hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

1338 Commits

Author SHA1 Message Date
Tom Hvitved
01f7fdfea5 C#: Update call-context data-flow tests 2021-08-25 10:34:53 +02:00
Ian Lynagh
a9db1c52e5 All languages: Add getPrimaryQlClasses() 
This is a non-overridable predicate that concatenates all the
getAPrimaryQlClass() results into a comma-separated string.
 2021-08-23 15:49:10 +01:00
Andrew Eisenberg
c9f1c98390 Packaging: C# refactoring 
Split c# pack into `codeql/csharp-all` and `codeql/csharp-queries`.
 2021-08-19 14:09:35 -07:00
Tamás Vajk
763de4fff9 Merge pull request #6425 from raulgarciamsft/insecureRandom_potential_fix 
C#: Adding Membership.GeneratePassword() as a bad source of random data
 2021-08-19 11:16:26 +02:00
Tom Hvitved
44ff623d8c Merge pull request #5508 from edvraa/deserializers 
deserialization sinks
 2021-08-17 11:41:52 +02:00
Tamás Vajk
c1cf2a1c5f Merge pull request #5579 from edvraa/cookies 
C#: HttpOnly and Secure cookie queries
 2021-08-09 08:58:11 +02:00
Raul Garcia
2708326624 Update csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-08-05 16:33:01 -07:00
Tom Hvitved
9eb3f28ef1 C#: Add missing nodes predicate to XSS queries 2021-08-05 13:53:52 +02:00
Raul Garcia (MSFT)
7340a1293f Fixing query & test 2021-08-04 19:37:57 -07:00
edvraa
d1e41689bb Merge with main 2021-08-04 14:25:34 +03:00
Tom Hvitved
7a475eb0a2 C#: Fix CSV overrides logic 2021-08-02 10:35:21 +02:00
Tom Hvitved
df29538840 C#: Add test that exhibits bug in CSV overrides logic 2021-08-02 10:35:21 +02:00
edvraa
1682e993bc Merge with Main 2021-07-12 11:32:47 +03:00
edvraa
d0e9a01edc Rename files 2021-07-12 01:13:40 +03:00
edvraa
5c9a3d5ce7 Single Secure query 2021-07-12 01:13:39 +03:00
edvraa
07327984b0 Single HttpOnly query 2021-07-12 01:13:39 +03:00
edvraa
89c4102462 HttpOnly and Secure cookie queries 2021-07-12 01:13:39 +03:00
Tom Hvitved
4de4753c67 C#: Remove Query.qll top-level modules 2021-07-04 09:35:27 +02:00
Tom Hvitved
c812d4e4e8 C#: Add Query suffix to libraries that should only be imported by queries 2021-07-04 09:35:26 +02:00
Tamas Vajk
5e2770339f Add adjusted expected files 2021-07-01 16:09:11 +02:00
Tamas Vajk
03d1a3e0ad Trim test files + remove duplicate newlines 2021-07-01 16:09:11 +02:00
Tamas Vajk
4900ecfabe Manual fixes 2021-07-01 16:09:11 +02:00
Tamas Vajk
c29d11087b C#: Start using 'options' files in tests 2021-07-01 16:08:47 +02:00
Tamás Vajk
10a6089739 Merge pull request #6148 from tamasvajk/feature/try-csv-source-models 
C#: Start using CSV based flow models
 2021-06-30 12:58:42 +02:00
Tamas Vajk
0946ae2ae9 Fix review findings 2021-06-30 11:39:51 +02:00
Tamas Vajk
a90a86bcbf Fix flow from Element of Argument[0] for Int32.TryParse(ReadOnlySpan<Char>,... 2021-06-28 11:20:32 +02:00
Tamas Vajk
b7a43dccd3 C#: Migrate System.Int32 flow summaries to CSV 2021-06-28 11:20:32 +02:00
Tom Hvitved
4f8a103df2 C#: Add active preprocessor conditions as suffix in all TRAP .push instructions 2021-06-28 10:34:42 +02:00
Tom Hvitved
7a9f9e245f C#: Handle CSV data-flow summaries with out/ref parameters 2021-06-24 18:34:25 +02:00
Tamás Vajk
173be0cce0 Merge pull request #6144 from tamasvajk/feature/stub-dapper 
C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlC…
 2021-06-24 11:41:12 +02:00
Tamás Vajk
8518e7c5a3 Merge pull request #6146 from tamasvajk/feature/stub-nhibernate 
C#: Change nHibernate stub to nuget-based one
 2021-06-23 18:00:45 +02:00
Tamas Vajk
b0447089d9 C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlClient) 2021-06-23 15:04:57 +02:00
Tamas Vajk
f352bcb0a3 C#: Change nHibernate stub to nuget-based one 2021-06-23 13:55:19 +02:00
Tamas Vajk
e200ecde4a C#: Change Newtonsoft.Json stub to nuget-based one 2021-06-23 13:49:11 +02:00
Tamas Vajk
09dd615c6b Regenerate stubs (add System.Void struct) 2021-06-23 11:38:41 +02:00
Tamas Vajk
133d760659 Regenerate stubs to update nested class names in comments 2021-06-23 09:53:39 +02:00
Tamas Vajk
9ba1529f19 Fix nested class names in comments of stubs expected test file 2021-06-23 09:38:29 +02:00
Tamas Vajk
b40b6f40b6 Change frameworks folder to _frameworks 2021-06-23 09:26:55 +02:00
Tamas Vajk
405c008b47 Fix conversion operator stubbing + reduce skipped ctor noise in stubs 2021-06-23 09:26:54 +02:00
Tamas Vajk
e4b02e377c Add .net core and asp.net core stubs 2021-06-23 09:26:54 +02:00
Tamas Vajk
fec0ddd2d2 Add test for tuples with arity < 2 2021-06-23 09:26:54 +02:00
Tamas Vajk
b725f6e547 Handle types that are defined in multiple assemblies 2021-06-23 09:26:54 +02:00
Tamas Vajk
88c97bd34e Generate stubs per assembly 2021-06-23 09:26:53 +02:00
Tamas Vajk
ba238578d1 Add stubbing tests 2021-06-23 09:26:53 +02:00
Tom Hvitved
eca11f1b40 C#: Adjust getQualifiedName for type parameters 2021-06-17 14:47:19 +02:00
Tom Hvitved
3f6beaf9df C#: Add tests for complex CSV flow summaries 2021-06-16 19:36:05 +02:00
Tom Hvitved
0af44a7f94 C#: Changes to Type::{getQualifier,hasQualifiedName} 2021-06-16 19:36:05 +02:00
Tom Hvitved
8866e6c969 C#: Always use fully qualified names in CSV data-flow summaries 2021-06-16 14:09:45 +02:00
Tom Hvitved
def3d6bac4 C#: CSV-based flow summaries 2021-06-16 14:09:45 +02:00
Tamas Vajk
eea96a5585 Fix effective publicness of protected private and protected internal 2021-06-16 10:51:52 +02:00