codeql
codeql copied to clipboard
Published
20 hours ago •
github
github
csharp update MaD for HttpRequestMessage
trafficstars
There is an autogenerated MaD for System.Net.Http.HttpRequestMessage constructor where Uri class is one of the parameters. However, it's missing the overloaded constructor where the parameter is a string URL.
- https://learn.microsoft.com/en-us/dotnet/api/system.net.http.httprequestmessage.-ctor?view=net-8.0
Both versions of the constructor can have taint flow, such as for SSRF. This PR adds the missing MaD for the overloaded constructor.
:warning: The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.
Click to show differences in coverage
csharp
Generated file changes for csharp
- Changes to framework-coverage-csharp.rst:
- System,"``System.*``, ``System``",25,11862,67,9
+ System,"``System.*``, ``System``",25,11864,67,9
- Totals,,31,13410,409,9
+ Totals,,31,13412,409,9
- Changes to framework-coverage-csharp.csv:
- System,67,25,11862,,8,8,9,,,4,5,,33,1,17,3,4,9896,1966
+ System,67,25,11864,,8,8,9,,,4,5,,33,1,17,3,4,9898,1966
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
