Analysis in all applications
The following changes in version 1.19 affect C# analysis in all applications.
Changes to the autobuilder
During code extraction, when determining the target of
dotnet build, the autobuilder now looks for:
- and finally
In all three cases, when multiple files of the same type are found, the project/solution file closest to the root is used to build the project.
Control flow graph improvements
- The control flow graph construction now takes simple Boolean conditions on local scope variables into account. For example, in
if (b) x = 0; if (b) x = 1;, the control flow graph will reflect the fact that taking the
false) branch in the first condition implies taking the same branch in the second condition. In effect, the first assignment to
xwill now be identified as being dead.
- Code that is only reachable from a constant failing assertion, such as
Debug.Assert(false), is considered to be unreachable.
| Uncontrolled format string (
||security, external/cwe/cwe-134|| Finds data flow from remote inputs to the format string in
| Using a package with a known vulnerability (
||security, external/cwe/cwe-937||Finds project build files that import packages with known vulnerabilities. Results are shown on LGTM by default.|
Changes to existing queries
| Cross-site scripting (
||More results||Finds cross-site scripting vulnerabilities in ASP.NET Core applications.|
| Inconsistent lock sequence (
||More results||Finds inconsistent lock sequences globally across calls.|
| Local scope variable shadows member (
||Fewer results||Results have been removed where a constructor parameter shadows a member, because the parameter is probably used to initialize the member.|
Changes to code extraction
- Arguments passed using
inare now extracted.
- Fixed a bug where the
dynamictype name was not extracted correctly in certain circumstances.
Changes to QL libraries
AccessorCallhas been improved so it now takes tuple assignments into account. For example, the argument for the implicit
valueparameter in the setter of property
(P, x) = (0, 1). Additionally, the argument for the
valueparameter in compound assignments is now only the expanded value, for example, in
P += 7the argument is
P + 7and not
- The predicate
isInArgument()has been added to the
AssignableAccessclass. This holds for expressions that are passed as arguments using
Additional changes for analysis in QL tools and applications only
There are no additional changes that affect C# analysis only in QL for Eclipse, and the QL command-line tools.