hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,893 Commits 1,671 Branches 157 Tags
tausbn/python-add-support-for-template-string-literals
Commit Graph

720 Commits

Author SHA1 Message Date
Calum Grant
0d86866ba3 Merge pull request #3160 from hvitved/csharp/null-maybe-fp 
C#: Add false-positive test for NullMaybe.ql
 2020-04-06 14:30:31 +01:00
Calum Grant
6cce0de9b2 Merge pull request #3124 from hvitved/csharp/dataflow/sources-and-sinks 
C#: Introduce `RemoteFlowSink` class
 2020-04-06 12:36:14 +01:00
Tom Hvitved
4ca5e3755f C#: Add false-positive test for NullMaybe.ql 2020-03-31 14:06:16 +02:00
Calum Grant
782f2b5b50 Merge pull request #3073 from hvitved/csharp/null-maybe-fp 
C#: Add test for `cs/dereferenced-value-may-be-null`
 2020-03-26 18:55:54 +00:00
Tom Hvitved
a8660d446e C#: Fix typo 2020-03-26 14:54:03 +01:00
Tom Hvitved
54677189de C#: Introduce RemoteFlowSink class 2020-03-25 20:05:39 +01:00
Tom Hvitved
7ac25d2439 C#: Add more tests for cs/information-exposure-through-exception 2020-03-25 14:33:49 +01:00
Tom Hvitved
fc74a482a4 C#: More XPath injection sinks 2020-03-19 14:13:35 +01:00
Tom Hvitved
4b3cf72c1c C#: Teach XPath injection query about XPathNavigator 2020-03-19 13:38:16 +01:00
Tom Hvitved
7f0181ccff C#: Add XPathNavigator test for cs/xml/xpath-injection 2020-03-19 13:37:03 +01:00
Tom Hvitved
fb2b239db7 C#: Add test for cs/dereferenced-value-may-be-null 2020-03-16 15:38:29 +01:00
Tom Hvitved
78380f5d59 Merge pull request #2658 from calumgrant/cs/serialization-check-bypass-type 
C#: Fix cs/serialization-check-bypass
 2020-02-12 10:26:01 +01:00
Calum Grant
803cb3f4d1 C#: Address review comment 
- Flow from expressions with a value is excluded.
 2020-02-10 16:02:29 +00:00
Tom Hvitved
85e6b24c49 C#: Remove false positives for cs/useless-assignment-to-local 2020-02-05 20:12:39 +01:00
Tom Hvitved
d9f9fc510f C#: Add more tests for cs/useless-assignment-to-local 2020-02-05 20:11:22 +01:00
Calum Grant
7caae01ad1 C#: Exclude fields that are created 2020-01-29 15:47:12 +00:00
Calum Grant
0b3821c828 C#: Remove false positive for out params 2020-01-28 13:59:33 +00:00
Calum Grant
f23438ea65 C#: Add test showing false positive 2020-01-28 11:48:59 +00:00
Tom Hvitved
7e042da4f5 Merge pull request #2665 from calumgrant/cs/zipslip-alert 
C#: ZipSlip query reports alert at source
 2020-01-23 11:05:57 +01:00
Calum Grant
a868456628 C#: Address review comments 2020-01-22 14:21:12 +00:00
Calum Grant
3d460aeb44 C#: ZipSlip query reports alert at source 2020-01-21 15:17:06 +00:00
Calum Grant
9d7c9e0ba4 C#: Default parameter values are maybe null 
C#: Update test output
 2020-01-20 14:37:20 +00:00
Calum Grant
631b4248b5 C#: Add a nullness test 2020-01-20 11:13:31 +00:00
Tom Hvitved
e5abaa79ae Merge pull request #2585 from calumgrant/cs/serialization-check-bypass 
C#: Improvements to cs/serialization-check-bypass
 2020-01-15 20:40:51 +01:00
Calum Grant
d8f5450b67 C#: Alert suppression comments can be in C89-style comments 2020-01-07 11:52:52 +00:00
Calum Grant
c145e32625 C#: Tests for multiline alert suppression comments 2020-01-06 15:45:00 +00:00
Calum Grant
41b4d70504 C#: Refactor, improve documentation and add tests for cs/serialization-check-bypass 2020-01-03 18:46:39 +00:00
Calum Grant
3db900b183 C#: Remove false positive and update test output 
C#: Mark results as GOOD
 2019-12-27 12:07:19 +00:00
Calum Grant
fd0225ca59 C#: Add test 2019-12-27 11:44:39 +00:00
Tom Hvitved
abcb6b8aab C#: Type-based pruning for data flow 2019-12-10 15:48:48 +01:00
Tom Hvitved
78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
 2019-12-10 15:46:28 +01:00
Calum Grant
59ce8842bb Merge branch 'master' of git.semmle.com:Semmle/ql into ASPNetPagesValidateRequest 
# Conflicts:
#	change-notes/1.24/analysis-csharp.md
 2019-12-05 15:58:47 +00:00
Calum Grant
30a2620a8c C#: Tidy up docs, query metadata and add tests. 2019-11-29 10:31:58 +00:00
Calum Grant
d001c3c2d2 C#: Restructure files. 2019-11-27 17:29:53 +00:00
Calum Grant
c906a8238d C#: Edit qhelp for cs/insecure-request-validation-mode 2019-11-27 16:37:37 +00:00
Tom Hvitved
795959ef8d C#: Update expected test output 2019-11-25 13:41:12 +01:00
Paulino Calderon
85eda8c978 Brings security tests from other PRs 2019-11-19 13:04:19 -05:00
Calum Grant
f3c92c5527 C#: Address review comment 2019-11-14 17:14:51 +00:00
Calum Grant
051dd6b3dc C#: Update qltests. 2019-11-14 17:14:51 +00:00
Tom Hvitved
46bc804562 Merge pull request #2286 from calumgrant/cs/windows-tests 
C#: Make qltests pass on all platforms
 2019-11-13 16:21:08 +01:00
Calum Grant
d64c244257 C#: Fix test for AspLine. 2019-11-08 15:48:56 +00:00
Tom Hvitved
fd63246f44 Merge remote-tracking branch 'upstream/master' into csharp/unsafe-deserialization 2019-11-04 13:42:35 +01:00
Tom Hvitved
cc7c30def8 Merge pull request #2179 from calumgrant/cs/local-disposal 
C#: Fix a FP in cs/local-not-disposed
 2019-11-04 11:23:50 +01:00
Tom Hvitved
eb990525d7 C#: Add precision tags to UnsafeDeserialization[UntrustedInput].ql 2019-10-28 14:19:40 +01:00
Tom Hvitved
6d22e351f1 Merge pull request #2151 from raulgarciamsft/users/raul/oss 
Users/raul/oss
 2019-10-24 19:35:40 +02:00
Tom Hvitved
4ac32c4b12 C#: Fix more tests 2019-10-24 13:00:14 +02:00
Geoffrey White
0427b1eb3f C#: Fix more tests. 2019-10-23 18:20:44 +01:00
Calum Grant
6b15bf62fd C#: Rewrite null-coalsecing logic 2019-10-23 13:49:22 +01:00
Calum Grant
01ad93d199 C#: Fix for false positive. 2019-10-23 12:26:01 +01:00
Calum Grant
ee7cf17b15 C#: Add test case for local disposal. 2019-10-23 11:22:52 +01:00