hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-08 04:00:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,658 Commits 1,681 Branches 157 Tags
b8372c2f9591e871886cd2c084c447ec770ccdc8
Commit Graph

228 Commits

Author SHA1 Message Date
Joe Farebrother
c10a66809d Merge pull request #13094 from joefarebrother/csharp-missing-access-control 
C#: Add query for missing function level access control
 2023-07-05 17:40:59 +01:00
Joe Farebrother
a53bf4ddd7 Apply doc review suggestions 2023-07-05 15:37:48 +01:00
Joe Farebrother
270bcc3740 fix qhelp and remove commented out code 2023-06-22 11:20:58 +01:00
Joe Farebrother
8fdec4f116 Add documentation 2023-06-20 17:18:04 +01:00
Tony Torralba
8f6d2ed2f9 Adjust ZipSlip query description according to review suggestions. 2023-06-19 10:27:41 +02:00
Tony Torralba
3c4d938cf1 Apply code review suggestions. 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-19 10:20:19 +02:00
Tony Torralba
3e96fe60c5 Go/Java/JS/Python/Ruby: Update the description and qhelp of the ZipSlip query 
All filesystem operations, not just writes, with paths built from untrusted archive entry names are dangerous
 2023-06-16 08:52:44 +02:00
Joe Farebrother
e93f3186fe Add missing function level access control query 2023-06-14 16:07:40 +01:00
Kasper Svendsen
3041fdebba C#: Make implicit this receivers explicit 2023-05-09 15:34:59 +02:00
Michael Nebel
815602d3b5 C#: Re-factor some of the data flow configurations used by the UnsafeDeserializationQuery to use the new API. 2023-05-03 13:09:35 +02:00
Michael Nebel
f32b8ad5b1 C#: Update comment for the RequiresEncodingConfig param module. 2023-04-26 10:32:23 +02:00
Michael Nebel
96fba2dac3 Apply suggestions from code review 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2023-04-26 10:23:52 +02:00
Michael Nebel
8756c031e0 C#: Re-factor the InappropriateEncoding query to use the new API. 2023-04-24 16:06:07 +02:00
Michael Nebel
0fdeeba46f C#: Re-refactor Xss to use the new API. 2023-04-20 18:38:15 +02:00
Michael Nebel
b410791f28 C#: Re-factor InsecureRandomness to use the new API. 2023-04-19 13:36:30 +02:00
Michael Nebel
73ddc0530a C#: Re-factor InsecureSqlConnection to use the new API. 2023-04-17 11:38:37 +02:00
Michael Nebel
3687770dab C#: Re-factor AddCertToRootStore to use the new API. 2023-04-17 11:38:37 +02:00
Michael Nebel
b3de105665 C#: Re-factor TypeNameTracking to use the new API. 2023-04-17 11:38:37 +02:00
Michael Nebel
e648c643ca C#: Re-factor ExceptionInformationExposure to use the new API. 2023-04-13 15:15:58 +02:00
Michael Nebel
bb75ed03da C#: Re-factor ExposureInTransmittedData to use the new API. 2023-04-13 15:05:25 +02:00
Michael Nebel
f4ee1a5119 C#: Re-factor UncontrolledFormatString to use the new API. 2023-04-13 15:01:06 +02:00
Michael Nebel
9a62f51694 C#: Re-factor AssemblyPathInjection to use the new API. 2023-04-13 14:54:25 +02:00
Michael Nebel
ca029f5718 C#: Re-factor XMLInjection to use the new API. 2023-04-13 14:50:51 +02:00
Michael Nebel
a96ad600fc C#: Re-factor ZipSlip to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
3e4e75cee8 C#: Re-factor XPathInjection to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
e6be88b10e C#: Re-factor XmlEntityInjection to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
60544c6889 C#: Re-factor UrlRedirect to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
bdf1da340d C#: Re-factor TaintedPath to use the new API. 2023-04-13 14:28:27 +02:00
Michael Nebel
3a316f17cc C#: Re-factor SqlInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
60a0917ced C#: Re-factor ResourceInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
80e8b6928d C#: Re-factor RegexInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
377b2d7515 C#: Re-factor ReDoS to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8d17a45dd0 C#: Re-factor MissingXmlValidation to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
8e3bfda7be C#: Re-factor LogForging to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
73cd7519a2 C#: Re-factor LdapInjection to use the new API. 2023-04-13 10:08:40 +02:00
Michael Nebel
91150af11e C#: Re-factor HardcodedConnectionString to use the new API. 2023-04-13 10:08:39 +02:00
Michael Nebel
3bda0b9e8c C#: Re-factor HardcodedCredentials to use the new API. 2023-04-13 10:08:39 +02:00
Michael Nebel
d94b11b001 C#: Re-factor ExtertalApisQuery to use the new API. 2023-04-13 10:08:39 +02:00
Michael Nebel
fc43a4e569 C#: Re-factor CleartextStorage to use the new API. 2023-03-31 13:10:42 +02:00
Michael Nebel
483e5c5264 C#: Re-factor ExposureOfPrivateInformation to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
cc4f3f6234 C#: Re-factor CodeInjection to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
60c5bbde0f C#: Re-factor ConditionalBypass to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
cab976cf8f C#: Re-factor CommandInjection to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
c03ce2f63b C#: Re-factor HardCodedSymmetricEncryptionKey to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
5278bbcaaa C#: Re-factor SymmetricKeyTaintTrackingConfiguration to use the new API. 2023-03-29 13:19:56 +02:00
Michael Nebel
9f88a72d9f C#: Make cs/web/debug-binary respect transformation file RemoveAttribute. 2023-03-27 10:39:44 +02:00
Tony Torralba
2ca0df0369 C#: Remove omittable exists variables 2023-01-10 13:36:25 +01:00
Michael Nebel
27efb0d843 C#: Rename -> for . 2022-12-06 13:53:50 +01:00
Michael Nebel
29ccac8e93 C#: Address review comments. 2022-12-06 12:05:48 +01:00
Michael Nebel
6b35098fb7 C#: Replace more uses of getQualifiedName/0. 2022-12-06 11:59:13 +01:00