mirror of
https://github.com/github/codeql.git
synced 2026-04-18 21:44:02 +02:00
C#: Remove CIL dataflow tests.
This commit is contained in:
Michael Nebel
@@ -1,113 +0,0 @@
|
||||
stubs
|
||||
alwaysNull
|
||||
| System.Object Dataflow.NullMethods.ReturnsNull2() | 0: ldarg.0, 1: call Dataflow.NullMethods.ReturnsNull, 2: ret |
|
||||
| System.Object Dataflow.NullMethods.ReturnsNull() | 0: ldnull, 1: ret |
|
||||
| System.Object Dataflow.NullMethods.ReturnsNullIndirect() | 0: ldarg.0, 1: call Dataflow.NullMethods.ReturnsNull, 2: ret |
|
||||
| System.Object Dataflow.NullMethods.VirtualReturnsNull() | 0: ldnull, 1: ret |
|
||||
| System.Object Dataflow.NullMethods.get_NullProperty() | 0: ldnull, 1: ret |
|
||||
| System.Object Dataflow.NullMethods.get_VirtualNullProperty() | 0: ldnull, 1: ret |
|
||||
| System.Object System.Collections.EmptyReadOnlyDictionaryInternal.get_Item(System.Object) | 0: ldarg.1, 1: ldstr "key", 2: call System.ArgumentNullException.ThrowIfNull, 3: ldnull, 4: ret |
|
||||
alwaysNonNull
|
||||
| System.ArgumentException System.ThrowHelper.GetAddingDuplicateWithKeyArgumentException(System.Object) |
|
||||
| System.ArgumentException System.ThrowHelper.GetWrongKeyTypeArgumentException(System.Object,System.Type) |
|
||||
| System.ArgumentException System.ThrowHelper.GetWrongValueTypeArgumentException(System.Object,System.Type) |
|
||||
| System.Collections.Generic.KeyNotFoundException System.ThrowHelper.GetKeyNotFoundException(System.Object) |
|
||||
| System.Exception System.ThrowHelper.CreateEndOfFileException() |
|
||||
| System.Exception System.ThrowHelper.GetArraySegmentCtorValidationFailedException(System.Array,System.Int32,System.Int32) |
|
||||
| System.InvalidOperationException System.ThrowHelper.GetInvalidOperationException_EnumCurrent(System.Int32) |
|
||||
| System.Object Dataflow.NonNullMethods.ReturnsNonNull2() |
|
||||
| System.Object Dataflow.NonNullMethods.ReturnsNonNull() |
|
||||
| System.Object Dataflow.NonNullMethods.ReturnsNonNullIndirect() |
|
||||
| System.Object Dataflow.NonNullMethods.get_VirtualNonNull() |
|
||||
| System.Object Dataflow.NonNullMethods.get_VirtualNonNullProperty() |
|
||||
| System.Reflection.AmbiguousMatchException System.ThrowHelper.GetAmbiguousMatchException(System.Attribute) |
|
||||
| System.Reflection.AmbiguousMatchException System.ThrowHelper.GetAmbiguousMatchException(System.Reflection.MemberInfo) |
|
||||
| System.String Dataflow.NonNullMethods.get_NonNullProperty2() |
|
||||
| System.String System.ThrowHelper.GetArgumentName(System.ExceptionArgument) |
|
||||
| System.Text.Encoder System.Text.ASCIIEncoding.GetEncoder() |
|
||||
| System.Text.Encoder System.Text.Encoding.GetEncoder() |
|
||||
| System.Text.Encoder System.Text.Latin1Encoding.GetEncoder() |
|
||||
| System.Text.Encoder System.Text.UTF7Encoding.GetEncoder() |
|
||||
| System.Text.Encoder System.Text.UTF8Encoding.GetEncoder() |
|
||||
| System.Text.Encoder System.Text.UTF32Encoding.GetEncoder() |
|
||||
| System.Text.Encoder System.Text.UnicodeEncoding.GetEncoder() |
|
||||
alwaysThrows
|
||||
| System.Object Dataflow.ThrowingMethods.AlwaysThrows() | System.InvalidOperationException | 0: newobj System.InvalidOperationException..ctor, 1: throw |
|
||||
| System.Object Dataflow.ThrowingMethods.VirtualThrows() | System.Exception | 0: newobj System.Exception..ctor, 1: throw |
|
||||
| System.Object Dataflow.ThrowingMethods.get_ThrowProperty() | System.Exception | 0: newobj System.Exception..ctor, 1: throw |
|
||||
| System.Object Dataflow.ThrowingMethods.get_VirtualThrowProperty() | System.Exception | 0: newobj System.Exception..ctor, 1: throw |
|
||||
| System.Object System.ValueTuple.get_Item(System.Int32) | System.IndexOutOfRangeException | 0: newobj System.IndexOutOfRangeException..ctor, 1: throw |
|
||||
| System.Void System.Reflection.InvokerEmitUtil.ThrowHelper.Throw_NullReference_InvokeNullRefReturned() | System.NullReferenceException | 0: call System.SR.get_NullReference_InvokeNullRefReturned, 1: newobj System.NullReferenceException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ArgumentOutOfRangeException_Enum_Value() | System.ArgumentOutOfRangeException | 0: ldstr "value", 1: call System.SR.get_ArgumentOutOfRange_Enum, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowAccessViolationException() | System.AccessViolationException | 0: newobj System.AccessViolationException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowAddingDuplicateWithKeyArgumentException`1(!0) | System.ArgumentException | 0: ldarg.0, 1: box, 2: call System.ThrowHelper.GetAddingDuplicateWithKeyArgumentException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowAggregateException(System.Collections.Generic.List<System.Exception>) | System.AggregateException | 0: ldarg.0, 1: newobj System.AggregateException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_Arg_CannotBeNaN() | System.ArgumentException | 0: call System.SR.get_Arg_CannotBeNaN, 1: newobj System.ArgumentException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_ArgumentNull_TypedRefType() | System.ArgumentNullException | 0: ldstr "value", 1: call System.SR.get_ArgumentNull_TypedRefType, 2: newobj System.ArgumentNullException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_Argument_IncompatibleArrayType() | System.ArgumentException | 0: call System.SR.get_Argument_IncompatibleArrayType, 1: newobj System.ArgumentException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_BadComparer(System.Object) | System.ArgumentException | 0: call System.SR.get_Arg_BogusIComparer, 1: ldarg.0, 2: call System.SR.Format, 3: newobj System.ArgumentException..ctor, 4: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_CannotExtractScalar(System.ExceptionArgument) | System.ArgumentException | 0: ldc.i4.s 31, 1: ldarg.0, 2: call System.ThrowHelper.GetArgumentException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_DestinationTooShort() | System.ArgumentException | 0: call System.SR.get_Argument_DestinationTooShort, 1: ldstr "destination", 2: newobj System.ArgumentException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_HandleNotAsync(System.String) | System.ArgumentException | 0: call System.SR.get_Arg_HandleNotAsync, 1: ldarg.0, 2: newobj System.ArgumentException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_HandleNotSync(System.String) | System.ArgumentException | 0: call System.SR.get_Arg_HandleNotSync, 1: ldarg.0, 2: newobj System.ArgumentException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_InvalidHandle(System.String) | System.ArgumentException | 0: call System.SR.get_Arg_InvalidHandle, 1: ldarg.0, 2: newobj System.ArgumentException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_OverlapAlignmentMismatch() | System.ArgumentException | 0: call System.SR.get_Argument_OverlapAlignmentMismatch, 1: newobj System.ArgumentException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentException_TupleIncorrectType(System.Object) | System.ArgumentException | 0: call System.SR.get_ArgumentException_ValueTupleIncorrectType, 1: ldarg.0, 2: callvirt System.Object.GetType, 3: call System.SR.Format, 4: ldstr "other", 5: newobj System.ArgumentException..ctor, 6: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentNullException(System.ExceptionArgument) | System.ArgumentNullException | 0: ldarg.0, 1: call System.ThrowHelper.GetArgumentName, 2: newobj System.ArgumentNullException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRangeException() | System.ArgumentOutOfRangeException | 0: newobj System.ArgumentOutOfRangeException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument) | System.ArgumentOutOfRangeException | 0: ldarg.0, 1: call System.ThrowHelper.GetArgumentName, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRangeException_NeedNonNegNum(System.String) | System.ArgumentOutOfRangeException | 0: ldarg.0, 1: call System.SR.get_ArgumentOutOfRange_NeedNonNegNum, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRangeException_PrecisionTooLarge() | System.ArgumentOutOfRangeException | 0: ldstr "precision", 1: call System.SR.get_Argument_PrecisionTooLarge, 2: ldc.i4.s 31, 3: box, 4: call System.SR.Format, 5: newobj System.ArgumentOutOfRangeException..ctor, 6: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRangeException_SymbolDoesNotFit() | System.ArgumentOutOfRangeException | 0: ldstr "symbol", 1: call System.SR.get_Argument_BadFormatSpecifier, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_BadHourMinuteSecond() | System.ArgumentOutOfRangeException | 0: ldnull, 1: call System.SR.get_ArgumentOutOfRange_BadHourMinuteSecond, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_BadYearMonthDay() | System.ArgumentOutOfRangeException | 0: ldnull, 1: call System.SR.get_ArgumentOutOfRange_BadYearMonthDay, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_DayNumber(System.Int32) | System.ArgumentOutOfRangeException | 0: ldstr "dayNumber", 1: ldarg.0, 2: box, 3: call System.SR.get_ArgumentOutOfRange_DayNumber, 4: newobj System.ArgumentOutOfRangeException..ctor, 5: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_IndexMustBeLessException() | System.ArgumentOutOfRangeException | 0: ldc.i4.s 31, 1: ldc.i4.1, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_IndexMustBeLessOrEqualException() | System.ArgumentOutOfRangeException | 0: ldc.i4.s 31, 1: ldc.i4.0, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_Month(System.Int32) | System.ArgumentOutOfRangeException | 0: ldstr "month", 1: ldarg.0, 2: box, 3: call System.SR.get_ArgumentOutOfRange_Month, 4: newobj System.ArgumentOutOfRangeException..ctor, 5: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_Range`1(System.String,!0,!0,!0) | System.ArgumentOutOfRangeException | 0: ldarg.0, 1: ldarg.1, 2: box, 3: call System.SR.get_ArgumentOutOfRange_Range, 4: ldarg.2, 5: box, 6: ldarg.3, 7: box, 8: call System.SR.Format, 9: newobj System.ArgumentOutOfRangeException..ctor, 10: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_TimeSpanTooLong() | System.ArgumentOutOfRangeException | 0: ldnull, 1: call System.SR.get_Overflow_TimeSpanTooLong, 2: newobj System.ArgumentOutOfRangeException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArgumentOutOfRange_Year() | System.ArgumentOutOfRangeException | 0: ldc.i4.s 31, 1: ldc.i4.5, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArraySegmentCtorValidationFailedExceptions(System.Array,System.Int32,System.Int32) | System.Exception | 0: ldarg.0, 1: ldarg.1, 2: ldarg.2, 3: call System.ThrowHelper.GetArraySegmentCtorValidationFailedException, 4: throw |
|
||||
| System.Void System.ThrowHelper.ThrowArrayTypeMismatchException() | System.ArrayTypeMismatchException | 0: newobj System.ArrayTypeMismatchException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowCountArgumentOutOfRange_ArgumentOutOfRange_Count() | System.ArgumentOutOfRangeException | 0: ldc.i4.s 31, 1: ldc.i4.4, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowEndOfFileException() | System.Exception | 0: call System.ThrowHelper.CreateEndOfFileException, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowFormatException_BadBoolean(System.ReadOnlySpan<System.Char>) | System.FormatException | 0: call System.SR.get_Format_BadBoolean, 1: ldarg.0, 2: newobj System.String..ctor, 3: call System.SR.Format, 4: newobj System.FormatException..ctor, 5: throw |
|
||||
| System.Void System.ThrowHelper.ThrowFormatException_BadFormatSpecifier() | System.FormatException | 0: call System.SR.get_Argument_BadFormatSpecifier, 1: newobj System.FormatException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowFormatException_NeedSingleChar() | System.FormatException | 0: call System.SR.get_Format_NeedSingleChar, 1: newobj System.FormatException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowFormatIndexOutOfRange() | System.FormatException | 0: call System.SR.get_Format_IndexOutOfRange, 1: newobj System.FormatException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowFormatInvalidString() | System.FormatException | 0: call System.SR.get_Format_InvalidString, 1: newobj System.FormatException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowIndexArgumentOutOfRange_NeedNonNegNumException() | System.ArgumentOutOfRangeException | 0: ldc.i4.s 31, 1: ldc.i4.s 31, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowIndexOutOfRangeException() | System.IndexOutOfRangeException | 0: newobj System.IndexOutOfRangeException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException() | System.InvalidOperationException | 0: newobj System.InvalidOperationException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_ConcurrentOperationsNotSupported() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_ConcurrentOperationsNotSupported, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_EnumCurrent(System.Int32) | System.InvalidOperationException | 0: ldarg.0, 1: call System.ThrowHelper.GetInvalidOperationException_EnumCurrent, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_HandleIsNotInitialized() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_HandleIsNotInitialized, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_HandleIsNotPinned() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_HandleIsNotPinned, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_InvalidOperation_EnumEnded() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_EnumEnded, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_InvalidOperation_EnumFailedVersion() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_EnumFailedVersion, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_InvalidOperation_EnumNotStarted() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_EnumNotStarted, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_InvalidOperation_EnumOpCantHappen() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_EnumOpCantHappen, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_InvalidOperation_NoValue() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_NoValue, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidOperationException_InvalidUtf8() | System.InvalidOperationException | 0: call System.SR.get_InvalidOperation_InvalidUtf8, 1: newobj System.InvalidOperationException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowInvalidTypeWithPointersNotSupported(System.Type) | System.ArgumentException | 0: call System.SR.get_Argument_InvalidTypeWithPointersNotSupported, 1: ldarg.0, 2: call System.SR.Format, 3: newobj System.ArgumentException..ctor, 4: throw |
|
||||
| System.Void System.ThrowHelper.ThrowKeyNotFoundException`1(!0) | System.Collections.Generic.KeyNotFoundException | 0: ldarg.0, 1: box, 2: call System.ThrowHelper.GetKeyNotFoundException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowLengthArgumentOutOfRange_ArgumentOutOfRange_NeedNonNegNum() | System.ArgumentOutOfRangeException | 0: ldc.i4.s 31, 1: ldc.i4.s 31, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowNotSupportedException() | System.NotSupportedException | 0: newobj System.NotSupportedException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowNotSupportedException_UnreadableStream() | System.NotSupportedException | 0: call System.SR.get_NotSupported_UnreadableStream, 1: newobj System.NotSupportedException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowNotSupportedException_UnseekableStream() | System.NotSupportedException | 0: call System.SR.get_NotSupported_UnseekableStream, 1: newobj System.NotSupportedException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowNotSupportedException_UnwritableStream() | System.NotSupportedException | 0: call System.SR.get_NotSupported_UnwritableStream, 1: newobj System.NotSupportedException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowObjectDisposedException(System.Object) | System.ObjectDisposedException | 0: ldarg.0, 1: brtrue.s 4:, 2: ldnull, 3: br.s 7:, 4: ldarg.0, 5: call System.Object.GetType, 6: callvirt System.Type.get_FullName, 7: newobj System.ObjectDisposedException..ctor, 8: throw |
|
||||
| System.Void System.ThrowHelper.ThrowObjectDisposedException(System.Type) | System.ObjectDisposedException | 0: ldarg.0, 1: brtrue.s 4:, 2: ldnull, 3: br.s 6:, 4: ldarg.0, 5: callvirt System.Type.get_FullName, 6: newobj System.ObjectDisposedException..ctor, 7: throw |
|
||||
| System.Void System.ThrowHelper.ThrowObjectDisposedException_FileClosed() | System.ObjectDisposedException | 0: ldnull, 1: call System.SR.get_ObjectDisposed_FileClosed, 2: newobj System.ObjectDisposedException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowObjectDisposedException_StreamClosed(System.String) | System.ObjectDisposedException | 0: ldarg.0, 1: call System.SR.get_ObjectDisposed_StreamClosed, 2: newobj System.ObjectDisposedException..ctor, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowOutOfMemoryException() | System.OutOfMemoryException | 0: newobj System.OutOfMemoryException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowOutOfMemoryException_StringTooLong() | System.OutOfMemoryException | 0: call System.SR.get_OutOfMemory_StringTooLong, 1: newobj System.OutOfMemoryException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowOverflowException() | System.OverflowException | 0: newobj System.OverflowException..ctor, 1: throw |
|
||||
| System.Void System.ThrowHelper.ThrowOverflowException_TimeSpanTooLong() | System.OverflowException | 0: call System.SR.get_Overflow_TimeSpanTooLong, 1: newobj System.OverflowException..ctor, 2: throw |
|
||||
| System.Void System.ThrowHelper.ThrowStartIndexArgumentOutOfRange_ArgumentOutOfRange_IndexMustBeLess() | System.ArgumentOutOfRangeException | 0: ldc.i4.8, 1: ldc.i4.1, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowStartIndexArgumentOutOfRange_ArgumentOutOfRange_IndexMustBeLessOrEqual() | System.ArgumentOutOfRangeException | 0: ldc.i4.8, 1: ldc.i4.0, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowUnexpectedStateForKnownCallback(System.Object) | System.ArgumentOutOfRangeException | 0: ldstr "state", 1: ldarg.0, 2: call System.SR.get_Argument_UnexpectedStateForKnownCallback, 3: newobj System.ArgumentOutOfRangeException..ctor, 4: throw |
|
||||
| System.Void System.ThrowHelper.ThrowValueArgumentOutOfRange_NeedNonNegNumException() | System.ArgumentOutOfRangeException | 0: ldc.i4.7, 1: ldc.i4.s 31, 2: call System.ThrowHelper.GetArgumentOutOfRangeException, 3: throw |
|
||||
| System.Void System.ThrowHelper.ThrowWrongKeyTypeArgumentException`1(!0,System.Type) | System.ArgumentException | 0: ldarg.0, 1: box, 2: ldarg.1, 3: call System.ThrowHelper.GetWrongKeyTypeArgumentException, 4: throw |
|
||||
| System.Void System.ThrowHelper.ThrowWrongValueTypeArgumentException`1(!0,System.Type) | System.ArgumentException | 0: ldarg.0, 1: box, 2: ldarg.1, 3: call System.ThrowHelper.GetWrongValueTypeArgumentException, 4: throw |
|
||||
@@ -1,39 +0,0 @@
|
||||
import cil
|
||||
import semmle.code.cil.CallableReturns
|
||||
|
||||
predicate relevantMethod(CIL::Method m) {
|
||||
m.getName() = "GetEncoder" and not m.getDeclaringType().getName() = "OSEncoding"
|
||||
or
|
||||
m.getName() = "get_Item"
|
||||
or
|
||||
m.getDeclaringType().getName() = "ThrowHelper" and
|
||||
not m.getParameter(_).getType().getName() = "ExceptionResource"
|
||||
or
|
||||
m.getLocation().(CIL::Assembly).getName().matches("DataFlow%")
|
||||
}
|
||||
|
||||
// Check that the assembly hasn't been marked as a stub.
|
||||
query predicate stubs(string str) {
|
||||
exists(CIL::Assembly asm | CIL::assemblyIsStub(asm) | str = asm.toString())
|
||||
}
|
||||
|
||||
query predicate alwaysNull(string s, string d) {
|
||||
exists(CIL::Method m |
|
||||
alwaysNullMethod(m) and
|
||||
s = m.toStringWithTypes() and
|
||||
relevantMethod(m) and
|
||||
d = m.getImplementation().getDisassembly()
|
||||
)
|
||||
}
|
||||
|
||||
query predicate alwaysNonNull(string s) {
|
||||
exists(CIL::Method m | alwaysNotNullMethod(m) and s = m.toStringWithTypes() and relevantMethod(m))
|
||||
}
|
||||
|
||||
query predicate alwaysThrows(string s, string ex, string d) {
|
||||
exists(CIL::Method m, CIL::Type t | alwaysThrowsException(m, t) and relevantMethod(m) |
|
||||
s = m.toStringWithTypes() and
|
||||
ex = t.toStringWithTypes() and
|
||||
d = m.getImplementation().getDisassembly()
|
||||
)
|
||||
}
|
||||
@@ -1,2 +0,0 @@
|
||||
| dataflow.cs:55:9:55:18 | call to method DeadCode |
|
||||
| dataflow.cs:63:9:63:18 | call to method DeadCode |
|
||||
@@ -1,6 +0,0 @@
|
||||
import csharp
|
||||
|
||||
query predicate deadCode(MethodCall c) {
|
||||
c.getTarget().getName() = "DeadCode" and
|
||||
not exists(ControlFlow::Node node | node.getAstNode() = c)
|
||||
}
|
||||
@@ -1,178 +0,0 @@
|
||||
// Generate DataFlow.dll: `csc /o /target:library DataFlow.cs_ /out:DataFlow.dll`
|
||||
|
||||
using System;
|
||||
|
||||
namespace Dataflow
|
||||
{
|
||||
public class NullMethods
|
||||
{
|
||||
public object ReturnsNull() => null;
|
||||
|
||||
public object ReturnsNull2()
|
||||
{
|
||||
var x = ReturnsNull();
|
||||
return x;
|
||||
}
|
||||
|
||||
// Does not necessarily return null because of virtual method call.
|
||||
public object NotReturnsNull() => VirtualReturnsNull();
|
||||
|
||||
public object ReturnsNullIndirect() => ReturnsNull();
|
||||
|
||||
public virtual object VirtualReturnsNull() => null;
|
||||
|
||||
public object NullProperty { get => null; }
|
||||
|
||||
public virtual object VirtualNullProperty { get => null; }
|
||||
}
|
||||
|
||||
public class NonNullMethods
|
||||
{
|
||||
public object ReturnsNonNull() => new object();
|
||||
|
||||
public object ReturnsNonNull2()
|
||||
{
|
||||
var x = ReturnsNonNull();
|
||||
return x;
|
||||
}
|
||||
|
||||
public object ReturnsNonNullIndirect() => ReturnsNonNull();
|
||||
|
||||
public object NonNullProperty { get => 1; }
|
||||
|
||||
public string NonNullProperty2 { get => "not null"; }
|
||||
|
||||
public virtual object VirtualNonNull { get => "not null"; }
|
||||
|
||||
public bool cond = false;
|
||||
|
||||
public string MaybeNull()
|
||||
{
|
||||
if (cond)
|
||||
return null;
|
||||
else
|
||||
return "not null";
|
||||
}
|
||||
|
||||
public string MaybeNull2()
|
||||
{
|
||||
return cond ? null : "not null";
|
||||
}
|
||||
|
||||
public virtual object VirtualNonNullProperty { get => "non null"; }
|
||||
}
|
||||
|
||||
public class ThrowingMethods
|
||||
{
|
||||
public static object AlwaysThrows() => throw new InvalidOperationException();
|
||||
|
||||
public object AlwaysThrowsIndirect() => AlwaysThrows();
|
||||
|
||||
public virtual object VirtualThrows() => throw new Exception();
|
||||
|
||||
public object ThrowProperty { get => throw new Exception(); }
|
||||
public virtual object VirtualThrowProperty { get => throw new Exception(); }
|
||||
|
||||
}
|
||||
|
||||
public class DataFlow
|
||||
{
|
||||
public object Taint1(object x) => x;
|
||||
|
||||
public object Taint2(object x) => Taint5(x);
|
||||
|
||||
public string Taint3(string s)
|
||||
{
|
||||
var x = s;
|
||||
Console.WriteLine(s);
|
||||
return x;
|
||||
}
|
||||
|
||||
public object Taint5(object x) => Taint6(x);
|
||||
|
||||
private object Taint6(object x) => x;
|
||||
}
|
||||
|
||||
public class TaintFlow
|
||||
{
|
||||
public string Taint1(string a, string b) => a + b;
|
||||
|
||||
public int Taint2(int a, int b) => a + b;
|
||||
|
||||
public int Taint3(int a) => -a;
|
||||
|
||||
public string TaintIndirect(string a, string b) => Taint1(a, b);
|
||||
}
|
||||
|
||||
public class Properties
|
||||
{
|
||||
public int TrivialProperty1 { get; set; }
|
||||
|
||||
int field;
|
||||
|
||||
public int TrivialProperty2
|
||||
{
|
||||
get => field;
|
||||
set { field = value; }
|
||||
}
|
||||
}
|
||||
|
||||
public class ThisAssemblyIsNotAStub
|
||||
{
|
||||
public void F()
|
||||
{
|
||||
// Ensure that the assembly isn't tagged as a stub
|
||||
// Need to bump the average instruction count.
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
Console.WriteLine("This is not a stub assembly");
|
||||
}
|
||||
}
|
||||
}
|
||||
Binary file not shown.
@@ -1,146 +0,0 @@
|
||||
edges
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint2 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint3 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint5 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint6 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of TaintIndirect : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 2 of Taint1 : String | DataFlow.dll:0:0:0:0 | ldarg.2 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 2 of TaintIndirect : String | DataFlow.dll:0:0:0:0 | ldarg.2 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint5 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint6 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | call : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | call : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | call : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | call : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.2 : String | DataFlow.dll:0:0:0:0 | Parameter 2 of Taint1 : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.2 : String | DataFlow.dll:0:0:0:0 | call : String | provenance | |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.2 : String | DataFlow.dll:0:0:0:0 | call : String | provenance | |
|
||||
| dataflow.cs:16:18:16:26 | "tainted" : String | dataflow.cs:16:18:16:37 | call to method ToString | provenance | |
|
||||
| dataflow.cs:18:27:18:27 | 2 : Int32 | dataflow.cs:18:18:18:31 | call to method Max | provenance | |
|
||||
| dataflow.cs:18:30:18:30 | 3 : Int32 | dataflow.cs:18:18:18:31 | call to method Max | provenance | |
|
||||
| dataflow.cs:19:29:19:31 | 0.5 : Double | dataflow.cs:19:18:19:32 | call to method Round | provenance | |
|
||||
| dataflow.cs:20:45:20:53 | "tainted" : String | dataflow.cs:20:18:20:54 | call to method GetFullPath | provenance | |
|
||||
| dataflow.cs:27:44:27:46 | 1 : Double | dataflow.cs:27:18:27:52 | call to method IEEERemainder | provenance | |
|
||||
| dataflow.cs:27:49:27:51 | 2 : Double | dataflow.cs:27:18:27:52 | call to method IEEERemainder | provenance | |
|
||||
| dataflow.cs:38:34:38:37 | "d1" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | provenance | |
|
||||
| dataflow.cs:38:34:38:37 | "d1" : String | dataflow.cs:38:18:38:38 | call to method Taint1 | provenance | |
|
||||
| dataflow.cs:39:34:39:37 | "d2" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint2 : String | provenance | |
|
||||
| dataflow.cs:39:34:39:37 | "d2" : String | dataflow.cs:39:18:39:38 | call to method Taint2 | provenance | |
|
||||
| dataflow.cs:40:34:40:37 | "d3" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint3 : String | provenance | |
|
||||
| dataflow.cs:40:34:40:37 | "d3" : String | dataflow.cs:40:18:40:38 | call to method Taint3 | provenance | |
|
||||
| dataflow.cs:44:28:44:32 | "t1a" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | provenance | |
|
||||
| dataflow.cs:44:28:44:32 | "t1a" : String | dataflow.cs:44:18:44:40 | call to method Taint1 | provenance | |
|
||||
| dataflow.cs:44:35:44:39 | "t1b" : String | DataFlow.dll:0:0:0:0 | Parameter 2 of Taint1 : String | provenance | |
|
||||
| dataflow.cs:44:35:44:39 | "t1b" : String | dataflow.cs:44:18:44:40 | call to method Taint1 | provenance | |
|
||||
| dataflow.cs:47:35:47:38 | "t6" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of TaintIndirect : String | provenance | |
|
||||
| dataflow.cs:47:35:47:38 | "t6" : String | dataflow.cs:47:18:47:45 | call to method TaintIndirect | provenance | |
|
||||
| dataflow.cs:47:41:47:44 | "t6" : String | DataFlow.dll:0:0:0:0 | Parameter 2 of TaintIndirect : String | provenance | |
|
||||
| dataflow.cs:47:41:47:44 | "t6" : String | dataflow.cs:47:18:47:45 | call to method TaintIndirect | provenance | |
|
||||
| dataflow.cs:72:21:72:34 | call to method NullFunction : null | dataflow.cs:72:21:72:52 | ... ?? ... | provenance | |
|
||||
| dataflow.cs:72:39:72:52 | call to method IndirectNull : null | dataflow.cs:72:21:72:52 | ... ?? ... | provenance | |
|
||||
| dataflow.cs:87:31:87:44 | call to method NullFunction : null | dataflow.cs:87:24:87:51 | ... ? ... : ... | provenance | |
|
||||
| dataflow.cs:100:30:100:33 | null : null | dataflow.cs:72:39:72:52 | call to method IndirectNull : null | provenance | |
|
||||
| dataflow.cs:100:30:100:33 | null : null | dataflow.cs:106:20:106:33 | call to method IndirectNull | provenance | |
|
||||
| dataflow.cs:100:30:100:33 | null : null | dataflow.cs:106:20:106:33 | call to method IndirectNull : null | provenance | |
|
||||
| dataflow.cs:106:16:106:16 | access to local variable x : null | dataflow.cs:108:16:108:16 | access to local variable x : null | provenance | |
|
||||
| dataflow.cs:106:20:106:33 | call to method IndirectNull : null | dataflow.cs:106:16:106:16 | access to local variable x : null | provenance | |
|
||||
| dataflow.cs:107:19:107:19 | access to local variable x : null | dataflow.cs:108:16:108:16 | access to local variable x : null | provenance | |
|
||||
| dataflow.cs:107:23:107:26 | null : null | dataflow.cs:107:19:107:19 | access to local variable x : null | provenance | |
|
||||
| dataflow.cs:108:16:108:16 | access to local variable x : null | dataflow.cs:72:21:72:34 | call to method NullFunction : null | provenance | |
|
||||
| dataflow.cs:108:16:108:16 | access to local variable x : null | dataflow.cs:87:31:87:44 | call to method NullFunction : null | provenance | |
|
||||
nodes
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | semmle.label | Parameter 1 of Taint1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | semmle.label | Parameter 1 of Taint1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint2 : String | semmle.label | Parameter 1 of Taint2 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint3 : String | semmle.label | Parameter 1 of Taint3 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint5 : String | semmle.label | Parameter 1 of Taint5 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of Taint6 : String | semmle.label | Parameter 1 of Taint6 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 1 of TaintIndirect : String | semmle.label | Parameter 1 of TaintIndirect : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 2 of Taint1 : String | semmle.label | Parameter 2 of Taint1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | Parameter 2 of TaintIndirect : String | semmle.label | Parameter 2 of TaintIndirect : String |
|
||||
| DataFlow.dll:0:0:0:0 | call : String | semmle.label | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | call : String | semmle.label | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | call : String | semmle.label | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | call : String | semmle.label | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | call : String | semmle.label | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | call : String | semmle.label | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | semmle.label | ldarg.1 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.2 : String | semmle.label | ldarg.2 : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.2 : String | semmle.label | ldarg.2 : String |
|
||||
| dataflow.cs:16:18:16:26 | "tainted" : String | semmle.label | "tainted" : String |
|
||||
| dataflow.cs:16:18:16:37 | call to method ToString | semmle.label | call to method ToString |
|
||||
| dataflow.cs:18:18:18:31 | call to method Max | semmle.label | call to method Max |
|
||||
| dataflow.cs:18:27:18:27 | 2 : Int32 | semmle.label | 2 : Int32 |
|
||||
| dataflow.cs:18:30:18:30 | 3 : Int32 | semmle.label | 3 : Int32 |
|
||||
| dataflow.cs:19:18:19:32 | call to method Round | semmle.label | call to method Round |
|
||||
| dataflow.cs:19:29:19:31 | 0.5 : Double | semmle.label | 0.5 : Double |
|
||||
| dataflow.cs:20:18:20:54 | call to method GetFullPath | semmle.label | call to method GetFullPath |
|
||||
| dataflow.cs:20:45:20:53 | "tainted" : String | semmle.label | "tainted" : String |
|
||||
| dataflow.cs:27:18:27:52 | call to method IEEERemainder | semmle.label | call to method IEEERemainder |
|
||||
| dataflow.cs:27:44:27:46 | 1 : Double | semmle.label | 1 : Double |
|
||||
| dataflow.cs:27:49:27:51 | 2 : Double | semmle.label | 2 : Double |
|
||||
| dataflow.cs:38:18:38:38 | call to method Taint1 | semmle.label | call to method Taint1 |
|
||||
| dataflow.cs:38:34:38:37 | "d1" : String | semmle.label | "d1" : String |
|
||||
| dataflow.cs:39:18:39:38 | call to method Taint2 | semmle.label | call to method Taint2 |
|
||||
| dataflow.cs:39:34:39:37 | "d2" : String | semmle.label | "d2" : String |
|
||||
| dataflow.cs:40:18:40:38 | call to method Taint3 | semmle.label | call to method Taint3 |
|
||||
| dataflow.cs:40:34:40:37 | "d3" : String | semmle.label | "d3" : String |
|
||||
| dataflow.cs:44:18:44:40 | call to method Taint1 | semmle.label | call to method Taint1 |
|
||||
| dataflow.cs:44:28:44:32 | "t1a" : String | semmle.label | "t1a" : String |
|
||||
| dataflow.cs:44:35:44:39 | "t1b" : String | semmle.label | "t1b" : String |
|
||||
| dataflow.cs:47:18:47:45 | call to method TaintIndirect | semmle.label | call to method TaintIndirect |
|
||||
| dataflow.cs:47:35:47:38 | "t6" : String | semmle.label | "t6" : String |
|
||||
| dataflow.cs:47:41:47:44 | "t6" : String | semmle.label | "t6" : String |
|
||||
| dataflow.cs:72:21:72:34 | call to method NullFunction : null | semmle.label | call to method NullFunction : null |
|
||||
| dataflow.cs:72:21:72:52 | ... ?? ... | semmle.label | ... ?? ... |
|
||||
| dataflow.cs:72:39:72:52 | call to method IndirectNull : null | semmle.label | call to method IndirectNull : null |
|
||||
| dataflow.cs:87:24:87:51 | ... ? ... : ... | semmle.label | ... ? ... : ... |
|
||||
| dataflow.cs:87:31:87:44 | call to method NullFunction : null | semmle.label | call to method NullFunction : null |
|
||||
| dataflow.cs:100:30:100:33 | null : null | semmle.label | null : null |
|
||||
| dataflow.cs:106:16:106:16 | access to local variable x : null | semmle.label | access to local variable x : null |
|
||||
| dataflow.cs:106:20:106:33 | call to method IndirectNull | semmle.label | call to method IndirectNull |
|
||||
| dataflow.cs:106:20:106:33 | call to method IndirectNull : null | semmle.label | call to method IndirectNull : null |
|
||||
| dataflow.cs:107:19:107:19 | access to local variable x : null | semmle.label | access to local variable x : null |
|
||||
| dataflow.cs:107:23:107:26 | null : null | semmle.label | null : null |
|
||||
| dataflow.cs:108:16:108:16 | access to local variable x : null | semmle.label | access to local variable x : null |
|
||||
subpaths
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | DataFlow.dll:0:0:0:0 | call : String | DataFlow.dll:0:0:0:0 | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint5 : String | DataFlow.dll:0:0:0:0 | call : String | DataFlow.dll:0:0:0:0 | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint6 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | DataFlow.dll:0:0:0:0 | call : String |
|
||||
| DataFlow.dll:0:0:0:0 | ldarg.2 : String | DataFlow.dll:0:0:0:0 | Parameter 2 of Taint1 : String | DataFlow.dll:0:0:0:0 | call : String | DataFlow.dll:0:0:0:0 | call : String |
|
||||
| dataflow.cs:38:34:38:37 | "d1" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | dataflow.cs:38:18:38:38 | call to method Taint1 |
|
||||
| dataflow.cs:39:34:39:37 | "d2" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint2 : String | DataFlow.dll:0:0:0:0 | call : String | dataflow.cs:39:18:39:38 | call to method Taint2 |
|
||||
| dataflow.cs:40:34:40:37 | "d3" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint3 : String | DataFlow.dll:0:0:0:0 | ldarg.1 : String | dataflow.cs:40:18:40:38 | call to method Taint3 |
|
||||
| dataflow.cs:44:28:44:32 | "t1a" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of Taint1 : String | DataFlow.dll:0:0:0:0 | call : String | dataflow.cs:44:18:44:40 | call to method Taint1 |
|
||||
| dataflow.cs:44:35:44:39 | "t1b" : String | DataFlow.dll:0:0:0:0 | Parameter 2 of Taint1 : String | DataFlow.dll:0:0:0:0 | call : String | dataflow.cs:44:18:44:40 | call to method Taint1 |
|
||||
| dataflow.cs:47:35:47:38 | "t6" : String | DataFlow.dll:0:0:0:0 | Parameter 1 of TaintIndirect : String | DataFlow.dll:0:0:0:0 | call : String | dataflow.cs:47:18:47:45 | call to method TaintIndirect |
|
||||
| dataflow.cs:47:41:47:44 | "t6" : String | DataFlow.dll:0:0:0:0 | Parameter 2 of TaintIndirect : String | DataFlow.dll:0:0:0:0 | call : String | dataflow.cs:47:18:47:45 | call to method TaintIndirect |
|
||||
#select
|
||||
| dataflow.cs:16:18:16:26 | "tainted" : String | dataflow.cs:16:18:16:37 | call to method ToString | dataflow.cs:16:18:16:37 | call to method ToString | $@ | dataflow.cs:16:18:16:37 | call to method ToString | call to method ToString |
|
||||
| dataflow.cs:18:27:18:27 | 2 : Int32 | dataflow.cs:18:18:18:31 | call to method Max | dataflow.cs:18:18:18:31 | call to method Max | $@ | dataflow.cs:18:18:18:31 | call to method Max | call to method Max |
|
||||
| dataflow.cs:18:30:18:30 | 3 : Int32 | dataflow.cs:18:18:18:31 | call to method Max | dataflow.cs:18:18:18:31 | call to method Max | $@ | dataflow.cs:18:18:18:31 | call to method Max | call to method Max |
|
||||
| dataflow.cs:19:29:19:31 | 0.5 : Double | dataflow.cs:19:18:19:32 | call to method Round | dataflow.cs:19:18:19:32 | call to method Round | $@ | dataflow.cs:19:18:19:32 | call to method Round | call to method Round |
|
||||
| dataflow.cs:20:45:20:53 | "tainted" : String | dataflow.cs:20:18:20:54 | call to method GetFullPath | dataflow.cs:20:18:20:54 | call to method GetFullPath | $@ | dataflow.cs:20:18:20:54 | call to method GetFullPath | call to method GetFullPath |
|
||||
| dataflow.cs:27:44:27:46 | 1 : Double | dataflow.cs:27:18:27:52 | call to method IEEERemainder | dataflow.cs:27:18:27:52 | call to method IEEERemainder | $@ | dataflow.cs:27:18:27:52 | call to method IEEERemainder | call to method IEEERemainder |
|
||||
| dataflow.cs:27:49:27:51 | 2 : Double | dataflow.cs:27:18:27:52 | call to method IEEERemainder | dataflow.cs:27:18:27:52 | call to method IEEERemainder | $@ | dataflow.cs:27:18:27:52 | call to method IEEERemainder | call to method IEEERemainder |
|
||||
| dataflow.cs:38:34:38:37 | "d1" : String | dataflow.cs:38:18:38:38 | call to method Taint1 | dataflow.cs:38:18:38:38 | call to method Taint1 | $@ | dataflow.cs:38:18:38:38 | call to method Taint1 | call to method Taint1 |
|
||||
| dataflow.cs:39:34:39:37 | "d2" : String | dataflow.cs:39:18:39:38 | call to method Taint2 | dataflow.cs:39:18:39:38 | call to method Taint2 | $@ | dataflow.cs:39:18:39:38 | call to method Taint2 | call to method Taint2 |
|
||||
| dataflow.cs:40:34:40:37 | "d3" : String | dataflow.cs:40:18:40:38 | call to method Taint3 | dataflow.cs:40:18:40:38 | call to method Taint3 | $@ | dataflow.cs:40:18:40:38 | call to method Taint3 | call to method Taint3 |
|
||||
| dataflow.cs:44:28:44:32 | "t1a" : String | dataflow.cs:44:18:44:40 | call to method Taint1 | dataflow.cs:44:18:44:40 | call to method Taint1 | $@ | dataflow.cs:44:18:44:40 | call to method Taint1 | call to method Taint1 |
|
||||
| dataflow.cs:44:35:44:39 | "t1b" : String | dataflow.cs:44:18:44:40 | call to method Taint1 | dataflow.cs:44:18:44:40 | call to method Taint1 | $@ | dataflow.cs:44:18:44:40 | call to method Taint1 | call to method Taint1 |
|
||||
| dataflow.cs:47:35:47:38 | "t6" : String | dataflow.cs:47:18:47:45 | call to method TaintIndirect | dataflow.cs:47:18:47:45 | call to method TaintIndirect | $@ | dataflow.cs:47:18:47:45 | call to method TaintIndirect | call to method TaintIndirect |
|
||||
| dataflow.cs:47:41:47:44 | "t6" : String | dataflow.cs:47:18:47:45 | call to method TaintIndirect | dataflow.cs:47:18:47:45 | call to method TaintIndirect | $@ | dataflow.cs:47:18:47:45 | call to method TaintIndirect | call to method TaintIndirect |
|
||||
| dataflow.cs:100:30:100:33 | null : null | dataflow.cs:72:21:72:52 | ... ?? ... | dataflow.cs:72:21:72:52 | ... ?? ... | $@ | dataflow.cs:72:21:72:52 | ... ?? ... | ... ?? ... |
|
||||
| dataflow.cs:100:30:100:33 | null : null | dataflow.cs:87:24:87:51 | ... ? ... : ... | dataflow.cs:87:24:87:51 | ... ? ... : ... | $@ | dataflow.cs:87:24:87:51 | ... ? ... : ... | ... ? ... : ... |
|
||||
| dataflow.cs:100:30:100:33 | null : null | dataflow.cs:106:20:106:33 | call to method IndirectNull | dataflow.cs:106:20:106:33 | call to method IndirectNull | $@ | dataflow.cs:106:20:106:33 | call to method IndirectNull | call to method IndirectNull |
|
||||
| dataflow.cs:107:23:107:26 | null : null | dataflow.cs:72:21:72:52 | ... ?? ... | dataflow.cs:72:21:72:52 | ... ?? ... | $@ | dataflow.cs:72:21:72:52 | ... ?? ... | ... ?? ... |
|
||||
| dataflow.cs:107:23:107:26 | null : null | dataflow.cs:87:24:87:51 | ... ? ... : ... | dataflow.cs:87:24:87:51 | ... ? ... : ... | $@ | dataflow.cs:87:24:87:51 | ... ? ... : ... | ... ? ... : ... |
|
||||
@@ -1,49 +0,0 @@
|
||||
/**
|
||||
* @kind path-problem
|
||||
*/
|
||||
|
||||
import csharp
|
||||
import Flow::PathGraph
|
||||
|
||||
private predicate relevantPathNode(Flow::PathNode n) {
|
||||
exists(File f | f = n.getNode().getLocation().getFile() |
|
||||
f.fromSource()
|
||||
or
|
||||
f.getBaseName() = "DataFlow.dll"
|
||||
)
|
||||
}
|
||||
|
||||
query predicate edges(Flow::PathNode a, Flow::PathNode b, string key, string val) {
|
||||
Flow::PathGraph::edges(a, b, key, val) and
|
||||
relevantPathNode(a) and
|
||||
relevantPathNode(b)
|
||||
}
|
||||
|
||||
query predicate nodes(Flow::PathNode n, string key, string val) {
|
||||
Flow::PathGraph::nodes(n, key, val) and
|
||||
relevantPathNode(n)
|
||||
}
|
||||
|
||||
query predicate subpaths(
|
||||
Flow::PathNode arg, Flow::PathNode par, Flow::PathNode ret, Flow::PathNode out
|
||||
) {
|
||||
Flow::PathGraph::subpaths(arg, par, ret, out) and
|
||||
relevantPathNode(arg) and
|
||||
relevantPathNode(par) and
|
||||
relevantPathNode(ret) and
|
||||
relevantPathNode(out)
|
||||
}
|
||||
|
||||
module FlowConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof Literal }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(LocalVariable decl | sink.asExpr() = decl.getInitializer())
|
||||
}
|
||||
}
|
||||
|
||||
module Flow = DataFlow::Global<FlowConfig>;
|
||||
|
||||
from Flow::PathNode source, Flow::PathNode sink
|
||||
where Flow::flowPath(source, sink)
|
||||
select source, sink, sink, "$@", sink, sink.toString()
|
||||
@@ -1,24 +0,0 @@
|
||||
// Generate DataFlowUnoptimized.dll: `csc /target:library DataFlowUnoptimized.cs_ /out:DataFlowUnoptimized.dll`
|
||||
|
||||
using System;
|
||||
|
||||
namespace DataflowUnoptimized
|
||||
{
|
||||
public class MaybeNullMethods
|
||||
{
|
||||
public bool cond = false;
|
||||
|
||||
public string MaybeNull()
|
||||
{
|
||||
if (cond)
|
||||
return null;
|
||||
else
|
||||
return "not null";
|
||||
}
|
||||
|
||||
public string MaybeNull2()
|
||||
{
|
||||
return cond ? null : "not null";
|
||||
}
|
||||
}
|
||||
}
|
||||
Binary file not shown.
@@ -1,42 +0,0 @@
|
||||
alwaysNull
|
||||
| dataflow.cs:68:21:68:35 | default(...) |
|
||||
| dataflow.cs:72:21:72:34 | call to method NullFunction |
|
||||
| dataflow.cs:72:21:72:52 | ... ?? ... |
|
||||
| dataflow.cs:72:39:72:52 | call to method IndirectNull |
|
||||
| dataflow.cs:76:21:76:45 | call to method ReturnsNull |
|
||||
| dataflow.cs:77:21:77:46 | call to method ReturnsNull2 |
|
||||
| dataflow.cs:78:21:78:44 | access to property NullProperty |
|
||||
| dataflow.cs:87:31:87:44 | call to method NullFunction |
|
||||
alwaysNotNull
|
||||
| dataflow.cs:69:13:69:20 | access to local variable nonNull1 |
|
||||
| dataflow.cs:69:13:69:35 | Int32 nonNull1 = ... |
|
||||
| dataflow.cs:69:24:69:35 | default(...) |
|
||||
| dataflow.cs:69:32:69:34 | access to type Int32 |
|
||||
| dataflow.cs:70:27:70:30 | this access |
|
||||
| dataflow.cs:70:27:70:40 | call to method GetType |
|
||||
| dataflow.cs:71:30:71:33 | true |
|
||||
| dataflow.cs:71:30:71:44 | call to method ToString |
|
||||
| dataflow.cs:72:21:72:34 | this access |
|
||||
| dataflow.cs:72:39:72:52 | this access |
|
||||
| dataflow.cs:75:27:75:52 | object creation of type NullMethods |
|
||||
| dataflow.cs:76:21:76:31 | access to local variable nullMethods |
|
||||
| dataflow.cs:77:21:77:31 | access to local variable nullMethods |
|
||||
| dataflow.cs:78:21:78:31 | access to local variable nullMethods |
|
||||
| dataflow.cs:81:23:81:51 | object creation of type NonNullMethods |
|
||||
| dataflow.cs:82:24:82:30 | access to local variable nonNull |
|
||||
| dataflow.cs:82:24:82:47 | call to method ReturnsNonNull |
|
||||
| dataflow.cs:83:24:83:30 | access to local variable nonNull |
|
||||
| dataflow.cs:83:24:83:55 | call to method ReturnsNonNullIndirect |
|
||||
| dataflow.cs:84:24:84:30 | access to local variable nonNull |
|
||||
| dataflow.cs:87:24:87:27 | access to field cond |
|
||||
| dataflow.cs:87:24:87:27 | this access |
|
||||
| dataflow.cs:87:31:87:44 | this access |
|
||||
| dataflow.cs:87:48:87:51 | this access |
|
||||
| dataflow.cs:88:24:88:34 | access to local variable nullMethods |
|
||||
| dataflow.cs:89:24:89:34 | access to local variable nullMethods |
|
||||
| dataflow.cs:90:26:90:32 | access to local variable nonNull |
|
||||
| dataflow.cs:93:25:93:31 | access to local variable nonNull |
|
||||
| dataflow.cs:94:26:94:32 | access to local variable nonNull |
|
||||
| dataflow.cs:95:32:95:73 | object creation of type MaybeNullMethods |
|
||||
| dataflow.cs:96:21:96:36 | access to local variable maybeNullMethods |
|
||||
| dataflow.cs:97:22:97:37 | access to local variable maybeNullMethods |
|
||||
@@ -1,10 +0,0 @@
|
||||
import csharp
|
||||
import semmle.code.csharp.dataflow.Nullness
|
||||
|
||||
query predicate alwaysNull(AlwaysNullExpr expr) {
|
||||
expr.getEnclosingCallable().getName() = "Nullness"
|
||||
}
|
||||
|
||||
query predicate alwaysNotNull(NonNullExpr expr) {
|
||||
expr.getEnclosingCallable().getName() = "Nullness"
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
| dataflow.cs:9:18:9:22 | "123" | dataflow.cs:9:18:9:37 | call to method CompareTo |
|
||||
| dataflow.cs:9:34:9:36 | "b" | dataflow.cs:9:18:9:37 | call to method CompareTo |
|
||||
| dataflow.cs:16:18:16:26 | "tainted" | dataflow.cs:16:18:16:37 | call to method ToString |
|
||||
| dataflow.cs:18:27:18:27 | 2 | dataflow.cs:18:18:18:31 | call to method Max |
|
||||
| dataflow.cs:18:30:18:30 | 3 | dataflow.cs:18:18:18:31 | call to method Max |
|
||||
| dataflow.cs:19:29:19:31 | 0.5 | dataflow.cs:19:18:19:32 | call to method Round |
|
||||
| dataflow.cs:20:45:20:53 | "tainted" | dataflow.cs:20:18:20:54 | call to method GetFullPath |
|
||||
| dataflow.cs:24:37:24:37 | 1 | dataflow.cs:24:18:24:56 | call to method DivRem |
|
||||
| dataflow.cs:24:40:24:40 | 2 | dataflow.cs:24:18:24:56 | call to method DivRem |
|
||||
| dataflow.cs:27:44:27:46 | 1 | dataflow.cs:27:18:27:52 | call to method IEEERemainder |
|
||||
| dataflow.cs:27:49:27:51 | 2 | dataflow.cs:27:18:27:52 | call to method IEEERemainder |
|
||||
| dataflow.cs:30:60:30:60 | 1 | dataflow.cs:30:18:30:80 | call to method DivRem |
|
||||
| dataflow.cs:30:63:30:63 | 2 | dataflow.cs:30:18:30:80 | call to method DivRem |
|
||||
| dataflow.cs:38:34:38:37 | "d1" | dataflow.cs:38:18:38:38 | call to method Taint1 |
|
||||
| dataflow.cs:39:34:39:37 | "d2" | dataflow.cs:39:18:39:38 | call to method Taint2 |
|
||||
| dataflow.cs:40:34:40:37 | "d3" | dataflow.cs:40:18:40:38 | call to method Taint3 |
|
||||
| dataflow.cs:44:28:44:32 | "t1a" | dataflow.cs:44:18:44:40 | call to method Taint1 |
|
||||
| dataflow.cs:44:35:44:39 | "t1b" | dataflow.cs:44:18:44:40 | call to method Taint1 |
|
||||
| dataflow.cs:45:28:45:28 | 2 | dataflow.cs:45:18:45:32 | call to method Taint2 |
|
||||
| dataflow.cs:45:31:45:31 | 3 | dataflow.cs:45:18:45:32 | call to method Taint2 |
|
||||
| dataflow.cs:46:28:46:28 | 1 | dataflow.cs:46:18:46:29 | call to method Taint3 |
|
||||
| dataflow.cs:47:35:47:38 | "t6" | dataflow.cs:47:18:47:45 | call to method TaintIndirect |
|
||||
| dataflow.cs:47:41:47:44 | "t6" | dataflow.cs:47:18:47:45 | call to method TaintIndirect |
|
||||
| dataflow.cs:100:30:100:33 | null | dataflow.cs:72:21:72:52 | ... ?? ... |
|
||||
| dataflow.cs:100:30:100:33 | null | dataflow.cs:87:24:87:51 | ... ? ... : ... |
|
||||
| dataflow.cs:100:30:100:33 | null | dataflow.cs:106:20:106:33 | call to method IndirectNull |
|
||||
| dataflow.cs:107:23:107:26 | null | dataflow.cs:72:21:72:52 | ... ?? ... |
|
||||
| dataflow.cs:107:23:107:26 | null | dataflow.cs:87:24:87:51 | ... ? ... : ... |
|
||||
@@ -1,21 +0,0 @@
|
||||
import csharp
|
||||
// Test that all the copies of the taint tracking library can be imported
|
||||
// simultaneously without errors.
|
||||
import semmle.code.csharp.dataflow.TaintTracking2
|
||||
import semmle.code.csharp.dataflow.TaintTracking3
|
||||
import semmle.code.csharp.dataflow.TaintTracking4
|
||||
import semmle.code.csharp.dataflow.TaintTracking5
|
||||
|
||||
module FlowConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof Literal }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(LocalVariable decl | sink.asExpr() = decl.getInitializer())
|
||||
}
|
||||
}
|
||||
|
||||
module Flow = TaintTracking::Global<FlowConfig>;
|
||||
|
||||
from DataFlow::Node source, DataFlow::Node sink
|
||||
where Flow::flow(source, sink)
|
||||
select source, sink
|
||||
@@ -1,11 +0,0 @@
|
||||
| Dataflow.Properties.TrivialProperty1 |
|
||||
| Dataflow.Properties.TrivialProperty2 |
|
||||
| System.Collections.DictionaryEntry.Key |
|
||||
| System.Collections.DictionaryEntry.Value |
|
||||
| System.Reflection.AssemblyName.CodeBase |
|
||||
| System.Reflection.AssemblyName.CultureInfo |
|
||||
| System.Reflection.AssemblyName.HashAlgorithm |
|
||||
| System.Reflection.AssemblyName.Name |
|
||||
| System.Reflection.AssemblyName.RawFlags |
|
||||
| System.Reflection.AssemblyName.Version |
|
||||
| System.Reflection.AssemblyName.VersionCompatibility |
|
||||
@@ -1,15 +0,0 @@
|
||||
import csharp
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
from TrivialProperty prop, string namespace, string type, string name
|
||||
where
|
||||
prop.getDeclaringType().hasFullyQualifiedName(namespace, type) and
|
||||
(
|
||||
namespace = "System.Reflection" and type = "AssemblyName"
|
||||
or
|
||||
namespace = "System.Collections" and type = "DictionaryEntry"
|
||||
or
|
||||
namespace = "Dataflow" and type = "Properties"
|
||||
) and
|
||||
prop.hasFullyQualifiedName(namespace, type, name)
|
||||
select getQualifiedName(namespace, type, name)
|
||||
@@ -1,110 +0,0 @@
|
||||
using System;
|
||||
|
||||
class Test
|
||||
{
|
||||
static void Main(string[] args)
|
||||
{
|
||||
// Indirect call to method
|
||||
var c1 = "abc".Contains("a"); // Calls string.IndexOf()
|
||||
var c2 = "123".CompareTo("b"); // Calls string.Compare()
|
||||
var c3 = Tuple.Create("c", "d", "e"); // Calls Tuple constructor
|
||||
}
|
||||
|
||||
void DataFlowThroughFramework()
|
||||
{
|
||||
// Dataflow through call
|
||||
var f1 = "tainted".ToString();
|
||||
var f2 = Math.Abs(12);
|
||||
var f3 = Math.Max(2, 3);
|
||||
var f4 = Math.Round(0.5);
|
||||
var f5 = System.IO.Path.GetFullPath("tainted");
|
||||
|
||||
// Tainted dataflow (there is no untainted dataflow path)
|
||||
int remainder;
|
||||
var t1 = System.Math.DivRem(1, 2, out remainder);
|
||||
|
||||
// Tainted indirect call to method (there is no untainted dataflow path)
|
||||
var t2 = System.Math.IEEERemainder(1.0, 2.0);
|
||||
|
||||
// Miscellaneous examples
|
||||
var m1 = System.Math.DivRem(Math.Abs(-1), Math.Max(1, 2), out remainder);
|
||||
var m2 = "tainted".ToString().Contains("t");
|
||||
}
|
||||
|
||||
void DataFlowThroughAssembly()
|
||||
{
|
||||
// Dataflow through test assembly
|
||||
var dataflow = new Dataflow.DataFlow();
|
||||
var d1 = dataflow.Taint1("d1");
|
||||
var d2 = dataflow.Taint2("d2");
|
||||
var d3 = dataflow.Taint3("d3");
|
||||
|
||||
// Taint tracking
|
||||
var tt = new Dataflow.TaintFlow();
|
||||
var t1 = tt.Taint1("t1a", "t1b");
|
||||
var t2 = tt.Taint2(2, 3);
|
||||
var t3 = tt.Taint3(1);
|
||||
var t4 = tt.TaintIndirect("t6", "t6");
|
||||
}
|
||||
|
||||
void DeadCode() { }
|
||||
|
||||
void CilAlwaysThrows()
|
||||
{
|
||||
System.Reflection.Assembly.LoadFrom("", null, System.Configuration.Assemblies.AssemblyHashAlgorithm.SHA1); // Throws NotSupportedException
|
||||
DeadCode();
|
||||
}
|
||||
|
||||
void Throw() => throw new InvalidCastException();
|
||||
|
||||
void CsAlwaysThrows()
|
||||
{
|
||||
Throw();
|
||||
DeadCode();
|
||||
}
|
||||
|
||||
void Nullness()
|
||||
{
|
||||
var @null = default(object);
|
||||
var nonNull1 = default(int);
|
||||
var nullFromCil = this.GetType().DeclaringMethod;
|
||||
var nonNullFromCil = true.ToString();
|
||||
var null2 = NullFunction() ?? IndirectNull();
|
||||
|
||||
// Null from dataflow assembly
|
||||
var nullMethods = new Dataflow.NullMethods();
|
||||
var null3 = nullMethods.ReturnsNull(); // Null
|
||||
var null4 = nullMethods.ReturnsNull2();
|
||||
var null5 = nullMethods.NullProperty;
|
||||
|
||||
// NotNull
|
||||
var nonNull = new Dataflow.NonNullMethods();
|
||||
var nonNull2 = nonNull.ReturnsNonNull();
|
||||
var nonNull3 = nonNull.ReturnsNonNullIndirect();
|
||||
var nonNull4 = nonNull.NonNullProperty;
|
||||
|
||||
// The following are not always null:
|
||||
var notNull1 = cond ? NullFunction() : this;
|
||||
var notNull2 = nullMethods.VirtualReturnsNull();
|
||||
var notNull3 = nullMethods.VirtualNullProperty;
|
||||
var notNonNull = nonNull.VirtualNonNull;
|
||||
|
||||
// The following are maybe null
|
||||
var maybeNull = nonNull.MaybeNull();
|
||||
var maybeNull2 = nonNull.MaybeNull2();
|
||||
var maybeNullMethods = new DataflowUnoptimized.MaybeNullMethods();
|
||||
maybeNull = maybeNullMethods.MaybeNull();
|
||||
maybeNull2 = maybeNullMethods.MaybeNull2();
|
||||
}
|
||||
|
||||
object IndirectNull() => null;
|
||||
|
||||
bool cond;
|
||||
|
||||
object NullFunction()
|
||||
{
|
||||
object x = IndirectNull();
|
||||
if (cond) x = null;
|
||||
return x;
|
||||
}
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --cil
|
||||
Reference in New Issue
Block a user