hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
468 Commits 1,671 Branches 157 Tags
1a14b13703e9bf6d12b6b989707ed75e98db9296
Commit Graph

67 Commits

Author SHA1 Message Date
Tom Hvitved
04f29951a5 Merge pull request #98 from calumgrant/cs/literal-conversion-fix 
C#: Regression test for extractor
 2018-09-07 08:42:00 +02:00
Aditya Sharad
f27945216f Merge rc/1.18 into master. 2018-09-05 15:32:30 +01:00
calumgrant
8263b248b7 Merge pull request #152 from hvitved/csharp/base-ssa 
C#: Fix bug in BaseSsa library
 2018-09-05 13:02:56 +01:00
semmle-qlci
6c1098d170 Merge pull request #120 from hvitved/csharp/query/useless-upcast 
Approved by calumgrant
 2018-09-05 08:39:25 +01:00
Tom Hvitved
124a00ba10 C#: Update expected output in SSA tests 2018-09-04 20:15:33 +02:00
Aditya Sharad
ab2bec743a Revert "Version: Bump to 1.19.0 dev." 
The version bump should now go into the `next` branch rather than `master`.
This reverts commit 2363f49e3a.
 2018-09-04 16:01:09 +01:00
Tom Hvitved
6a4dbfce8f Address review comment 2018-09-04 16:07:49 +02:00
Tom Hvitved
919203a071 Address review comment 2018-09-04 16:04:21 +02:00
calumgrant
98aa7f88b2 Merge pull request #121 from hvitved/csharp/sync-test-files 
C#: Synchronize a few test files
 2018-09-04 15:01:19 +01:00
Tom Hvitved
9a7746e9b5 C#: Fix bug in BaseSsa library 2018-09-04 15:16:20 +02:00
Tom Hvitved
81122ca7a4 C#: Add test that reveals bug in BaseSsa implementation 2018-09-04 13:58:59 +02:00
Tom Hvitved
c4c74cd005 C#: Split up DataFlowInternal.qll 
Split up into `internal/BaseSSA.qll` and `internal/Steps.qll`.
 2018-09-04 13:30:54 +02:00
calumgrant
af3f855491 Merge pull request #94 from hvitved/csharp/cfg/minor-fixes 
C#: Minor CFG improvements
 2018-09-03 17:41:18 +01:00
Aditya Sharad
2363f49e3a Version: Bump to 1.19.0 dev. 
This keeps the QL for Eclipse language plugins in sync with internal `master`.
 2018-09-03 16:41:28 +01:00
Tom Hvitved
809da42f00 C#: Synchronize a few test files 
Synchronized test files with the examples used in query help.
 2018-08-30 21:46:37 +02:00
Tom Hvitved
386b89a023 C#: Improvements to cs/useless-upcast 2018-08-30 15:15:40 +02:00
Dave Bartolomeo
2af82d9485 LF for .qhelp files too 2018-08-26 21:12:51 -07:00
Dave Bartolomeo
d920fc7d94 Force LF line endings for .ql, .qll, and .qlref files 2018-08-24 11:58:58 -07:00
Tom Hvitved
d4551e5897 Merge pull request #81 from lukecartey/csharp/zipslip-reformat 
C#: ZipSlip - Rearrange query, add help and update doc
 2018-08-24 09:40:20 +02:00
calum
41382dd732 C#: A regression test for extractor crash when wrong expression type is used for a literal. 2018-08-23 17:45:40 +01:00
calumgrant
04bccd0137 Merge pull request #55 from denislevin/denisl/cs/DontInstallRootCertificate 
cs: Don't Install Root Certificate (CWE-327)
 2018-08-23 17:36:50 +01:00
Luke Cartey
86a7df0ef5 C#: ZipSlip - Address doc team comments. 2018-08-23 15:57:00 +01:00
Tom Hvitved
1dff900059 C#: Speed up throwMayBeUncaught() by not relying on definitelyHandles() 
The `definitelyHandles()` predicate calculates the relation for all exception
types, not just the ones that can actually be thrown (no automatic magic).
This commit inlines the definition of `definitelyHandles()` to get the proper
context (manual magic).
 2018-08-23 14:39:19 +02:00
Tom Hvitved
4684bc9d15 C#: Add QL doc to startsSplits() 2018-08-23 14:39:19 +02:00
Pavel Avgustinov
3182274ce8 Merge pull request #87 from lukecartey/csharp/ccyclomatic-kind 
C#: Fix @kind property of CCyclomaticComplexity
 2018-08-23 03:50:36 -07:00
Luke Cartey
70abf2d58f C#: CCyclomaticComplexity - Fix @kind property. 
CCyclomaticComplexity is a metric query, so needs a @kind treemap
instead of @kind table.
 2018-08-21 14:42:05 +01:00
Luke Cartey
014c4e8579 C#: Update qlpath to fix metric queries. 
The Metrics folder has a queries.xml file which is required when
building a full distribution, as the Metrics folder gets copied into
odasa-csharp-metrics directory. However, in QL for Eclipse this doesn't
compile because it prevents import lookup at the top level. Modifying
the qlpath file to include the top-level directory on the library path
fixes the problem.
 2018-08-21 14:36:33 +01:00
Luke Cartey
4f57456df1 C#: ZipSlip - Add spaces into bad example. 2018-08-21 13:06:29 +01:00
Luke Cartey
6453153393 C#: ZipSlip - Address review comments in module. 2018-08-21 12:18:27 +01:00
Luke Cartey
6959d80a28 C#: ZipSlip - Update help, compile and test samples. 2018-08-21 12:17:48 +01:00
Tom Hvitved
4560468cb8 C#: Update expected test output 2018-08-21 08:57:03 +02:00
Denis Levin
be3d2931e3 Changed query message text as requested 2018-08-20 14:02:33 -07:00
Luke Cartey
d6c58d6bd9 C#: ZipSlip - Add precision tag. 2018-08-20 16:59:57 +01:00
Luke Cartey
fa78d04f18 C#: ZipSlip - Add qhelp file. 
This adds a help file which describes the problem, provides
recommendations on how to fix it and an example.
 2018-08-20 16:59:56 +01:00
Luke Cartey
99d1cf70be C#: ZipSlip - Update name, description and message. 
This commit updates the name, description and message to better match
the house style for the security queries.
 2018-08-20 16:59:56 +01:00
Luke Cartey
112d104005 C#: ZipSlip - remove ZipSlip prefix from TaintTracking class name. 2018-08-20 16:18:13 +01:00
Luke Cartey
b6c9f844e8 C#: ZipSlip - refactor to use Source, Sink, Sanitizer 
This commit refactors the existing predicates to be classes extending
Source, Sink or Sanitizer, as appropriate.
 2018-08-20 16:17:03 +01:00
Luke Cartey
09b23878fd C#: ZipSlip, introduce source, sink, sanitizer classes. 2018-08-20 12:25:51 +01:00
Luke Cartey
3bc035fb5a C#: Reformat ZipSlip module. 
Reformat the ZipSlip module to adhere to the "QL Style Guide".
 2018-08-20 12:11:06 +01:00
Tom Hvitved
b1451b079e C#: Add CFG test that mixes finally splitting and catch splitting 2018-08-20 13:10:09 +02:00
Tom Hvitved
91ed111735 C#: Improve CFG for exception handlers 
Use generic CFG splitting to add a new type of split for exception handlers,
`ExceptionHandlerSplit`, which tags eachs node belonging to a `catch` clause
with the type of exception being caught. This allows for a more accurate CFG
for `try-catch` statements, where exception filters are handled properly.
 2018-08-20 13:08:28 +02:00
Tom Hvitved
a705b3afa5 C#: Generic control flow graph splitting 
Refactor existing logic for splitting control flow nodes belonging to a `finally`
block. A `Split` defines (1) when to enter the split, (2) when to stay in the split,
and (3) when to leave the split. With only these definitions, control flow splitting
is achieved by tagging each control flow element with the set of splits that apply
to it.
 2018-08-20 13:04:29 +02:00
Luke Cartey
80e4815125 C#: Extract ZipSlip library 2018-08-20 12:03:33 +01:00
Tom Hvitved
1365761f72 C#: Change toString() for FinallySplitControlFlowNode 2018-08-20 09:41:54 +02:00
Denis Levin
276deee68c Added comments to the test file. Fixed a typo. 2018-08-17 10:50:52 -07:00
Tom Hvitved
0edd0057fc C#: Do not use @kind graph in ql tests 2018-08-17 17:55:13 +02:00
Denis Levin
2a46a26d9e Update addressing review comments 2018-08-16 17:29:04 -07:00
Denis Levin
a09e7db08d Removing @precision high tag 2018-08-14 18:41:21 -07:00
calum
fc5963b831 C#: Rename filename in expected test output. 2018-08-14 13:00:25 +01:00
calum
82f0c389c7 C#: Update test references to use .NET Core, and change relative directory of moved test file. 2018-08-14 12:52:26 +01:00