hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,092 Commits 1,697 Branches 161 Tags
9e46ef3cd9768ff7da2d0a2a4e71455ca46fad55
Commit Graph

2818 Commits

Author SHA1 Message Date
edvraa
9e46ef3cd9 Get rid of getParent 2021-04-21 17:11:40 +03:00
edvraa
808444986d Get rid of UnsafeDeserializerCallable 2021-04-21 17:06:20 +03:00
edvraa
b6952d541a get rid of getParent 2021-04-21 16:55:34 +03:00
edvraa
9cc67e4266 make private where possible 2021-04-21 16:48:05 +03:00
edvraa
8f6411dba3 Simpify with exists 2021-04-21 13:52:41 +03:00
edvraa
0590522e4b a deserializer 2021-04-21 13:29:00 +03:00
edvraa
3ac5f7bb18 Move RemoteSource and LocalSource to UnsafeDeserialization.qll 2021-04-21 13:27:26 +03:00
edvraa
c3deb48efa Charpred for InstanceMethodSink 2021-04-16 17:19:42 +03:00
edvraa
a412581556 reintroduce UnsafeDeserializer 2021-04-15 22:32:42 +03:00
edvraa
3aedd2c1f4 Use TaintTracking2 2021-04-15 22:12:01 +03:00
edvraa
773556e5e0 Use hasFlow where path is not needed 2021-04-15 16:27:09 +03:00
edvraa
1581a27d3d Simplify getTarget check 2021-04-15 16:24:36 +03:00
edvraa
b027fddc7e Remove redundant check 2021-04-15 00:14:09 +03:00
edvraa
3a9d1f46fd Hide implementation details 2021-04-15 00:09:19 +03:00
edvraa
a4fd70aa3d Use don't care expression 2021-04-14 23:35:38 +03:00
edvraa
13080703b9 Make query symmetric 2021-03-31 15:59:19 +03:00
edvraa
f8867e40a7 Rename deserializeCall to deserializeCallArg 2021-03-31 15:49:17 +03:00
edvraa
aa9d84854f Rename taint tracking variables 2021-03-31 15:42:52 +03:00
edvraa
7cbbd6cc89 Simplify query 2021-03-31 15:35:54 +03:00
edvraa
8bb3be2677 Fix comment 2021-03-31 15:31:14 +03:00
edvraa
94234b8b02 Rename ObjectMethodSink to InstanceMethodSink 2021-03-31 15:22:30 +03:00
edvraa
ac29184521 deserialization sinks 2021-03-20 21:50:46 +02:00
Tamás Vajk
0732f200e8 Merge pull request #5421 from tamasvajk/feature/codequalityfixes 
C#: Fix code quality issues reported by code scanning
 2021-03-19 12:09:18 +01:00
Tamás Vajk
752c911a22 Merge pull request #5394 from tamasvajk/feature/upgrade-nuget-packages 
C#: Upgrade nuget packages
 2021-03-19 12:09:00 +01:00
Tom Hvitved
09a49e4580 Merge pull request #5311 from hvitved/dataflow/lambda 
Data flow: Move C# lambda flow logic into shared library
 2021-03-19 11:44:15 +01:00
Tamas Vajk
20f0b3329a C#: Fix code quality issues reported by code scanning 2021-03-19 09:18:57 +01:00
Tom Hvitved
5b2d5ee010 Merge pull request #4940 from hvitved/csharp/base-ssa-phi-input 
C#: Take phi nodes into account in `Steps::getARead()`
 2021-03-17 14:33:59 +01:00
Tamas Vajk
78843882f9 C#: Upgrade nuget packages 2021-03-17 09:35:57 +01:00
Tamas Vajk
02cb383d3b C#: Fix nullable warning 2021-03-17 09:35:13 +01:00
Anders Schack-Mulligen
46bae88181 Merge pull request #5375 from aschackmull/dataflow/unbind 
Dataflow: Switch from unbind to pragma[only_bind_into].
 2021-03-16 14:03:54 +01:00
Tom Hvitved
88b7ad001f C#: Take phi nodes into account in Steps::getARead() 2021-03-16 13:55:30 +01:00
Tom Hvitved
cb8e2d451d C#: Add test for DeadStoreOfLocal.ql 2021-03-16 13:52:41 +01:00
Tom Hvitved
a373a523f6 Data flow: Move C# lambda flow logic into shared library 2021-03-16 13:49:32 +01:00
Tom Hvitved
e1e4016a5c C#: Fix missing delegate flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
29c6d22163 C#: Add test exposing missing delegate flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
25adcfc39d C#: Fix missing phi flow 2021-03-16 13:16:23 +01:00
Tom Hvitved
e092b31791 C#: Add test exposing missing phi flow 2021-03-16 13:16:23 +01:00
Tamás Vajk
24140195d6 Merge pull request #5242 from tamasvajk/feature/tuple-df 
C#: Add tuple dataflow
 2021-03-16 11:45:11 +01:00
Tamás Vajk
8d6b8359eb Merge pull request #5316 from tamasvajk/feature/roslyn3.9 
C#: Upgrade Roslyn dependencies to 3.9
 2021-03-16 11:44:42 +01:00
Anders Schack-Mulligen
2d8d967060 Dataflow: Address review comment. 2021-03-16 11:07:33 +01:00
Tamas Vajk
27048191c8 C#: Add dataflow test for tuple-positional pattern 2021-03-12 17:14:24 +01:00
Tamas Vajk
9ff304ca6b Fix missing variable binding 2021-03-12 16:14:32 +01:00
Anders Schack-Mulligen
5aa9c2bd19 Dataflow: One more pragma. 2021-03-12 15:59:19 +01:00
Anders Schack-Mulligen
674886a17d Dataflow: Sync. 2021-03-10 16:53:51 +01:00
Tom Hvitved
fc5158c41c Merge pull request #5338 from hvitved/dataflow/performance-tweaks 
Data flow: Performance tweaks
 2021-03-10 13:56:57 +01:00
Tom Hvitved
fe6efde449 Address review comments 2021-03-09 14:30:12 +01:00
Tamas Vajk
ba05bf3ae0 Fix code review findings 2021-03-09 11:17:57 +01:00
Tom Hvitved
d4e0c7efae Merge pull request #5340 from hvitved/csharp/null-checks 
C#: Use `is [not] null` throughout in the extractor
 2021-03-09 09:30:54 +01:00
Tamas Vajk
0defad77dd C#: Add tuple data flow in patterns 2021-03-09 09:14:24 +01:00
Tom Hvitved
80a7b52f38 C#: Convert data-flow test queries to path-problems 2021-03-09 09:14:24 +01:00