hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

262 Commits

Author SHA1 Message Date
Tom Hvitved
4b3cf72c1c C#: Teach XPath injection query about XPathNavigator 2020-03-19 13:38:16 +01:00
Tom Hvitved
7f0181ccff C#: Add XPathNavigator test for cs/xml/xpath-injection 2020-03-19 13:37:03 +01:00
Tom Hvitved
fb2b239db7 C#: Add test for cs/dereferenced-value-may-be-null 2020-03-16 15:38:29 +01:00
Tom Hvitved
78380f5d59 Merge pull request #2658 from calumgrant/cs/serialization-check-bypass-type 
C#: Fix cs/serialization-check-bypass
 2020-02-12 10:26:01 +01:00
Calum Grant
803cb3f4d1 C#: Address review comment 
- Flow from expressions with a value is excluded.
 2020-02-10 16:02:29 +00:00
Tom Hvitved
85e6b24c49 C#: Remove false positives for cs/useless-assignment-to-local 2020-02-05 20:12:39 +01:00
Tom Hvitved
d9f9fc510f C#: Add more tests for cs/useless-assignment-to-local 2020-02-05 20:11:22 +01:00
Calum Grant
7caae01ad1 C#: Exclude fields that are created 2020-01-29 15:47:12 +00:00
Calum Grant
0b3821c828 C#: Remove false positive for out params 2020-01-28 13:59:33 +00:00
Calum Grant
f23438ea65 C#: Add test showing false positive 2020-01-28 11:48:59 +00:00
Tom Hvitved
7e042da4f5 Merge pull request #2665 from calumgrant/cs/zipslip-alert 
C#: ZipSlip query reports alert at source
 2020-01-23 11:05:57 +01:00
Calum Grant
a868456628 C#: Address review comments 2020-01-22 14:21:12 +00:00
Calum Grant
3d460aeb44 C#: ZipSlip query reports alert at source 2020-01-21 15:17:06 +00:00
Calum Grant
9d7c9e0ba4 C#: Default parameter values are maybe null 
C#: Update test output
 2020-01-20 14:37:20 +00:00
Calum Grant
631b4248b5 C#: Add a nullness test 2020-01-20 11:13:31 +00:00
Tom Hvitved
e5abaa79ae Merge pull request #2585 from calumgrant/cs/serialization-check-bypass 
C#: Improvements to cs/serialization-check-bypass
 2020-01-15 20:40:51 +01:00
Calum Grant
d8f5450b67 C#: Alert suppression comments can be in C89-style comments 2020-01-07 11:52:52 +00:00
Calum Grant
c145e32625 C#: Tests for multiline alert suppression comments 2020-01-06 15:45:00 +00:00
Calum Grant
41b4d70504 C#: Refactor, improve documentation and add tests for cs/serialization-check-bypass 2020-01-03 18:46:39 +00:00
Calum Grant
3db900b183 C#: Remove false positive and update test output 
C#: Mark results as GOOD
 2019-12-27 12:07:19 +00:00
Calum Grant
fd0225ca59 C#: Add test 2019-12-27 11:44:39 +00:00
Tom Hvitved
abcb6b8aab C#: Type-based pruning for data flow 2019-12-10 15:48:48 +01:00
Tom Hvitved
78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
 2019-12-10 15:46:28 +01:00
Calum Grant
59ce8842bb Merge branch 'master' of git.semmle.com:Semmle/ql into ASPNetPagesValidateRequest 
# Conflicts:
#	change-notes/1.24/analysis-csharp.md
 2019-12-05 15:58:47 +00:00
Calum Grant
30a2620a8c C#: Tidy up docs, query metadata and add tests. 2019-11-29 10:31:58 +00:00
Calum Grant
d001c3c2d2 C#: Restructure files. 2019-11-27 17:29:53 +00:00
Calum Grant
c906a8238d C#: Edit qhelp for cs/insecure-request-validation-mode 2019-11-27 16:37:37 +00:00
Tom Hvitved
795959ef8d C#: Update expected test output 2019-11-25 13:41:12 +01:00
Paulino Calderon
85eda8c978 Brings security tests from other PRs 2019-11-19 13:04:19 -05:00
Calum Grant
f3c92c5527 C#: Address review comment 2019-11-14 17:14:51 +00:00
Calum Grant
051dd6b3dc C#: Update qltests. 2019-11-14 17:14:51 +00:00
Tom Hvitved
46bc804562 Merge pull request #2286 from calumgrant/cs/windows-tests 
C#: Make qltests pass on all platforms
 2019-11-13 16:21:08 +01:00
Calum Grant
d64c244257 C#: Fix test for AspLine. 2019-11-08 15:48:56 +00:00
Tom Hvitved
fd63246f44 Merge remote-tracking branch 'upstream/master' into csharp/unsafe-deserialization 2019-11-04 13:42:35 +01:00
Tom Hvitved
cc7c30def8 Merge pull request #2179 from calumgrant/cs/local-disposal 
C#: Fix a FP in cs/local-not-disposed
 2019-11-04 11:23:50 +01:00
Tom Hvitved
eb990525d7 C#: Add precision tags to UnsafeDeserialization[UntrustedInput].ql 2019-10-28 14:19:40 +01:00
Tom Hvitved
6d22e351f1 Merge pull request #2151 from raulgarciamsft/users/raul/oss 
Users/raul/oss
 2019-10-24 19:35:40 +02:00
Tom Hvitved
4ac32c4b12 C#: Fix more tests 2019-10-24 13:00:14 +02:00
Geoffrey White
0427b1eb3f C#: Fix more tests. 2019-10-23 18:20:44 +01:00
Calum Grant
6b15bf62fd C#: Rewrite null-coalsecing logic 2019-10-23 13:49:22 +01:00
Calum Grant
01ad93d199 C#: Fix for false positive. 2019-10-23 12:26:01 +01:00
Calum Grant
ee7cf17b15 C#: Add test case for local disposal. 2019-10-23 11:22:52 +01:00
Raul Garcia (MSFT)
cb8dcf7db2 Publishing queries to the OSS Semmle repository 2019-10-22 09:55:39 +01:00
Tom Hvitved
afdb788333 C#: Refactor cs/local-not-disposed using data flow library 2019-09-25 09:33:39 +02:00
Tom Hvitved
665564f809 C#: Add more tests for cs/local-not-disposed 2019-09-25 09:33:39 +02:00
Tom Hvitved
aa0c78cd85 C#: Teach guards library about more null guards 2019-09-20 09:58:04 +02:00
Tom Hvitved
40fafc5fda C#: Teach comparison library about dynamic comparison operations 2019-09-20 09:51:35 +02:00
Tom Hvitved
cb7db8f4c0 C#: Add more nullness tests 2019-09-20 09:18:55 +02:00
Tom Hvitved
09e4e7901a C#: Update expected test output 2019-09-18 13:36:15 +02:00
Tom Hvitved
f5cae9b6ea Merge pull request #1881 from aschackmull/java/pathgraph-nodes 
Java/C++/C#: Add nodes predicate to PathGraph.
 2019-09-13 10:32:47 +02:00