hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

2824 Commits

Author SHA1 Message Date
Tamás Vajk
d1fe542280 Merge pull request #5131 from tamasvajk/feature/refactor 
C# Cleanup and refactoring
 2021-02-15 17:24:25 +01:00
Tom Hvitved
bb95b8a0cc Merge pull request #5120 from rvermeulen/rvermeulen/redirect-sink 
C#: Add Asp.Net Core redirect sinks
 2021-02-15 16:52:32 +01:00
Tamas Vajk
f878453f14 Fix performance issue with RecordCloneCallable 2021-02-15 15:49:06 +01:00
Tamas Vajk
2de7fbe062 Fix build after rebase 2021-02-15 10:18:12 +01:00
Tamas Vajk
6cc858b9ef Move AstLineCounter to top level class 2021-02-15 10:17:08 +01:00
Tamas Vajk
4f693be33b Move location creation to instance method on context 2021-02-15 10:17:08 +01:00
Tamas Vajk
6f07230725 Relocate 'AstLineCounter' 2021-02-15 10:17:07 +01:00
Tamas Vajk
1cd7fd6cf7 Simplify 'AstLineCounter' 2021-02-15 10:17:07 +01:00
Tamas Vajk
e8fd6e1112 Move classes to seperate files 2021-02-15 10:17:07 +01:00
Tamas Vajk
5ce5a96cb6 Remove 'ContextExtensions' 2021-02-15 10:17:07 +01:00
Tamas Vajk
9ddeff80bf Remove useless 'IExtractor' interface 2021-02-15 10:17:07 +01:00
Tamas Vajk
6cdec2d30e C#: Remove 'extractor.CreateContext' factory method 2021-02-15 10:17:07 +01:00
Tamas Vajk
fc3e6526ce C#: Remove IExtractionScope.FromSource 2021-02-15 10:17:07 +01:00
Tamas Vajk
a75306acbd C#: Remove warnings from MdProvider 2021-02-15 10:17:07 +01:00
Tamas Vajk
1a4f370d15 C#: Fix formatting issues 2021-02-15 10:17:07 +01:00
Tamas Vajk
4cc9bc9bf0 Add new .stats file 2021-02-13 16:21:45 +01:00
Raul Garcia (MSFT)
782f4bc3e2 Fixing shared .qhelp issue (renaming to .qhelp.inc)& addressing a fix 2021-02-12 13:38:55 -08:00
Tamas Vajk
cb9116028c Add change note for 'with' expression extraction 2021-02-12 20:04:22 +01:00
Tamas Vajk
10e99203e8 Add DB upgrade folder for 'with' expression 2021-02-12 19:59:14 +01:00
Tamas Vajk
7761774f88 Add record .ctor to property data flow summary 2021-02-12 19:54:52 +01:00
Tom Hvitved
6a6644b5c2 C#: Adjust data-flow for with expressions 
In `x with { Foo = bar }`, instead of having a single data-flow step

`x => x with { Foo = bar }`

we now have two steps:

`x => { Foo = bar }`

and

`{ Foo = bar } => x with { Foo = bar }`

Moreover, `clearsContent` now targets the object initializer instead of the
whole `with` expression, which means that it will only apply to values carried
over from the old object and not those explicitly stored into the new object.
 2021-02-12 19:54:52 +01:00
Tamas Vajk
dd9b1d52b5 C#: Initial data-flow for with expressions 2021-02-12 19:54:52 +01:00
Tamas Vajk
b2b4c9ecd6 C#: Extract 'with' expressions 2021-02-12 19:54:52 +01:00
Tamás Vajk
77af7edaa4 Merge pull request #4628 from tamasvajk/feature/csharp9-foreach 
C#: Extract underlying methods of foreach statements
 2021-02-12 19:53:26 +01:00
Tamas Vajk
0aded1549e Improve NestedLoopsSameVariable query performance 2021-02-12 09:33:33 +01:00
Raul Garcia (MSFT)
710ca21d19 Addressing comments we missed earlier 2021-02-11 11:52:58 -08:00
Raul Garcia (MSFT)
ef0d3720a1 Addressing a few comments 2021-02-10 13:39:24 -08:00
Raul Garcia
190164c182 Update csharp/ql/src/experimental/Security Features/campaign/Solorigate/Solorigate.qhelp 
Co-authored-by: Bas van Schaik <5082246+sj@users.noreply.github.com>
 2021-02-10 13:30:40 -08:00
Tom Hvitved
1f9b42f9ab Data flow: Sync files 2021-02-09 20:10:23 +01:00
Tom Hvitved
e5970f4c65 Data flow: Take clearsContent() into account in flow exploration 2021-02-09 20:09:24 +01:00
Tamas Vajk
9854b95c30 Fix query performance 2021-02-09 14:45:22 +01:00
Remco Vermeulen
3818971b79 Add redirect sinks 
Both the familiy of `Accepted` and `Created` method set the location
header based on provided input. If this is untrusted input this can
result in an URL redirect attack.
 2021-02-09 13:09:02 +01:00
Raul Garcia (MSFT)
f114ef1f06 Adding unit tests 2021-02-08 16:57:49 -08:00
Tamas Vajk
bd50ed975f Fix doc comment 2021-02-08 11:18:37 +01:00
Tamas Vajk
ef55ca179b Improve file read exception logging 2021-02-07 09:06:11 +01:00
Tamas Vajk
6d908876e0 Add new .stats file 2021-02-07 09:06:11 +01:00
Tamas Vajk
96248f8845 Add DB upgrade folder 2021-02-07 09:06:11 +01:00
Tamas Vajk
63b0fe10e4 Rework foreach_stmt_info extraction 2021-02-07 09:06:11 +01:00
Tamas Vajk
7c506f445c C#: Extract underlying methods of foreach statements 2021-02-07 09:06:11 +01:00
Raul Garcia (MSFT)
d775528069 Fixes on multiple files. 2021-02-05 14:09:26 -08:00
Raul Garcia (MSFT)
d48a713f30 Fixing cutom edges predicate 2021-02-05 09:27:08 -08:00
Raul Garcia (MSFT)
681e6a9303 Adding Solorigate context for the generic backdoor queries. 2021-02-05 09:02:59 -08:00
Tamás Vajk
d7505e41db Merge pull request #5091 from tamasvajk/feature/cleanup-nullable 
C#: Fix nullable warnings and some code quality issues
 2021-02-05 12:07:42 +01:00
Raul Garcia (MSFT)
3dc1b81d65 Changing ProcessNameToHash query to path-problem. Any additional feedback will be welcomed 2021-02-04 17:54:35 -08:00
Raul Garcia (MSFT)
9ef4aef28e Changing location for NonCryptographicHash qll 
Changing the TimeBomb query to path-problem (any suggestions to improve it would be welcomed, no previous experience iwth path-problem queries)
 2021-02-04 16:59:38 -08:00
Raul Garcia (MSFT)
d5c9db42de Fixing format 2021-02-04 14:26:03 -08:00
Raul Garcia (MSFT)
1d8f8286a5 Fixes to address some of the comments during PR 2021-02-04 13:25:43 -08:00
Raul Garcia (MSFT)
8e85145df4 Updated Readme file 2021-02-04 12:51:31 -08:00
Tamas Vajk
83f0fad014 Fix expected test AST 2021-02-04 21:08:01 +01:00
Tamas Vajk
f555c0642e Add change note 2021-02-04 21:08:01 +01:00