C#: Convert cs/log-forging tests to inline expectations.

2025-12-17 01:03:14 +01:00 · 2025-04-02 10:33:08 +02:00
parent 60e3b4351a
commit 08159896f3
4 changed files with 27 additions and 12 deletions
--- a/csharp/ql/test/query-tests/Security
+++ b/csharp/ql/test/query-tests/Security
@@ -15,10 +15,10 @@ public class LogForgingHandler : IHttpHandler

    public void ProcessRequest(HttpContext ctx)
    {
-        String username = ctx.Request.QueryString["username"];
+        String username = ctx.Request.QueryString["username"]; // $ Source
        ILogger logger = new ILogger();
        // BAD: Logged as-is
-        logger.Warn(username + " logged in");
+        logger.Warn(username + " logged in"); // $ Alert
        // GOOD: New-lines removed
        logger.Warn(username.Replace(Environment.NewLine, "") + " logged in");
        // GOOD: New-lines removed
@@ -28,11 +28,11 @@ public class LogForgingHandler : IHttpHandler
        // GOOD: Html encoded
        logger.Warn(WebUtility.HtmlEncode(username) + " logged in");
        // BAD: Logged as-is to TraceSource
-        new TraceSource("Test").TraceInformation(username + " logged in");
+        new TraceSource("Test").TraceInformation(username + " logged in"); // $ Alert

        Microsoft.Extensions.Logging.ILogger logger2 = null;
        // BAD: Logged as-is
-        logger2.LogError(username);
+        logger2.LogError(username); // $ Alert
    }

    public bool IsReusable
--- a/Features/CWE-117/LogForging.expected
+++ b/Features/CWE-117/LogForging.expected
@@ -2,7 +2,9 @@
 | LogForging.cs:21:21:21:43 | ... + ... | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:21:21:21:43 | ... + ... | This log entry depends on a $@. | LogForging.cs:18:27:18:49 | access to property QueryString | user-provided value |
 | LogForging.cs:31:50:31:72 | ... + ... | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:31:50:31:72 | ... + ... | This log entry depends on a $@. | LogForging.cs:18:27:18:49 | access to property QueryString | user-provided value |
 | LogForging.cs:35:26:35:33 | access to local variable username | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:35:26:35:33 | access to local variable username | This log entry depends on a $@. | LogForging.cs:18:27:18:49 | access to property QueryString | user-provided value |
-| LogForgingAsp.cs:12:21:12:43 | ... + ... | LogForgingAsp.cs:8:32:8:39 | username : String | LogForgingAsp.cs:12:21:12:43 | ... + ... | This log entry depends on a $@. | LogForgingAsp.cs:8:32:8:39 | username | user-provided value |
+| LogForgingAsp.cs:17:21:17:43 | ... + ... | LogForgingAsp.cs:13:32:13:39 | username : String | LogForgingAsp.cs:17:21:17:43 | ... + ... | This log entry depends on a $@. | LogForgingAsp.cs:13:32:13:39 | username | user-provided value |
+| LogForgingAsp.cs:86:21:86:50 | $"..." | LogForgingAsp.cs:82:37:82:37 | e : TestEnum | LogForgingAsp.cs:86:21:86:50 | $"..." | This log entry depends on a $@. | LogForgingAsp.cs:82:37:82:37 | e | user-provided value |
+| LogForgingAsp.cs:93:21:93:61 | $"..." | LogForgingAsp.cs:89:47:89:48 | dt : DateTimeOffset | LogForgingAsp.cs:93:21:93:61 | $"..." | This log entry depends on a $@. | LogForgingAsp.cs:89:47:89:48 | dt | user-provided value |
 edges
 | LogForging.cs:18:16:18:23 | access to local variable username : String | LogForging.cs:21:21:21:43 | ... + ... | provenance |  |
 | LogForging.cs:18:16:18:23 | access to local variable username : String | LogForging.cs:31:50:31:72 | ... + ... | provenance |  |
@@ -10,7 +12,9 @@ edges
 | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:18:16:18:23 | access to local variable username : String | provenance |  |
 | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:18:27:18:61 | access to indexer : String | provenance | MaD:1 |
 | LogForging.cs:18:27:18:61 | access to indexer : String | LogForging.cs:18:16:18:23 | access to local variable username : String | provenance |  |
-| LogForgingAsp.cs:8:32:8:39 | username : String | LogForgingAsp.cs:12:21:12:43 | ... + ... | provenance |  |
+| LogForgingAsp.cs:13:32:13:39 | username : String | LogForgingAsp.cs:17:21:17:43 | ... + ... | provenance |  |
+| LogForgingAsp.cs:82:37:82:37 | e : TestEnum | LogForgingAsp.cs:86:21:86:50 | $"..." | provenance |  |
+| LogForgingAsp.cs:89:47:89:48 | dt : DateTimeOffset | LogForgingAsp.cs:93:21:93:61 | $"..." | provenance |  |
 models
 | 1 | Summary: System.Collections.Specialized; NameValueCollection; false; get_Item; (System.String); ; Argument[this]; ReturnValue; taint; df-generated |
 nodes
@@ -20,6 +24,15 @@ nodes
 | LogForging.cs:21:21:21:43 | ... + ... | semmle.label | ... + ... |
 | LogForging.cs:31:50:31:72 | ... + ... | semmle.label | ... + ... |
 | LogForging.cs:35:26:35:33 | access to local variable username | semmle.label | access to local variable username |
-| LogForgingAsp.cs:8:32:8:39 | username : String | semmle.label | username : String |
-| LogForgingAsp.cs:12:21:12:43 | ... + ... | semmle.label | ... + ... |
+| LogForgingAsp.cs:13:32:13:39 | username : String | semmle.label | username : String |
+| LogForgingAsp.cs:17:21:17:43 | ... + ... | semmle.label | ... + ... |
+| LogForgingAsp.cs:82:37:82:37 | e : TestEnum | semmle.label | e : TestEnum |
+| LogForgingAsp.cs:86:21:86:50 | $"..." | semmle.label | $"..." |
+| LogForgingAsp.cs:89:47:89:48 | dt : DateTimeOffset | semmle.label | dt : DateTimeOffset |
+| LogForgingAsp.cs:93:21:93:61 | $"..." | semmle.label | $"..." |
 subpaths
+testFailures
+| LogForgingAsp.cs:82:37:82:37 | e : TestEnum | Unexpected result: Source |
+| LogForgingAsp.cs:86:21:86:50 | $"..." | Unexpected result: Alert |
+| LogForgingAsp.cs:89:47:89:48 | dt : DateTimeOffset | Unexpected result: Source |
+| LogForgingAsp.cs:93:21:93:61 | $"..." | Unexpected result: Alert |
--- a/csharp/ql/test/query-tests/Security
+++ b/csharp/ql/test/query-tests/Security
@@ -1,2 +1,4 @@
 query: Security Features/CWE-117/LogForging.ql
-postprocess: utils/test/PrettyPrintModels.ql
+postprocess:
+  - utils/test/PrettyPrintModels.ql
+  - utils/test/InlineExpectationsTestQuery.ql
--- a/csharp/ql/test/query-tests/Security
+++ b/csharp/ql/test/query-tests/Security
@@ -10,11 +10,11 @@ public enum TestEnum

 public class AspController : ControllerBase
 {
-    public void Action1(string username)
+    public void Action1(string username) // $ Source
    {
        var logger = new ILogger();
        // BAD: Logged as-is
-        logger.Warn(username + " logged in");
+        logger.Warn(username + " logged in"); // $ Alert
    }

    public void Action1(DateTime date)
@@ -89,7 +89,7 @@ public class AspController : ControllerBase
    public void ActionDateTime(DateTimeOffset dt)
    {
        var logger = new ILogger();
-        // GOOD: DateTimeOffset is a sanitizer. [FALSEPOSITIVE]
+        // GOOD: DateTimeOffset is a sanitizer. [FALSE POSITIVE]
        logger.Warn($"Warning about the DateTimeOffset: {dt}");
    }
 }