erik-krogh
326666ac85
update the alert-messages of csharp queries
2022-09-26 14:01:39 +02:00
Michael Nebel
c3adb990a3
C#: Update SQL Injection with testcase with found vulnerability.
2022-08-10 14:49:20 +02:00
Michael Nebel
504160fee4
C#: Update expected file for Sql injection and Second Order sql injection (note that this is already a second order sql injection).
2022-08-10 14:49:20 +02:00
Michael Nebel
5c47ae3f98
C#: Add testcase for unsanitized filename used in Filestream.
2022-08-10 14:49:20 +02:00
Michael Nebel
1355931b50
C#: Update SecondOrder SQL Injection test case expected output with vulnerability from test case.
2022-08-10 14:49:19 +02:00
Michael Nebel
2b51e03223
C#: Add SecondOrder SQL injection example, where reading from a file.
2022-08-10 11:08:27 +02:00
Michael Nebel
344770f06a
C#: Update Sqlinjection test query output with new results.
2022-08-10 11:08:27 +02:00
Michael Nebel
78cfb226a3
C#: Add some examples where adapter is used in conjunction with a tainted command.
2022-08-10 11:08:27 +02:00
Michael Nebel
86000f32e7
C#: Update SqlInjection query tests with new results.
2022-08-10 11:08:27 +02:00
Michael Nebel
1fb209990e
C#: Add SQLiteDataAdapter examples.
2022-08-10 11:08:27 +02:00
Michael Nebel
ce9baaa1f3
C#: Update SQLInjection query test output.
2022-08-10 11:08:27 +02:00
Michael Nebel
d42752714c
C#: Add SQLCommand examples.
2022-08-10 11:08:21 +02:00
Michael Nebel
3ba893dfa8
C#: Remove System.Data.SqlClient 4.8.2 stub.
2022-08-09 13:15:44 +02:00
Anders Schack-Mulligen
f30dad7705
Dataflow: Update test expected outputs.
2021-09-07 13:02:20 +02:00
Tamas Vajk
5e2770339f
Add adjusted expected files
2021-07-01 16:09:11 +02:00
Tamas Vajk
03d1a3e0ad
Trim test files + remove duplicate newlines
2021-07-01 16:09:11 +02:00
Tamas Vajk
c29d11087b
C#: Start using 'options' files in tests
2021-07-01 16:08:47 +02:00
Tamas Vajk
b0447089d9
C#: Change Dapper stub to nuget-based one (stub also System.Data.SqlClient)
2021-06-23 15:04:57 +02:00
Tamas Vajk
ffcb345916
C#: Add Dapper support to SQL injection queries
2021-04-06 17:06:20 +02:00
Tamas Vajk
98001c494f
C#: Add Dapper stub and new SqlInjection test cases
2021-04-06 13:30:31 +02:00
Tom Hvitved
5d1a5920c7
C#: Reimplement flow-summary compilation
2020-10-14 14:15:34 +02:00
Tom Hvitved
795c5784b0
C#: Precise data flow for collections
2020-06-26 13:40:05 +02:00
Tom Hvitved
abcb6b8aab
C#: Type-based pruning for data flow
2019-12-10 15:48:48 +01:00
Tom Hvitved
78ddb37a8c
C#: Track type information in data flow
...
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.
The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
2019-12-10 15:46:28 +01:00
Anders Schack-Mulligen
6299625b3d
C#: Adjust qltest expected output.
2019-09-12 11:00:49 +02:00
Tom Hvitved
c5d9d74c0a
C#: Nested field flow
2019-08-23 09:25:05 +02:00
Tom Hvitved
c6a471e4b6
C#: Adopt shared data flow implementation
...
- General refactoring to fit with the shared data flow implementation.
- Move CFG splitting logic into `ControlFlowReachability.qll`.
- Replace `isAdditionalFlowStepIntoCall()` with `TaintedParameterNode`.
- Redefine `ReturnNode` to be the actual values that are returned, which should
yield better path information.
- No longer consider overrides in CIL calls.
2019-05-06 14:54:11 +02:00
calum
c9ffb38e4b
C#: Add sources and sinks in Winforms. Update some queries with new sources and sinks.
2019-01-18 15:42:44 +00:00
calum
69ab1ed5bd
C#: Add nodes predicate to all path queries.
2018-11-21 12:35:05 +00:00
calum
eddc52852d
C#: Convert security queries to path-problem and update qltest expected output.
2018-11-16 10:31:20 +00:00
Pavel Avgustinov
b55526aa58
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
