codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Michael Nebel	3c347cab98	C#: Update test output to reflect that the query is now a path-problem query.	2022-05-05 13:13:25 +02:00
Tom Hvitved	a0e003e33c	C#: Add FP test for `cs/useless-cast-to-self`	2022-04-29 11:59:51 +02:00
Tom Hvitved	02b11084bc	C#: Add more tests for `cs/useless-cast-to-self`	2022-04-06 09:36:59 +02:00
Michael Nebel	bfb206c810	C#: Let ExternalApi extend DataFlowCallable instead of Callable.	2022-03-29 14:52:57 +02:00
Michael Nebel	4f00666591	C#: Add query and test case for supported external taint.	2022-03-29 14:49:37 +02:00
Michael Nebel	18b1b51d07	C#: Add test for known sources telemetry query.	2022-03-29 14:49:37 +02:00
Michael Nebel	a7ece69f2b	C#: Add test for supported sinks query.	2022-03-29 14:49:37 +02:00
Michael Nebel	e4f6321851	C#: Add test for unsupported uses of library code.	2022-03-29 14:49:37 +02:00
Michael Nebel	e014cae7df	C#: Add test and output for all library usages.	2022-03-29 14:49:37 +02:00
Michael Nebel	7cef859253	C#: Add sample code file that calls both supported and unsupported library code with respect to flow summaries.	2022-03-29 14:49:37 +02:00
Michael Nebel	5babb0e66a	C#: Update stubs to include one more known sink method.	2022-03-29 11:07:57 +02:00
Tamas Vajk	4748d2c6e2	C# Exclude dynamic casts from useless casts check	2022-02-28 14:58:59 +01:00
Tamas Vajk	422c2d5ccb	C#: Add dynamic casts to useless upcast test	2022-02-21 16:10:00 +01:00
Tom Hvitved	984e01ecf0	C#: Remove FPs from `cs/dereferenced-value-may-be-null` Apply a conservative approach by filtering out results for accesses to captured nullable values, when there is an (implicit) call to the capturing callable which is `null`-guarded. For example: ``` bool M(int? i, IEnumerable<int> @is) { if (i.HasValue) return @is.Any(j => j == i.Value); // GOOD return false; } ```	2022-02-08 14:01:57 +01:00
Tom Hvitved	7948d965a0	C#: Add nullness tests for captured variables	2022-02-08 13:52:29 +01:00
Tom Hvitved	c4ad237a5c	C#: Update expected test output	2022-02-02 19:25:30 +01:00
Michael Nebel	2eea6ca5fd	C#: Example record type with autogenerated Deconstruct method.	2022-01-19 11:04:53 +01:00
Michael Nebel	53000cf9f0	C#: Update the XSS expected file.	2022-01-05 16:44:03 +01:00
Michael Nebel	7e6d88d959	C#: Only use stubs for XSS test.	2022-01-05 16:44:03 +01:00
Michael Nebel	24543a2245	C#: Update the UrlRedirect expected file.	2022-01-05 16:44:03 +01:00
Michael Nebel	47ab2061d8	C#: Replace StringValues stub from stubs.cs with the stub in Microsoft.Extensions.Primitives.	2022-01-05 16:44:03 +01:00
Michael Nebel	83c05f72d9	C#: Update the expected output from MinimalStubsFromSource as the stubs are now considered library code and thus produced as a part of the minimal stub.	2022-01-05 15:35:42 +01:00
Michael Nebel	69f42b9c74	C#: Update remaining tests.	2021-12-09 15:21:08 +01:00
Michael Nebel	59b71df2d6	C#: Use stubs for the CWE-601 testcase.	2021-11-30 15:32:19 +01:00
Michael Nebel	0b4d0d2772	C#: Use stubs for the CWE-838 testcase	2021-11-30 15:32:19 +01:00
Tom Hvitved	70e41b180e	Merge pull request #6800 from hvitved/csharp/constant-cond-tuple-discard C#: Filter discards in tuples in `ConstantCondition.ql`	2021-10-04 14:38:45 +02:00
Tom Hvitved	a315640082	C#: Address review comments	2021-10-04 13:15:26 +02:00
Tom Hvitved	f06632a8e7	C#: Filter discards in tuples in `ConstantCondition.ql`	2021-10-04 13:04:18 +02:00
Tom Hvitved	682a2aae3a	C#: Filter `using var _ = ...` results from `DeadStoreOfLocal.ql`	2021-10-04 10:45:44 +02:00
Tom Hvitved	6d315a5d16	C#: Add `subpaths` predicate to XSS queries	2021-09-20 10:40:54 +02:00
Anders Schack-Mulligen	2b7882e6e5	Merge pull request #5032 from aschackmull/dataflow/subpaths Dataflow: Add subpaths query predicate.	2021-09-08 11:52:41 +02:00
Tamas Vajk	469993f6d3	C#: Fix member order (yet again) in stubbing With explicit interface implementation, the same member name can show up multiple times in a type declaration. This commit defines an explicit order for these members.	2021-09-07 15:26:03 +02:00
Anders Schack-Mulligen	f30dad7705	Dataflow: Update test expected outputs.	2021-09-07 13:02:20 +02:00
Tamás Vajk	c63fd4a254	Merge pull request #6260 from tamasvajk/feature/method-name C#: Change generic method names to include <> and type args/params	2021-09-07 12:09:27 +02:00
Tamas Vajk	b7f13a7e1f	C#: Change generic method names to include <> and type args/params	2021-09-06 11:48:22 +02:00
Tamas Vajk	3560853f36	C#: Fix ordering of stubbed type members, implemented interfaces, and location comments	2021-09-03 09:53:34 +02:00
Tom Hvitved	592a42231f	C#: Fix test for `InsecureSQLConnection.ql`	2021-08-26 13:48:56 +02:00
Tamás Vajk	763de4fff9	Merge pull request #6425 from raulgarciamsft/insecureRandom_potential_fix C#: Adding Membership.GeneratePassword() as a bad source of random data	2021-08-19 11:16:26 +02:00
Tom Hvitved	44ff623d8c	Merge pull request #5508 from edvraa/deserializers deserialization sinks	2021-08-17 11:41:52 +02:00
Raul Garcia	2708326624	Update csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2021-08-05 16:33:01 -07:00
Tom Hvitved	9eb3f28ef1	C#: Add missing `nodes` predicate to XSS queries	2021-08-05 13:53:52 +02:00
Raul Garcia (MSFT)	7340a1293f	Fixing query & test	2021-08-04 19:37:57 -07:00
edvraa	d1e41689bb	Merge with main	2021-08-04 14:25:34 +03:00
edvraa	1682e993bc	Merge with Main	2021-07-12 11:32:47 +03:00
Tom Hvitved	4de4753c67	C#: Remove `Query.qll` top-level modules	2021-07-04 09:35:27 +02:00
Tom Hvitved	c812d4e4e8	C#: Add `Query` suffix to libraries that should only be imported by queries	2021-07-04 09:35:26 +02:00
Tamas Vajk	5e2770339f	Add adjusted expected files	2021-07-01 16:09:11 +02:00
Tamas Vajk	03d1a3e0ad	Trim test files + remove duplicate newlines	2021-07-01 16:09:11 +02:00
Tamas Vajk	4900ecfabe	Manual fixes	2021-07-01 16:09:11 +02:00
Tamas Vajk	c29d11087b	C#: Start using 'options' files in tests	2021-07-01 16:08:47 +02:00

1 2 3 4 5 ...

333 Commits