calum
69ab1ed5bd
C#: Add nodes predicate to all path queries.
2018-11-21 12:35:05 +00:00
calum
eddc52852d
C#: Convert security queries to path-problem and update qltest expected output.
2018-11-16 10:31:20 +00:00
Tom Hvitved
665173692c
C#: Fix whitespaces
2018-10-30 13:15:46 +01:00
Luke Cartey
1a90f7df2c
C#: ZipSlip - Address review comments.
...
- Add backticks
- Add extra test.
2018-10-03 11:38:48 +01:00
Luke Cartey
b1d5d5bf86
C#: ZipSlip - Refine StartsWith sanitizer.
...
ZipSlip can be avoided by checking that the combined and resolved
path `StartsWith` the appropriate destination directory. Refine the
`StartsWith` sanitizer to:
* Consider expressions guarded by an appropriate StartsWith check to be
sanitized.
* Consider a StartsWith check to be inappropriate if it is checking the
result of `Path.Combine`, as that has not been appropriately resolved.
Tests have been updated to reflect this refinement.
2018-08-24 14:27:25 +01:00
Luke Cartey
86a7df0ef5
C#: ZipSlip - Address doc team comments.
2018-08-23 15:57:00 +01:00
Luke Cartey
4f57456df1
C#: ZipSlip - Add spaces into bad example.
2018-08-21 13:06:29 +01:00
Luke Cartey
6959d80a28
C#: ZipSlip - Update help, compile and test samples.
2018-08-21 12:17:48 +01:00
Luke Cartey
99d1cf70be
C#: ZipSlip - Update name, description and message.
...
This commit updates the name, description and message to better match
the house style for the security queries.
2018-08-20 16:59:56 +01:00
calum
fc5963b831
C#: Rename filename in expected test output.
2018-08-14 13:00:25 +01:00
calum
82f0c389c7
C#: Update test references to use .NET Core, and change relative directory of moved test file.
2018-08-14 12:52:26 +01:00
Denis Levin
cee996c543
Adding .expected file to QLTest
2018-08-13 15:04:15 -07:00
Denis Levin
242fba3fd2
cs: Query for ZipSlip vulnerability (CVE-2018-1002200)
...
Initial check in to validate the tests
2018-08-13 14:56:45 -07:00
Pavel Avgustinov
b55526aa58
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
