hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Update EntityFrameworkCore test

Browse Source
This commit is contained in:
Tom Hvitved
2019-11-28 15:28:50 +01:00
parent af453d081e
commit 04cecc04dd
2 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
csharp/ql/test/library-tests/frameworks/EntityFramework/Dataflow.expected
View File

@@ -3,6 +3,5 @@
| EntityFrameworkCore.cs:50:18:50:28 | access to local variable taintSource | EntityFrameworkCore.cs:47:31:47:39 | "tainted" |
| EntityFrameworkCore.cs:51:18:51:46 | (...) ... | EntityFrameworkCore.cs:47:31:47:39 | "tainted" |
| EntityFrameworkCore.cs:52:18:52:42 | (...) ... | EntityFrameworkCore.cs:47:31:47:39 | "tainted" |
| EntityFrameworkCore.cs:53:18:53:66 | (...) ... | EntityFrameworkCore.cs:47:31:47:39 | "tainted" |
| EntityFrameworkCore.cs:60:18:60:24 | access to property Name | EntityFrameworkCore.cs:47:31:47:39 | "tainted" |
| EntityFrameworkCore.cs:61:18:61:34 | access to property Name | EntityFrameworkCore.cs:47:31:47:39 | "tainted" |

2
csharp/ql/test/library-tests/frameworks/EntityFramework/EntityFrameworkCore.cs
View File

@@ -50,7 +50,7 @@ namespace EFCoreTests
Sink(taintSource); // Tainted
Sink(new RawSqlString(taintSource)); // Tainted
Sink((RawSqlString)taintSource); // Tainted
Sink((RawSqlString)(FormattableString)$"{taintSource}"); // Tainted
Sink((RawSqlString)(FormattableString)$"{taintSource}"); // Tainted, but not reported because conversion operator is in a stub .cs file
// Tainted via database, even though technically there were no reads or writes to the database in this particular case.
var p1 = new Person { Name = taintSource };