Skip to content

Commit 08d1a2c

Browse files
committed
Reorder table and remove empty sections
1 parent 6eba338 commit 08d1a2c

File tree

1 file changed

+7
-11
lines changed

1 file changed

+7
-11
lines changed

change-notes/1.24/analysis-csharp.md

Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -17,15 +17,13 @@ The following changes in version 1.24 affect C# analysis in all applications.
1717

1818
| **Query** | **Expected impact** | **Change** |
1919
|------------------------------|------------------------|-----------------------------------|
20-
| Useless assignment to local variable (`cs/useless-assignment-to-local`) | Fewer false positive results | Results have been removed when the variable is named `_` in a `foreach` statement. |
21-
| Potentially dangerous use of non-short-circuit logic (`cs/non-short-circuit`) | Fewer false positive results | Results have been removed when the expression contains an `out` parameter. |
2220
| Dereferenced variable may be null (`cs/dereferenced-value-may-be-null`) | More results | Results are reported from parameters with a default value of `null`. |
21+
| Information exposure through an exception (`cs/information-exposure-through-exception`) | More results | The query now recognizes writes to cookies, writes to ASP.NET (`Inner`)`Text` properties, and email contents as additional sinks. |
22+
| Information exposure through transmitted data (`cs/sensitive-data-transmission`) | More results | The query now recognizes writes to cookies and writes to ASP.NET (`Inner`)`Text` properties as additional sinks. |
23+
| Potentially dangerous use of non-short-circuit logic (`cs/non-short-circuit`) | Fewer false positive results | Results have been removed when the expression contains an `out` parameter. |
2324
| Useless assignment to local variable (`cs/useless-assignment-to-local`) | Fewer false positive results | Results have been removed when the value assigned is an (implicitly or explicitly) cast default-like value. For example, `var s = (string)null` and `string s = default`. |
25+
| Useless assignment to local variable (`cs/useless-assignment-to-local`) | Fewer false positive results | Results have been removed when the variable is named `_` in a `foreach` statement. |
2426
| XPath injection (`cs/xml/xpath-injection`) | More results | The query now recognizes calls to methods on `System.Xml.XPath.XPathNavigator` objects. |
25-
| Information exposure through transmitted data (`cs/sensitive-data-transmission`) | More results | The query now recognizes writes to cookies and writes to ASP.NET (`Inner`)`Text` properties as additional sinks. |
26-
| Information exposure through an exception (`cs/information-exposure-through-exception`) | More results | The query now recognizes writes to cookies, writes to ASP.NET (`Inner`)`Text` properties, and email contents as additional sinks. |
27-
28-
## Removal of old queries
2927

3028
## Changes to code extraction
3129

@@ -37,13 +35,11 @@ The following changes in version 1.24 affect C# analysis in all applications.
3735
## Changes to libraries
3836

3937
* The data-flow library has been improved, which affects and improves most security queries. The improvements are:
40-
- Track flow through methods that combine taint tracking with flow through fields.
41-
- Track flow through clone-like methods, that is, methods that read contents of a field from a
42-
parameter and stores the value in the field of a returned object.
38+
- Track flow through methods that combine taint tracking with flow through fields.
39+
- Track flow through clone-like methods, that is, methods that read contents of a field from a
40+
parameter and stores the value in the field of a returned object.
4341
* The taint tracking library now tracks flow through (implicit or explicit) conversion operator calls.
4442
* [Code contracts](https://docs.microsoft.com/en-us/dotnet/framework/debug-trace-profile/code-contracts) are now recognized, and are treated like any other assertion methods.
4543
* Expression nullability flow state is given by the predicates `Expr.hasNotNullFlowState()` and `Expr.hasMaybeNullFlowState()`.
4644
* `stackalloc` array creations are now represented by the QL class `Stackalloc`. Previously they were represented by the class `ArrayCreation`.
4745
* A new class `RemoteFlowSink` has been added to model sinks where data might be exposed to external users. Examples include web page output, e-mails, and cookies.
48-
49-
## Changes to autobuilder

0 commit comments

Comments
 (0)