn-3.4 
C#: Upgrade Roslyn to 3.4
 2019-12-09 12:21:30 +01:00
Calum Grant
964f2f25dc Merge pull request #2462 from hvitved/csharp/localvars-refactor 
C#: Handle tuple patterns in `is` expressions
 2019-12-06 12:59:14 +00:00
Calum Grant
4b0a149704 C#: Update qltest output. 2019-12-06 12:41:20 +00:00
Calum Grant
5e6b7be5b8 C#: Update nullability tests. 2019-12-06 12:41:20 +00:00
Calum Grant
59ce8842bb Merge branch 'master' of git.semmle.com:Semmle/ql into ASPNetPagesValidateRequest 
# Conflicts:
#	change-notes/1.24/analysis-csharp.md
 2019-12-05 15:58:47 +00:00
Calum Grant
73c8888361 Merge pull request #2356 from cldrn/ASPNetRequestValidationMode 
Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET
 2019-12-04 17:02:08 +00:00
Dave Bartolomeo
50dc5e2ba3 Merge pull request #2438 from rdmarsh2/rdmarsh/ir-line-number-ids 
C++/C#: use line numbers for instruction IDs
 2019-12-03 18:48:28 -08:00
Robert Marsh
1b802c7e18 C#: accept test change 2019-12-02 13:59:19 -08:00
Calum Grant
fcd13dc595 Merge remote-tracking branch 'upstream/master' into ASPNetRequestValidationMode 
# Conflicts:
#	change-notes/1.24/analysis-csharp.md
 2019-12-02 12:03:11 +00:00
semmle-qlci
dc7a0c1b91 Merge pull request #2442 from hvitved/csharp/dataflow/conversion-operator 
Approved by calumgrant
 2019-12-02 11:01:35 +00:00
Calum Grant
30a2620a8c C#: Tidy up docs, query metadata and add tests. 2019-11-29 10:31:58 +00:00
Tom Hvitved
a062d7d41c C#: Add regression test 2019-11-29 10:10:24 +01:00
Tom Hvitved
04cecc04dd C#: Update EntityFrameworkCore test 2019-11-28 15:28:50 +01:00
Tom Hvitved
af453d081e C#: Only track taint through conversion operators defined in libraries 2019-11-28 15:21:04 +01:00
Calum Grant
d001c3c2d2 C#: Restructure files. 2019-11-27 17:29:53 +00:00
Calum Grant
c906a8238d C#: Edit qhelp for cs/insecure-request-validation-mode 2019-11-27 16:37:37 +00:00
Tom Hvitved
39aaa38486 C#: Update EntityFramework test 2019-11-27 10:28:12 +01:00
Jonas Jensen
c05cc77a91 Merge pull request #2421 from dbartol/dbartol/IndirectAlias 
C++/C#: Cleanup in preparation for indirect alias analysis
 2019-11-26 21:59:17 +01:00
Tom Hvitved
71e958eabc C#: Add taint-tracking steps through conversion operator calls 2019-11-26 13:53:50 +01:00
Tom Hvitved
acb069f69b C#: Add data flow tests for conversion operators 2019-11-26 13:53:17 +01:00
Tom Hvitved
fede9aed04 Merge pull request #2355 from cldrn/AspNetMaxRequestLength 
CodeQL query to check for insecure MaxLengthRequest values in ASP.NET applications
 2019-11-25 17:02:22 +01:00
Tom Hvitved
795959ef8d C#: Update expected test output 2019-11-25 13:41:12 +01:00
Dave Bartolomeo
51ff262cbc C++/C#: Add IR SSA sanity tests 2019-11-22 13:16:05 -07:00
Paulino Calderon
85eda8c978 Brings security tests from other PRs 2019-11-19 13:04:19 -05:00
Calum Grant
b9d1c38753 Merge pull request #2371 from max-schaefer/rc/1.23 
Merge rc/1.23 into master
 2019-11-18 14:15:31 +00:00
semmle-qlci
ed4657c201 Merge pull request #2340 from hvitved/csharp/nunit-assertions 
Approved by calumgrant
 2019-11-18 13:02:49 +00:00
Tom Hvitved
c95db9e6f8 Merge pull request #2331 from calumgrant/cs/default-interface-methods 
C#: Tests for default interface methods
 2019-11-15 16:36:47 +01:00
Tom Hvitved
20a1cb6fc8 C#: Teach assertion library about (classical) NUnit assertions 
This commit adds support for (classical) NUnit assertions (see
https://github.com/nunit/docs/wiki/Assertions). Modern constraint-based assertions,
such as `Assert.That(o, Is.Not.Null)` are currently not supported, because they
would require a restructuring of the assertion library.
 2019-11-15 14:07:28 +01:00
Tom Hvitved
f9bff172d4 C#: Add missing assignment data flow steps 2019-11-15 11:36:05 +01:00
Tom Hvitved
f8791c884f C#: Add more data flow tests for assignments 2019-11-15 11:30:40 +01:00
Calum Grant
aac360463b C#: Tests for default interface methods. 2019-11-15 10:13:04 +00:00
Calum Grant
f3c92c5527 C#: Address review comment 2019-11-14 17:14:51 +00:00
Calum Grant
051dd6b3dc C#: Update qltests. 2019-11-14 17:14:51 +00:00
Tom Hvitved
94583cde10 Merge pull request #2245 from calumgrant/cs/nullability-refactor 
C#: Store nullability on the side
 2019-11-14 11:44:39 +01:00
Dave Bartolomeo
08620046ab Merge pull request #2068 from rdmarsh2/rdmarsh/cpp/ir-constructor-side-effects 
C++: side effect instrs for constructor qualifiers
 2019-11-13 14:56:24 -07:00
Dave Bartolomeo
e89ecc19e3 Merge pull request #2302 from max-schaefer/test-qlpacks 
Add `qlpack.yml` files for test folders.
 2019-11-13 12:21:19 -07:00
Robert Marsh
0175c44a14 C#: update IR test expectations 2019-11-13 10:58:38 -08:00
Calum Grant
38f82d8377 Merge remote-tracking branch 'upstream/master' into cs/nullability-refactor 2019-11-13 15:31:45 +00:00
Tom Hvitved
46bc804562 Merge pull request #2286 from calumgrant/cs/windows-tests 
C#: Make qltests pass on all platforms
 2019-11-13 16:21:08 +01:00
Calum Grant
6e24a92179 Merge remote-tracking branch 'upstream/master' into cs/nullability-refactor 2019-11-13 14:58:58 +00:00
Calum Grant
b65ab15d46 C#: Delete unused file. 2019-11-13 12:16:05 +00:00
Max Schaefer
5b2e32b051 Add qlpack.yml files for test folders. 2019-11-12 15:03:02 +00:00
Calum Grant
fe83bac0fb C#: Fix up test output 
C#: Fix a qltest whereby a tuple type having multiple underlying types was causing an issue with the IR sanity checks.
C#: Revert more changes.
C#: Fix tests and remove dead code.
 2019-11-12 13:40:58 +00:00
Calum Grant
ce188c0c22 C#: Autoformat 2019-11-12 13:40:58 +00:00
Calum Grant
61630118fe C#: Fix ql tests. 2019-11-12 13:40:58 +00:00
Calum Grant
f00276a82c C#: Remove non-essential changes 2019-11-12 13:40:58 +00:00
Calum Grant
a0fa7dad79 C#: Autoformat 2019-11-12 13:40:58 +00:00