hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,074 Commits 1,671 Branches 157 Tags
rc/1.19
Commit Graph

248 Commits

Author SHA1 Message Date
calum
884af9bd7f C#: Fix alert. 2019-02-12 13:34:33 +00:00
calum
e18eeb8d2a C#: Address review comments. 2019-02-12 12:56:58 +00:00
calum
33e6b5e55f C#: Fix tests 2019-02-12 10:59:31 +00:00
calum
8bb1af884a C# extractor: Limit string literals to 1MB. This is made more complicated by the fact that we need to limit the number of bytes to output, rather than the number of characters. 2019-02-11 17:36:23 +00:00
Tom Hvitved
1e9fe0046a C#: Address review comments 2018-12-10 15:31:23 +01:00
Tom Hvitved
ad77afef04 C#: Autobuilder fixes 
This commit fixes a few issues that were identified during the last dist upgrade,
and which were introduced/revealed on 836daaf07b.

- Expand environment variables that are passed from `lgtm.yml` to the autobuilder,
  for example `solution: $LGTM_SRC/mysolution.sln`.
- Distinguish between when a build rule is applied automatically and when it is applied
  manually via `lgtm.yml`.
- Catch `FileNotFoundException`s when parsing project files and solution files.
 2018-12-04 14:03:39 +01:00
Tom Hvitved
7dc0a8132e Merge pull request #513 from calumgrant/cs/cwe-134 
C#: New query cs/uncontrolled-format-string
 2018-11-26 14:58:54 +01:00
Aditya Sharad
c20b688a3f Merge master into next. 2018-11-23 16:36:31 +00:00
Aditya Sharad
10dc183495 Merge pull request #512 from hvitved/csharp/autobuilder/dirs-proj 
C#: Recognize `.proj` files in autobuilder
 2018-11-23 13:18:04 +00:00
Tom Hvitved
1939773684 C#: Address review comments 2018-11-23 09:32:12 +01:00
Tom Hvitved
c3ccdfa7f9 C#: Guard against cyclic inclusions in project files 2018-11-23 09:32:12 +01:00
Tom Hvitved
e4f68ae324 C#: Address review comments 2018-11-23 09:32:12 +01:00
Tom Hvitved
836daaf07b C#: Recognize .proj files in autobuilder 
When determining the target of `msbuild` or `dotnet build`, first look for `.proj`
files, then `.sln` files, and finally `.csproj`/`.vcxproj` files. In all three cases,
choose the project/solution file closest to the root.
 2018-11-23 09:32:12 +01:00
Tom Hvitved
b95d7e5302 C#: Move autobuilder into separate folder 2018-11-23 09:32:12 +01:00
calum
36d9520f87 C#: Address doc comments. 2018-11-22 11:52:00 +00:00
calum
6b2e339ec5 C#: Address QL review comments. 2018-11-22 11:45:41 +00:00
calum
64de7489fe C#: Analysis change notes. 2018-11-22 11:21:35 +00:00
calum
1bfa4d59e7 C#: Documentation for cs/uncontrolled-format-string 2018-11-22 11:21:35 +00:00
calum
fb09360ad6 C#: New query for cs/uncontrolled-string-format 2018-11-22 11:21:35 +00:00
Tom Hvitved
201f64ef8e Merge pull request #367 from calumgrant/cs/path-problems 
C#: Update all security queries to path-problems
 2018-11-22 12:02:11 +01:00
calum
3eae1cd500 C#: Update test outputs. 2018-11-21 17:28:48 +00:00
calum
69ab1ed5bd C#: Add nodes predicate to all path queries. 2018-11-21 12:35:05 +00:00
calum
8c753d7e94 C#: Fix ReDoS query. 2018-11-21 11:15:55 +00:00
Tom Hvitved
8233e34ba2 C#: Fix Boolean splitting for variables defined in a loop 2018-11-20 21:22:00 +01:00
Tom Hvitved
89d5daa137 C#: Fix Boolean splitting negation bug 2018-11-20 21:22:00 +01:00
Tom Hvitved
841218540e C#: Add CFG test 
This test exhibits two issues with Boolean CFG splitting: incorrect handling of
negated variables and incorrect splitting for variables defined inside a loop.
 2018-11-20 21:22:00 +01:00
Tom Hvitved
3e78c2671f C#: Generalize pre-SSA library to include local-scope-like fields/properties 2018-11-20 15:07:44 +01:00
Tom Hvitved
25150265dc C#: Compute phi inputs in pre-SSA library 
Logic is copied directly from the ordinary SSA library.
 2018-11-20 15:07:43 +01:00
Tom Hvitved
252b756184 Merge pull request #472 from felicity-semmle/csharp/SD-2778-qhelp-update 
C#: Minor updates for consistency (SD-2778)
 2018-11-20 14:28:29 +01:00
semmle-qlci
4b5f24d99e Merge pull request #449 from hvitved/csharp/ssa/live-at-rank 
Approved by calumgrant
 2018-11-20 13:01:02 +00:00
Tom Hvitved
9f7eef02ec C#: Address review comments 2018-11-20 09:24:53 +01:00
Felicity Chapman
fc6e9be75a Fix incorrect tag 2018-11-20 07:12:48 +00:00
Pavel Avgustinov
16ec9f1aa4 Merge remote-tracking branch 'origin/next' into bump/master-next 2018-11-19 10:37:07 +00:00
calum
1aa5e24108 C#: Remove duplicate results from cs/use-of-vulnerable-package 2018-11-16 16:50:35 +00:00
calum
cf4b04a3ee C#: Address review comments - adding .getNode() where appropriate. 2018-11-16 11:52:20 +00:00
calum
e908b090fd C#: Always use PathNode in a path-problem query. 2018-11-16 10:32:24 +00:00
calum
eddc52852d C#: Convert security queries to path-problem and update qltest expected output. 2018-11-16 10:31:20 +00:00
Tom Hvitved
57bbe0291b Merge pull request #393 from calumgrant/cs/extractor/dynamic-type-name 
C#: Minor extractor fixes
 2018-11-16 09:09:46 +01:00
calum
090e896ff5 C#: Change Property TagStackBehaviour to push a tag, to give the expression body a tag stack. 2018-11-15 18:28:17 +00:00
calum
bb49fe170b C# extractor: Handle the type name of dynamic. 2018-11-15 18:27:53 +00:00
semmle-qlci
536f3f36b8 Merge pull request #428 from hvitved/csharp/more-guards 
Approved by calumgrant
 2018-11-15 15:07:56 +00:00
Tom Hvitved
185700a236 Merge pull request #437 from calumgrant/cs/in-parameters 
C#: Correctly handle `in` arguments
 2018-11-15 11:47:43 +01:00
Felicity Chapman
39ef869e21 Fix partial edit - thanks Tom 2018-11-14 16:49:30 +00:00
Felicity Chapman
f9612a8f21 Minor updates for consistency 2018-11-14 16:25:28 +00:00
Max Schaefer
96989a1fd6 Merge pull request #427 from adityasharad/eclipse/remove-plugin-metadata 
Eclipse plugins: Remove plugin metadata.
 2018-11-13 13:12:49 +00:00
calum
a5d50fc1db C#: Handle in arguments, and add AssignableAccess::isInArgument() predicate. 2018-11-13 10:58:43 +00:00
Aditya Sharad
bc06831d01 Merge rc/1.18 into master. 2018-11-13 10:55:08 +00:00
Aditya Sharad
271628c280 Version: Bump to 1.18.3 dev. 2018-11-12 14:55:26 +00:00
Jonas Jensen
1500237009 Merge remote-tracking branch 'upstream/master' into mergeback-20181112 2018-11-12 13:24:27 +01:00
Tom Hvitved
dd6fd400aa Merge pull request #335 from calumgrant/cs/cwe-937 
C#: New query VulnerablePackage
 2018-11-12 10:34:53 +01:00