[krishnprakash/codeql] 0062eb: C#: Update remote flow sources test to also report...
0 views
Skip to first unread message
Phileco
Apr 22, 2026, 8:54:51 AM (6 days ago) Apr 22
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 0062eb12099f09ebd67837b41343037c542a8605
https://github.com/krishnprakash/codeql/commit/0062eb12099f09ebd67837b41343037c542a8605
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
Log Message:
-----------
C#: Update remote flow sources test to also report tainted members.
Commit: 77da545ab439c46924495c14088660956f25dd9e
https://github.com/krishnprakash/codeql/commit/77da545ab439c46924495c14088660956f25dd9e
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Reclassify some sources as AspNetRemoteFlowSource.
Commit: dba1b7539f48b298e28616c03a50bf03f1990795
https://github.com/krishnprakash/codeql/commit/dba1b7539f48b298e28616c03a50bf03f1990795
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Taint members of types used in ASP.NET remote flow source context.
Commit: 921d93e42707eef0b7a88544b93e6c070843d871
https://github.com/krishnprakash/codeql/commit/921d93e42707eef0b7a88544b93e6c070843d871
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/resources/stubs/System.Web.cs
Log Message:
-----------
C#: Add an ASP.NET flow source example when using the WebMethod attribute.
Commit: 8060d2ff24a9aa9ef0cc771c5e906dfba3e62f02
https://github.com/krishnprakash/codeql/commit/8060d2ff24a9aa9ef0cc771c5e906dfba3e62f02
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
Log Message:
-----------
C#: Streamline the implementation for ASP.NET Core tainted members.
Commit: dc0e7d4988e08f611906a059635ad6b6f2fc9144
https://github.com/krishnprakash/codeql/commit/dc0e7d4988e08f611906a059635ad6b6f2fc9144
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
Log Message:
-----------
C#: Add change-note.
Commit: 105508430587e29281bd893e2a86728b6c6781c1
https://github.com/krishnprakash/codeql/commit/105508430587e29281bd893e2a86728b6c6781c1
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Address review comments.
Commit: f826262f1d1e0be30bab3ebd895d3fc38da15c6d
https://github.com/krishnprakash/codeql/commit/f826262f1d1e0be30bab3ebd895d3fc38da15c6d
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
Log Message:
-----------
C#: Re-factor CollectionType into an abstract class and introduce getElementType predicate.
Commit: 2d6197fd7da9e534ea8eccb6462945915405b672
https://github.com/krishnprakash/codeql/commit/2d6197fd7da9e534ea8eccb6462945915405b672
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Generalize ASP.NET taint members to collection types.
Commit: 8b93ce274707c2ddcd83d348c3ee82cb8dfaf02f
https://github.com/krishnprakash/codeql/commit/8b93ce274707c2ddcd83d348c3ee82cb8dfaf02f
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
Log Message:
-----------
C#: Add ASP.NET test case for a collection type.
Commit: bca51a986c7a1b519cefd53c8d4f2163516e156a
https://github.com/krishnprakash/codeql/commit/bca51a986c7a1b519cefd53c8d4f2163516e156a
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-22 (Wed, 22 Apr 2026)
Changed paths:
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
M csharp/ql/test/resources/stubs/System.Web.cs
Log Message:
-----------
Merge pull request #21612 from michaelnebel/csharp/legacyasptaintedmember
C#: Taint members of types in ASP.NET user context.
Commit: af91702a0ebb94c7bf002866c95b9511f3759e1f
https://github.com/krishnprakash/codeql/commit/af91702a0ebb94c7bf002866c95b9511f3759e1f
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-04-22 (Wed, 22 Apr 2026)
Changed paths:
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
M csharp/ql/test/resources/stubs/System.Web.cs
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/22bca3aee6f0...af91702a0ebb
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: 0062eb12099f09ebd67837b41343037c542a8605
https://github.com/krishnprakash/codeql/commit/0062eb12099f09ebd67837b41343037c542a8605
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
Log Message:
-----------
C#: Update remote flow sources test to also report tainted members.
Commit: 77da545ab439c46924495c14088660956f25dd9e
https://github.com/krishnprakash/codeql/commit/77da545ab439c46924495c14088660956f25dd9e
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Reclassify some sources as AspNetRemoteFlowSource.
Commit: dba1b7539f48b298e28616c03a50bf03f1990795
https://github.com/krishnprakash/codeql/commit/dba1b7539f48b298e28616c03a50bf03f1990795
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Taint members of types used in ASP.NET remote flow source context.
Commit: 921d93e42707eef0b7a88544b93e6c070843d871
https://github.com/krishnprakash/codeql/commit/921d93e42707eef0b7a88544b93e6c070843d871
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/resources/stubs/System.Web.cs
Log Message:
-----------
C#: Add an ASP.NET flow source example when using the WebMethod attribute.
Commit: 8060d2ff24a9aa9ef0cc771c5e906dfba3e62f02
https://github.com/krishnprakash/codeql/commit/8060d2ff24a9aa9ef0cc771c5e906dfba3e62f02
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
Log Message:
-----------
C#: Streamline the implementation for ASP.NET Core tainted members.
Commit: dc0e7d4988e08f611906a059635ad6b6f2fc9144
https://github.com/krishnprakash/codeql/commit/dc0e7d4988e08f611906a059635ad6b6f2fc9144
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
Log Message:
-----------
C#: Add change-note.
Commit: 105508430587e29281bd893e2a86728b6c6781c1
https://github.com/krishnprakash/codeql/commit/105508430587e29281bd893e2a86728b6c6781c1
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Address review comments.
Commit: f826262f1d1e0be30bab3ebd895d3fc38da15c6d
https://github.com/krishnprakash/codeql/commit/f826262f1d1e0be30bab3ebd895d3fc38da15c6d
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
Log Message:
-----------
C#: Re-factor CollectionType into an abstract class and introduce getElementType predicate.
Commit: 2d6197fd7da9e534ea8eccb6462945915405b672
https://github.com/krishnprakash/codeql/commit/2d6197fd7da9e534ea8eccb6462945915405b672
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
Log Message:
-----------
C#: Generalize ASP.NET taint members to collection types.
Commit: 8b93ce274707c2ddcd83d348c3ee82cb8dfaf02f
https://github.com/krishnprakash/codeql/commit/8b93ce274707c2ddcd83d348c3ee82cb8dfaf02f
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-21 (Tue, 21 Apr 2026)
Changed paths:
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
Log Message:
-----------
C#: Add ASP.NET test case for a collection type.
Commit: bca51a986c7a1b519cefd53c8d4f2163516e156a
https://github.com/krishnprakash/codeql/commit/bca51a986c7a1b519cefd53c8d4f2163516e156a
Author: Michael Nebel <michae...@github.com>
Date: 2026-04-22 (Wed, 22 Apr 2026)
Changed paths:
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
M csharp/ql/test/resources/stubs/System.Web.cs
Log Message:
-----------
Merge pull request #21612 from michaelnebel/csharp/legacyasptaintedmember
C#: Taint members of types in ASP.NET user context.
Commit: af91702a0ebb94c7bf002866c95b9511f3759e1f
https://github.com/krishnprakash/codeql/commit/af91702a0ebb94c7bf002866c95b9511f3759e1f
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-04-22 (Wed, 22 Apr 2026)
Changed paths:
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
M csharp/ql/test/resources/stubs/System.Web.cs
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/22bca3aee6f0...af91702a0ebb
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages