mirror of https://github.com/github/codeql.git synced 2026-03-30 20:28:15 +02:00

Files

Calum Grant e330d5a6c6 Merge pull request #1549 from hvitved/csharp/cfg/loop-unrolling

C#: Loop unrolling for `foreach` statements

2019-09-12 10:24:26 +01:00

Improvements to C# analysis

The following changes in version 1.23 affect C# analysis in all applications.

New queries

Query	Tags	Purpose
Unsafe year argument for 'DateTime' constructor (`cs/unsafe-year-construction`)	reliability, date-time	Finds incorrect manipulation of `DateTime` values, which could lead to invalid dates.
Mishandling the Japanese era start date (`cs/mishandling-japanese-era`)	reliability, date-time	Finds hard-coded Japanese era start dates that could be invalid.

Query	Expected impact	Change

The new class NamespaceAccess models accesses to namespaces, for example in nameof expressions.
The data-flow library now makes it easier to specify barriers/sanitizers arising from guards by overriding the predicate isBarrierGuard/isSanitizerGuard on data-flow and taint-tracking configurations respectively.
The data-flow library has been extended with a new feature to aid debugging. Instead of specifying isSink(Node n) { any() } on a configuration to explore the possible flow from a source, it is recommended to use the new Configuration::hasPartialFlow predicate, as this gives a more complete picture of the partial flow paths from a given source. The feature is disabled by default and can be enabled for individual configurations by overriding int explorationLimit().
foreach statements where the body is guaranteed to be executed at least once, such as foreach (var x in new string[]{ "a", "b", "c" }) { ... }, are now recognized by all analyses based on the control flow graph (such as SSA, data flow and taint tracking).