mirror of
https://github.com/github/codeql.git
synced 2026-05-04 21:25:44 +02:00
Merge pull request #709 from hvitved/csharp/autoformat/tests
C#: Autoformat QL tests
This commit is contained in:
calumgrant
@@ -1,5 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from Expr e, int m
|
||||
where expr_argument(e,m)
|
||||
where expr_argument(e, m)
|
||||
select e, m
|
||||
|
||||
@@ -3,4 +3,3 @@ import semmle.code.asp.AspNet
|
||||
from AspDirective directive, string name, AspAttribute attrib
|
||||
where directive.getAttributeByName(name) = attrib
|
||||
select directive, name, attrib
|
||||
|
||||
|
||||
@@ -3,4 +3,3 @@ import semmle.code.asp.AspNet
|
||||
from AspOpenTag tag, string name, AspAttribute attrib
|
||||
where tag.getAttributeByName(name) = attrib
|
||||
select tag, name, attrib
|
||||
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import semmle.code.asp.AspNet
|
||||
|
||||
from AspComment comment, string kind
|
||||
where
|
||||
if comment instanceof AspServerComment
|
||||
then kind = "server"
|
||||
else kind = "client"
|
||||
where if comment instanceof AspServerComment then kind = "server" else kind = "client"
|
||||
select comment, comment.getBody(), kind
|
||||
|
||||
@@ -3,4 +3,3 @@ import semmle.code.asp.AspNet
|
||||
from AspDirective directive, string name, AspAttribute attrib
|
||||
where directive.getAttributeByName(name) = attrib
|
||||
select directive, name, attrib
|
||||
|
||||
|
||||
@@ -3,4 +3,3 @@ import semmle.code.asp.AspNet
|
||||
from AspOpenTag tag, string name, AspAttribute attrib
|
||||
where tag.getAttributeByName(name) = attrib
|
||||
select tag, name, attrib
|
||||
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import semmle.code.asp.AspNet
|
||||
|
||||
from AspComment comment, string kind
|
||||
where
|
||||
if comment instanceof AspServerComment
|
||||
then kind = "server"
|
||||
else kind = "client"
|
||||
where if comment instanceof AspServerComment then kind = "server" else kind = "client"
|
||||
select comment, comment.getBody(), kind
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
import csharp
|
||||
|
||||
Version getAVersion()
|
||||
{
|
||||
Version getAVersion() {
|
||||
result = "1.2" or
|
||||
result = "1.2.0" or
|
||||
result = "1.2.0.0" or
|
||||
@@ -15,6 +14,7 @@ Version getAVersion()
|
||||
}
|
||||
|
||||
from Version v1, Version v2
|
||||
where v1 = getAVersion()
|
||||
and v2 = getAVersion()
|
||||
where
|
||||
v1 = getAVersion() and
|
||||
v2 = getAVersion()
|
||||
select v1, v2, v1.compareTo(v2)
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
import csharp
|
||||
|
||||
from Version version
|
||||
where version = "1.2.3.4"
|
||||
or version = "2.3.24"
|
||||
or version = "1.2"
|
||||
or version = "xxx"
|
||||
or version = "1.x"
|
||||
or version = "1"
|
||||
or version = ""
|
||||
or version = "1234.56"
|
||||
select version, version.getMajor(), version.getMajorRevision(), version.getMinor(), version.getMinorRevision()
|
||||
where
|
||||
version = "1.2.3.4" or
|
||||
version = "2.3.24" or
|
||||
version = "1.2" or
|
||||
version = "xxx" or
|
||||
version = "1.x" or
|
||||
version = "1" or
|
||||
version = "" or
|
||||
version = "1234.56"
|
||||
select version, version.getMajor(), version.getMajorRevision(), version.getMinor(),
|
||||
version.getMinorRevision()
|
||||
|
||||
@@ -1,41 +1,18 @@
|
||||
import csharp
|
||||
|
||||
class TypeRef extends @typeref
|
||||
{
|
||||
string toString() {
|
||||
hasName(result)
|
||||
}
|
||||
class TypeRef extends @typeref {
|
||||
string toString() { hasName(result) }
|
||||
|
||||
predicate hasName(string name) {
|
||||
typerefs(this, name)
|
||||
}
|
||||
predicate hasName(string name) { typerefs(this, name) }
|
||||
|
||||
Type getType() {
|
||||
typeref_type(this, result)
|
||||
}
|
||||
Type getType() { typeref_type(this, result) }
|
||||
}
|
||||
|
||||
class MissingType extends TypeRef
|
||||
{
|
||||
MissingType() {
|
||||
not exists(getType())
|
||||
}
|
||||
}
|
||||
class MissingType extends TypeRef { MissingType() { not exists(getType()) } }
|
||||
|
||||
from
|
||||
Class class1,
|
||||
MissingType class2,
|
||||
MissingType class3,
|
||||
MissingType class4,
|
||||
MissingType class5,
|
||||
MissingType del2,
|
||||
Field a,
|
||||
Method b,
|
||||
Method c,
|
||||
Method d,
|
||||
Method e,
|
||||
Method f,
|
||||
Method g
|
||||
Class class1, MissingType class2, MissingType class3, MissingType class4, MissingType class5,
|
||||
MissingType del2, Field a, Method b, Method c, Method d, Method e, Method f, Method g
|
||||
where
|
||||
class1.hasQualifiedName("Assembly1.Class1") and
|
||||
class2.hasName("Class2") and
|
||||
@@ -50,10 +27,10 @@ where
|
||||
e.hasName("e") and
|
||||
f.hasName("f") and
|
||||
g.hasName("g") and
|
||||
a.getDeclaringType()=class1 and
|
||||
a.getDeclaringType()=class1 and
|
||||
b.getDeclaringType()=class1 and
|
||||
c.getDeclaringType()=class1 and
|
||||
a.getDeclaringType() = class1 and
|
||||
a.getDeclaringType() = class1 and
|
||||
b.getDeclaringType() = class1 and
|
||||
c.getDeclaringType() = class1 and
|
||||
not exists(c.getParameter(0).getType()) and
|
||||
not exists(a.getType()) and
|
||||
not exists(b.getReturnType()) and
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
import csharp
|
||||
|
||||
from Element e, Class c, Method m, Parameter p
|
||||
where c.hasQualifiedName("Locations.Test")
|
||||
and m.getDeclaringType()=c
|
||||
and m.getAParameter()=p
|
||||
and (e=c or e=m or e=p)
|
||||
where
|
||||
c.hasQualifiedName("Locations.Test") and
|
||||
m.getDeclaringType() = c and
|
||||
m.getAParameter() = p and
|
||||
(e = c or e = m or e = p)
|
||||
select e
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import csharp
|
||||
|
||||
from Element e, Assembly a
|
||||
where e.fromSource()
|
||||
and a = e.getALocation()
|
||||
and a.getFullName() = "program, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null"
|
||||
where
|
||||
e.fromSource() and
|
||||
a = e.getALocation() and
|
||||
a.getFullName() = "program, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null"
|
||||
select e
|
||||
|
||||
@@ -1,7 +1,12 @@
|
||||
import csharp
|
||||
|
||||
from AssignableAccess aa, Assignable a, string s
|
||||
where aa.getTarget() = a
|
||||
and a.fromSource()
|
||||
and (aa instanceof AssignableRead and s = "read" or aa instanceof AssignableWrite and s = "write")
|
||||
where
|
||||
aa.getTarget() = a and
|
||||
a.fromSource() and
|
||||
(
|
||||
aa instanceof AssignableRead and s = "read"
|
||||
or
|
||||
aa instanceof AssignableWrite and s = "write"
|
||||
)
|
||||
select aa, a, s
|
||||
|
||||
@@ -6,7 +6,8 @@ newtype TTargetAccessOption =
|
||||
|
||||
class TargetAccessOption extends TTargetAccessOption {
|
||||
string toString() {
|
||||
result = som().toString() or
|
||||
result = som().toString()
|
||||
or
|
||||
exists(non()) and result = "<none>"
|
||||
}
|
||||
|
||||
@@ -15,19 +16,12 @@ class TargetAccessOption extends TTargetAccessOption {
|
||||
result = non().getLocation()
|
||||
}
|
||||
|
||||
private AssignableAccess som() {
|
||||
this = TTargetAccessSome(result)
|
||||
}
|
||||
private AssignableAccess som() { this = TTargetAccessSome(result) }
|
||||
|
||||
private AssignableDefinition non() {
|
||||
this = TTargetAccessNone(result)
|
||||
}
|
||||
private AssignableDefinition non() { this = TTargetAccessNone(result) }
|
||||
|
||||
predicate fromAssignableDefinition(AssignableDefinition def) {
|
||||
if exists(def.getTargetAccess()) then
|
||||
this.som() = def.getTargetAccess()
|
||||
else
|
||||
this.non() = def
|
||||
if exists(def.getTargetAccess()) then this.som() = def.getTargetAccess() else this.non() = def
|
||||
}
|
||||
}
|
||||
|
||||
@@ -37,7 +31,8 @@ newtype TSourceOption =
|
||||
|
||||
class SourceOption extends TSourceOption {
|
||||
string toString() {
|
||||
result = som().toString() or
|
||||
result = som().toString()
|
||||
or
|
||||
exists(non()) and result = "<none>"
|
||||
}
|
||||
|
||||
@@ -46,24 +41,18 @@ class SourceOption extends TSourceOption {
|
||||
result = non().getLocation()
|
||||
}
|
||||
|
||||
private Expr som() {
|
||||
this = TSourceSome(result)
|
||||
}
|
||||
private Expr som() { this = TSourceSome(result) }
|
||||
|
||||
private AssignableDefinition non() {
|
||||
this = TSourceNone(result)
|
||||
}
|
||||
private AssignableDefinition non() { this = TSourceNone(result) }
|
||||
|
||||
predicate fromAssignableDefinition(AssignableDefinition def) {
|
||||
if exists(def.getSource()) then
|
||||
this.som() = def.getSource()
|
||||
else
|
||||
this.non() = def
|
||||
if exists(def.getSource()) then this.som() = def.getSource() else this.non() = def
|
||||
}
|
||||
}
|
||||
|
||||
from AssignableDefinition def, TargetAccessOption access, SourceOption source, string certain
|
||||
where (if def.isCertain() then certain = "certain" else certain = "uncertain")
|
||||
and access.fromAssignableDefinition(def)
|
||||
and source.fromAssignableDefinition(def)
|
||||
where
|
||||
(if def.isCertain() then certain = "certain" else certain = "uncertain") and
|
||||
access.fromAssignableDefinition(def) and
|
||||
source.fromAssignableDefinition(def)
|
||||
select def.getTarget(), def, access, source, certain
|
||||
|
||||
@@ -2,18 +2,19 @@ import csharp
|
||||
|
||||
predicate getExpandedOperatorArgs(Expr e, Expr left, Expr right) {
|
||||
e = any(BinaryArithmeticOperation bo |
|
||||
bo.getLeftOperand() = left and
|
||||
bo.getRightOperand() = right
|
||||
)
|
||||
bo.getLeftOperand() = left and
|
||||
bo.getRightOperand() = right
|
||||
)
|
||||
or
|
||||
e = any(OperatorCall oc |
|
||||
oc.getArgument(0) = left and
|
||||
oc.getArgument(1) = right
|
||||
)
|
||||
oc.getArgument(0) = left and
|
||||
oc.getArgument(1) = right
|
||||
)
|
||||
}
|
||||
|
||||
from AssignOperation ao, AssignExpr ae, Expr op, Expr left, Expr right
|
||||
where ae = ao.getExpandedAssignment()
|
||||
and op = ae.getRValue()
|
||||
and getExpandedOperatorArgs(op, left, right)
|
||||
where
|
||||
ae = ao.getExpandedAssignment() and
|
||||
op = ae.getRValue() and
|
||||
getExpandedOperatorArgs(op, left, right)
|
||||
select ao, ae, ae.getLValue(), op, left, right
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
/**
|
||||
* @name Test that types, methods, and parameters can have attributes
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where exists(Attribute a | a.getTarget() instanceof Type)
|
||||
and exists(Attribute a | a.getTarget() instanceof Method)
|
||||
and exists(Attribute a | a.getTarget() instanceof Parameter)
|
||||
where
|
||||
exists(Attribute a | a.getTarget() instanceof Type) and
|
||||
exists(Attribute a | a.getTarget() instanceof Method) and
|
||||
exists(Attribute a | a.getTarget() instanceof Parameter)
|
||||
select 1
|
||||
|
||||
@@ -2,14 +2,12 @@ import csharp
|
||||
import semmle.code.csharp.dataflow.DataFlow::DataFlow
|
||||
|
||||
class FlowConfig extends Configuration {
|
||||
FlowConfig() { this="FlowConfig" }
|
||||
FlowConfig() { this = "FlowConfig" }
|
||||
|
||||
override predicate isSource(Node source) {
|
||||
source.asExpr() instanceof Literal
|
||||
}
|
||||
override predicate isSource(Node source) { source.asExpr() instanceof Literal }
|
||||
|
||||
override predicate isSink(Node sink) {
|
||||
exists(LocalVariable decl | sink.asExpr()=decl.getInitializer())
|
||||
exists(LocalVariable decl | sink.asExpr() = decl.getInitializer())
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,14 +2,12 @@ import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
class FlowConfig extends TaintTracking::Configuration {
|
||||
FlowConfig() { this="FlowConfig" }
|
||||
FlowConfig() { this = "FlowConfig" }
|
||||
|
||||
override predicate isSource(DataFlow::Node source) {
|
||||
source.asExpr() instanceof Literal
|
||||
}
|
||||
override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof Literal }
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) {
|
||||
exists(LocalVariable decl | sink.asExpr()=decl.getInitializer())
|
||||
exists(LocalVariable decl | sink.asExpr() = decl.getInitializer())
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,13 +2,13 @@ import cil
|
||||
|
||||
// Used only because native PDBs are only supported on Windows.
|
||||
// They are included as tests but disabled here.
|
||||
predicate filterMethod(CIL::Method m)
|
||||
{
|
||||
predicate filterMethod(CIL::Method m) {
|
||||
m.getDeclaringType().getNamespace().getName() = "EmbeddedPdb" or
|
||||
m.getDeclaringType().getNamespace().getName() = "PortablePdb"
|
||||
}
|
||||
|
||||
from CIL::Instruction instruction, CIL::Location location
|
||||
where location = instruction.getLocation()
|
||||
and filterMethod(instruction.getImplementation().getMethod())
|
||||
where
|
||||
location = instruction.getLocation() and
|
||||
filterMethod(instruction.getImplementation().getMethod())
|
||||
select location.toString(), instruction.toString()
|
||||
|
||||
@@ -2,15 +2,15 @@ import cil
|
||||
|
||||
// Used only because native PDBs are only supported on Windows.
|
||||
// They are included as tests but disabled here.
|
||||
predicate filterMethod(CIL::Method m)
|
||||
{
|
||||
predicate filterMethod(CIL::Method m) {
|
||||
m.getDeclaringType().getNamespace().getName() = "EmbeddedPdb" or
|
||||
m.getDeclaringType().getNamespace().getName() = "PortablePdb"
|
||||
}
|
||||
|
||||
from CIL::Method method, CIL::Location location, boolean primaryLocation
|
||||
where location = method.getALocation()
|
||||
and exists(CIL::Location l | l=method.getALocation() | l.getFile().isPdbSourceFile())
|
||||
and (if location=method.getLocation() then primaryLocation=true else primaryLocation=false)
|
||||
and filterMethod(method)
|
||||
where
|
||||
location = method.getALocation() and
|
||||
exists(CIL::Location l | l = method.getALocation() | l.getFile().isPdbSourceFile()) and
|
||||
(if location = method.getLocation() then primaryLocation = true else primaryLocation = false) and
|
||||
filterMethod(method)
|
||||
select method.toStringWithTypes(), location.toString(), primaryLocation
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from CommentBlock c, CommentLine l
|
||||
where l.getParent()=c
|
||||
where l.getParent() = c
|
||||
select c, c.getNumLines(), l, l.getText(), l.getRawText(), l.getAQlClass()
|
||||
|
||||
@@ -1,24 +1,18 @@
|
||||
import csharp
|
||||
|
||||
from CommentBlock b, Element e, string s
|
||||
where b.getElement()=e
|
||||
and
|
||||
(
|
||||
e instanceof ConstructedMethod
|
||||
or e instanceof ConstructedClass
|
||||
or e instanceof UnboundGenericClass
|
||||
or e instanceof UnboundGenericMethod
|
||||
)
|
||||
and
|
||||
s = e.getAQlClass()
|
||||
and
|
||||
not s = "SourceDeclarationType"
|
||||
and
|
||||
not s = "SourceDeclarationCallable"
|
||||
and
|
||||
not s = "SourceDeclarationMethod"
|
||||
and
|
||||
not s = "NonConstructedMethod"
|
||||
and
|
||||
not s = "RuntimeInstanceMethod"
|
||||
where
|
||||
b.getElement() = e and
|
||||
(
|
||||
e instanceof ConstructedMethod or
|
||||
e instanceof ConstructedClass or
|
||||
e instanceof UnboundGenericClass or
|
||||
e instanceof UnboundGenericMethod
|
||||
) and
|
||||
s = e.getAQlClass() and
|
||||
not s = "SourceDeclarationType" and
|
||||
not s = "SourceDeclarationCallable" and
|
||||
not s = "SourceDeclarationMethod" and
|
||||
not s = "NonConstructedMethod" and
|
||||
not s = "RuntimeInstanceMethod"
|
||||
select b, e, s
|
||||
|
||||
@@ -3,7 +3,8 @@ import semmle.code.csharp.commons.Disposal
|
||||
import Whitelist
|
||||
|
||||
from CIL::Field field
|
||||
where mayBeDisposed(field)
|
||||
and field.getName().charAt(0) = "_" // Filter the results a little
|
||||
and not whitelistedType(field.getDeclaringType())
|
||||
where
|
||||
mayBeDisposed(field) and
|
||||
field.getName().charAt(0) = "_" and // Filter the results a little
|
||||
not whitelistedType(field.getDeclaringType())
|
||||
select field.getQualifiedName()
|
||||
|
||||
@@ -3,7 +3,8 @@ import semmle.code.csharp.commons.Disposal
|
||||
import Whitelist
|
||||
|
||||
from DotNet::Callable c, DotNet::Parameter param, int p
|
||||
where mayBeDisposed(param)
|
||||
and param = c.getParameter(p)
|
||||
and not whitelistedType(c.getDeclaringType())
|
||||
where
|
||||
mayBeDisposed(param) and
|
||||
param = c.getParameter(p) and
|
||||
not whitelistedType(c.getDeclaringType())
|
||||
select c.toStringWithTypes(), p
|
||||
|
||||
@@ -2,6 +2,7 @@ import semmle.code.csharp.commons.Disposal
|
||||
import csharp
|
||||
|
||||
from Variable v
|
||||
where mayBeDisposed(v)
|
||||
and v.fromSource()
|
||||
where
|
||||
mayBeDisposed(v) and
|
||||
v.fromSource()
|
||||
select v
|
||||
|
||||
@@ -3,7 +3,8 @@ import semmle.code.csharp.commons.Disposal
|
||||
import cil
|
||||
|
||||
from DotNet::Callable c, DotNet::Parameter param, int p
|
||||
where not mayBeDisposed(param)
|
||||
and param.getType().hasName("TextWriter")
|
||||
and param = c.getParameter(p)
|
||||
where
|
||||
not mayBeDisposed(param) and
|
||||
param.getType().hasName("TextWriter") and
|
||||
param = c.getParameter(p)
|
||||
select c.toStringWithTypes(), p
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Callable f
|
||||
where f.getName().matches("cc_") // cc1, cc2, ...
|
||||
and f.fromSource()
|
||||
where
|
||||
f.getName().matches("cc_") and // cc1, cc2, ...
|
||||
f.fromSource()
|
||||
select f, f.getCyclomaticComplexity()
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
/**
|
||||
* @name Test for constructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where count(Constructor c | c.getName() = "Class") = 3
|
||||
select 1
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
/**
|
||||
* @name Test for static constructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where count(StaticConstructor c | c.getName() = "Class") = 1
|
||||
select 1
|
||||
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
/**
|
||||
* @name Test for constructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
from Constructor c
|
||||
where c.getNumberOfParameters() = 1
|
||||
and c.getParameter(0).getName() = "i"
|
||||
and c.getParameter(0).getType() instanceof IntType
|
||||
and c.fromSource()
|
||||
where
|
||||
c.getNumberOfParameters() = 1 and
|
||||
c.getParameter(0).getName() = "i" and
|
||||
c.getParameter(0).getType() instanceof IntType and
|
||||
c.fromSource()
|
||||
select c, c.getAParameter()
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
/**
|
||||
* @name Test for constructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where forall(StaticConstructor c | c.hasNoParameters())
|
||||
select 1
|
||||
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
/**
|
||||
* @name Test for destructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
from Destructor c
|
||||
where c.getDeclaringType().getName() = "Class"
|
||||
and c.getDeclaringType().getNamespace().getQualifiedName() = "Constructors"
|
||||
where
|
||||
c.getDeclaringType().getName() = "Class" and
|
||||
c.getDeclaringType().getNamespace().getQualifiedName() = "Constructors"
|
||||
select c, c.getDeclaringType().getQualifiedName()
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
/**
|
||||
* @name Test for destructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where forex(Type t | count(Destructor d | d.getDeclaringType() = t) <= 1)
|
||||
select 1
|
||||
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
/**
|
||||
* @name Test for destructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
from Destructor d, ValueOrRefType t
|
||||
where t = d.getDeclaringType()
|
||||
and not t instanceof ConstructedGeneric
|
||||
and not t instanceof UnboundGenericType
|
||||
and d.getName() != "~" + t.getName()
|
||||
where
|
||||
t = d.getDeclaringType() and
|
||||
not t instanceof ConstructedGeneric and
|
||||
not t instanceof UnboundGenericType and
|
||||
d.getName() != "~" + t.getName()
|
||||
select t, d
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
/**
|
||||
* @name Test for destructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where forex(Destructor d | d.hasNoParameters())
|
||||
select 1
|
||||
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
/**
|
||||
* @name Test for destructors
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
where forex(Stmt s | exists(Destructor d | d.getBody().getAChild() = s) |
|
||||
s instanceof LocalVariableDeclStmt)
|
||||
where
|
||||
forex(Stmt s | exists(Destructor d | d.getBody().getAChild() = s) |
|
||||
s instanceof LocalVariableDeclStmt
|
||||
)
|
||||
select 1
|
||||
|
||||
|
||||
@@ -2,7 +2,4 @@ import csharp
|
||||
import Common
|
||||
|
||||
from SourceBasicBlock bb
|
||||
select
|
||||
bb.getFirstNode(),
|
||||
bb.getLastNode(),
|
||||
bb.length()
|
||||
select bb.getFirstNode(), bb.getLastNode(), bb.length()
|
||||
|
||||
@@ -1,25 +1,15 @@
|
||||
import csharp
|
||||
|
||||
class StubFile extends File {
|
||||
StubFile() {
|
||||
this.getAbsolutePath().matches("%resources/stubs/%")
|
||||
}
|
||||
}
|
||||
class StubFile extends File { StubFile() { this.getAbsolutePath().matches("%resources/stubs/%") } }
|
||||
|
||||
class SourceControlFlowElement extends ControlFlowElement {
|
||||
SourceControlFlowElement() {
|
||||
not this.getLocation().getFile() instanceof StubFile
|
||||
}
|
||||
SourceControlFlowElement() { not this.getLocation().getFile() instanceof StubFile }
|
||||
}
|
||||
|
||||
class SourceControlFlowNode extends ControlFlow::Node {
|
||||
SourceControlFlowNode() {
|
||||
not this.getLocation().getFile() instanceof StubFile
|
||||
}
|
||||
SourceControlFlowNode() { not this.getLocation().getFile() instanceof StubFile }
|
||||
}
|
||||
|
||||
class SourceBasicBlock extends ControlFlow::BasicBlock {
|
||||
SourceBasicBlock() {
|
||||
not this.getLocation().getFile() instanceof StubFile
|
||||
}
|
||||
SourceBasicBlock() { not this.getLocation().getFile() instanceof StubFile }
|
||||
}
|
||||
|
||||
@@ -2,5 +2,6 @@ import csharp
|
||||
import ControlFlow
|
||||
|
||||
from BasicBlocks::ConditionBlock cb, BasicBlock controlled, boolean testIsTrue
|
||||
where cb.controls(controlled,any(SuccessorTypes::ConditionalSuccessor s | testIsTrue = s.getValue()))
|
||||
where
|
||||
cb.controls(controlled, any(SuccessorTypes::ConditionalSuccessor s | testIsTrue = s.getValue()))
|
||||
select cb.getLastNode(), controlled.getFirstNode(), testIsTrue
|
||||
|
||||
@@ -1,14 +1,15 @@
|
||||
import csharp
|
||||
|
||||
ControlFlow::Node successor(ControlFlow::Node node, boolean kind) {
|
||||
(kind = true and result = node.getATrueSuccessor()) or
|
||||
(kind = true and result = node.getATrueSuccessor())
|
||||
or
|
||||
(kind = false and result = node.getAFalseSuccessor())
|
||||
}
|
||||
|
||||
from ControlFlow::Node node, ControlFlow::Node successor, Location nl, Location sl, boolean kind
|
||||
where successor = successor(node, kind)
|
||||
and nl = node.getLocation()
|
||||
and sl = successor.getLocation()
|
||||
select
|
||||
nl.getStartLine(), nl.getStartColumn(), node, kind,
|
||||
sl.getStartLine(), sl.getStartColumn(), successor
|
||||
where
|
||||
successor = successor(node, kind) and
|
||||
nl = node.getLocation() and
|
||||
sl = successor.getLocation()
|
||||
select nl.getStartLine(), nl.getStartColumn(), node, kind, sl.getStartLine(), sl.getStartColumn(),
|
||||
successor
|
||||
|
||||
@@ -1,9 +1,12 @@
|
||||
import csharp
|
||||
import Common
|
||||
|
||||
query predicate edges(SourceControlFlowElement node, SourceControlFlowElement successor, string attr, string val) {
|
||||
query predicate edges(
|
||||
SourceControlFlowElement node, SourceControlFlowElement successor, string attr, string val
|
||||
) {
|
||||
exists(ControlFlow::SuccessorType t |
|
||||
successor = node.getAControlFlowNode().getASuccessorByType(t).getElement() |
|
||||
successor = node.getAControlFlowNode().getASuccessorByType(t).getElement()
|
||||
|
|
||||
attr = "semmle.label" and
|
||||
val = t.toString()
|
||||
)
|
||||
|
||||
@@ -6,14 +6,13 @@ import Nodes
|
||||
class MyFinallySplitControlFlowNode extends ElementNode {
|
||||
MyFinallySplitControlFlowNode() {
|
||||
exists(FinallySplitting::FinallySplitType type |
|
||||
type = this.getASplit().(FinallySplit).getType() |
|
||||
type = this.getASplit().(FinallySplit).getType()
|
||||
|
|
||||
not type instanceof SuccessorTypes::NormalSuccessor
|
||||
)
|
||||
}
|
||||
|
||||
TryStmt getTryStmt() {
|
||||
this.getElement() = FinallySplitting::getAFinallyDescendant(result)
|
||||
}
|
||||
TryStmt getTryStmt() { this.getElement() = FinallySplitting::getAFinallyDescendant(result) }
|
||||
}
|
||||
|
||||
from MyFinallySplitControlFlowNode f
|
||||
|
||||
@@ -1,9 +1,10 @@
|
||||
import csharp
|
||||
import Common
|
||||
|
||||
query predicate edges(SourceControlFlowNode node, SourceControlFlowNode successor, string attr, string val) {
|
||||
exists(ControlFlow::SuccessorType t |
|
||||
successor = node.getASuccessorByType(t) |
|
||||
query predicate edges(
|
||||
SourceControlFlowNode node, SourceControlFlowNode successor, string attr, string val
|
||||
) {
|
||||
exists(ControlFlow::SuccessorType t | successor = node.getASuccessorByType(t) |
|
||||
attr = "semmle.label" and
|
||||
val = t.toString()
|
||||
)
|
||||
|
||||
@@ -2,9 +2,7 @@ import csharp
|
||||
import ControlFlow::Internal::PreBasicBlocks
|
||||
|
||||
predicate bbStartInconsistency(ControlFlowElement cfe) {
|
||||
exists(ControlFlow::BasicBlock bb |
|
||||
bb.getFirstNode() = cfe.getAControlFlowNode()
|
||||
) and
|
||||
exists(ControlFlow::BasicBlock bb | bb.getFirstNode() = cfe.getAControlFlowNode()) and
|
||||
not cfe = any(PreBasicBlock bb).getFirstElement()
|
||||
}
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@ import csharp
|
||||
import semmle.code.csharp.controlflow.Guards
|
||||
|
||||
from GuardedExpr ge, Expr e, AbstractValues::MatchValue v, boolean match
|
||||
where e = ge.getAGuard(e, v)
|
||||
and if v.isMatch() then match = true else match = false
|
||||
where
|
||||
e = ge.getAGuard(e, v) and
|
||||
if v.isMatch() then match = true else match = false
|
||||
select ge, e, v.getCaseStmt(), match
|
||||
|
||||
@@ -3,21 +3,22 @@ import semmle.code.csharp.Conversion
|
||||
// Avoid printing conversions for type parameters from library
|
||||
class LibraryTypeParameter extends TypeParameter {
|
||||
LibraryTypeParameter() { fromLibrary() }
|
||||
|
||||
override string toString() { none() }
|
||||
}
|
||||
|
||||
class InterestingType extends Type {
|
||||
InterestingType() {
|
||||
this.fromSource()
|
||||
or this instanceof CharType
|
||||
or this instanceof BoolType
|
||||
or this instanceof IntType
|
||||
or this.(NullableType).getUnderlyingType() instanceof IntType
|
||||
this.fromSource() or
|
||||
this instanceof CharType or
|
||||
this instanceof BoolType or
|
||||
this instanceof IntType or
|
||||
this.(NullableType).getUnderlyingType() instanceof IntType
|
||||
}
|
||||
}
|
||||
|
||||
from InterestingType sub, Type sup
|
||||
where convBoxing(sub, sup)
|
||||
and sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2
|
||||
order by s1, s2
|
||||
where
|
||||
convBoxing(sub, sup) and
|
||||
sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2 order by s1, s2
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import semmle.code.csharp.Conversion
|
||||
|
||||
from Type sub, Type sup
|
||||
where convIdentity(sub, sup)
|
||||
and sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2
|
||||
order by s1, s2
|
||||
where
|
||||
convIdentity(sub, sup) and
|
||||
sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2 order by s1, s2
|
||||
|
||||
@@ -2,14 +2,14 @@ import semmle.code.csharp.Conversion
|
||||
|
||||
class InterestingType extends Type {
|
||||
InterestingType() {
|
||||
this instanceof IntegralType
|
||||
or this instanceof CharType
|
||||
or this.(NullableType).getUnderlyingType() instanceof InterestingType
|
||||
this instanceof IntegralType or
|
||||
this instanceof CharType or
|
||||
this.(NullableType).getUnderlyingType() instanceof InterestingType
|
||||
}
|
||||
}
|
||||
|
||||
from InterestingType sub, Type sup
|
||||
where convNullableType(sub, sup)
|
||||
and sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2
|
||||
order by s1, s2
|
||||
where
|
||||
convNullableType(sub, sup) and
|
||||
sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2 order by s1, s2
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import semmle.code.csharp.Conversion
|
||||
|
||||
from Type sub, Type sup
|
||||
where convNumeric(sub, sup)
|
||||
and sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2
|
||||
order by s1, s2
|
||||
where
|
||||
convNumeric(sub, sup) and
|
||||
sub != sup
|
||||
select sub.toString() as s1, sup.toString() as s2 order by s1, s2
|
||||
|
||||
@@ -1,13 +1,16 @@
|
||||
import semmle.code.csharp.Conversion
|
||||
|
||||
from Type sub, Type sup, string s1, string s2
|
||||
where convConversionOperator(sub, sup)
|
||||
and sub != sup
|
||||
and s1 = sub.toString()
|
||||
and s2 = sup.toString()
|
||||
/* Remove certain results to make the test output consistent
|
||||
* between different versions of .NET Core. */
|
||||
and s2 != "FormatParam"
|
||||
and s2 != "StringOrCharArray"
|
||||
select s1, s2
|
||||
order by s1, s2
|
||||
where
|
||||
convConversionOperator(sub, sup) and
|
||||
sub != sup and
|
||||
s1 = sub.toString() and
|
||||
s2 = sup.toString() and
|
||||
/*
|
||||
* Remove certain results to make the test output consistent
|
||||
* between different versions of .NET Core.
|
||||
*/
|
||||
|
||||
s2 != "FormatParam" and
|
||||
s2 != "StringOrCharArray"
|
||||
select s1, s2 order by s1, s2
|
||||
|
||||
@@ -3,30 +3,34 @@ import semmle.code.csharp.Conversion
|
||||
// Avoid printing conversions for type parameters from library
|
||||
class LibraryTypeParameter extends TypeParameter {
|
||||
LibraryTypeParameter() { fromLibrary() }
|
||||
|
||||
override string toString() { none() }
|
||||
}
|
||||
|
||||
// Restrict the results
|
||||
class InterestingType extends Type {
|
||||
InterestingType() {
|
||||
this.fromSource()
|
||||
or this instanceof NullType
|
||||
or this instanceof DynamicType
|
||||
or this instanceof ObjectType
|
||||
or this instanceof IntegralType
|
||||
or this.(ConstructedType).getATypeArgument().fromSource()
|
||||
or this.(ArrayType).getElementType() instanceof InterestingType
|
||||
this.fromSource() or
|
||||
this instanceof NullType or
|
||||
this instanceof DynamicType or
|
||||
this instanceof ObjectType or
|
||||
this instanceof IntegralType or
|
||||
this.(ConstructedType).getATypeArgument().fromSource() or
|
||||
this.(ArrayType).getElementType() instanceof InterestingType
|
||||
}
|
||||
}
|
||||
|
||||
from InterestingType sub, InterestingType sup, string s1, string s2
|
||||
where convRefType(sub, sup)
|
||||
and sub != sup
|
||||
and s1 = sub.toString()
|
||||
and s2 = sup.toString()
|
||||
/* Remove certain results to make the test output consistent
|
||||
* between different versions of .NET Core. */
|
||||
and s1 != "UInt16[]"
|
||||
and s2 != "UInt16[]"
|
||||
select s1, s2
|
||||
order by s1, s2
|
||||
where
|
||||
convRefType(sub, sup) and
|
||||
sub != sup and
|
||||
s1 = sub.toString() and
|
||||
s2 = sup.toString() and
|
||||
/*
|
||||
* Remove certain results to make the test output consistent
|
||||
* between different versions of .NET Core.
|
||||
*/
|
||||
|
||||
s1 != "UInt16[]" and
|
||||
s2 != "UInt16[]"
|
||||
select s1, s2 order by s1, s2
|
||||
|
||||
@@ -5,6 +5,8 @@
|
||||
import csharp
|
||||
|
||||
from MemberAccess ma, string conditional
|
||||
where (ma.isConditional() and conditional="Conditional")
|
||||
or (not ma.isConditional() and conditional="Unconditional")
|
||||
where
|
||||
(ma.isConditional() and conditional = "Conditional")
|
||||
or
|
||||
(not ma.isConditional() and conditional = "Unconditional")
|
||||
select ma, ma.getQualifier(), conditional
|
||||
|
||||
@@ -5,6 +5,8 @@
|
||||
import csharp
|
||||
|
||||
from MethodCall mc, string conditional
|
||||
where (mc.isConditional() and conditional="Conditional")
|
||||
or (not mc.isConditional() and conditional="Unconditional")
|
||||
where
|
||||
(mc.isConditional() and conditional = "Conditional")
|
||||
or
|
||||
(not mc.isConditional() and conditional = "Unconditional")
|
||||
select mc, mc.getQualifier(), conditional
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Parameter p
|
||||
where p.fromSource()
|
||||
and p.isIn()
|
||||
where
|
||||
p.fromSource() and
|
||||
p.isIn()
|
||||
select p
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import csharp
|
||||
|
||||
from Modifiable m
|
||||
where m.fromSource()
|
||||
and m.isPrivate()
|
||||
and m.isProtected()
|
||||
where
|
||||
m.fromSource() and
|
||||
m.isPrivate() and
|
||||
m.isProtected()
|
||||
select m
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Struct s
|
||||
where s.fromSource()
|
||||
and s.isReadonly()
|
||||
where
|
||||
s.fromSource() and
|
||||
s.isReadonly()
|
||||
select s
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from DelegateType del
|
||||
where del.fromSource()
|
||||
and del.returnsRefReadonly()
|
||||
where
|
||||
del.fromSource() and
|
||||
del.returnsRefReadonly()
|
||||
select del
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Callable c
|
||||
where c.fromSource()
|
||||
and c.returnsRefReadonly()
|
||||
where
|
||||
c.fromSource() and
|
||||
c.returnsRefReadonly()
|
||||
select c
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Struct s
|
||||
where s.fromSource()
|
||||
and s.isRef()
|
||||
where
|
||||
s.fromSource() and
|
||||
s.isRef()
|
||||
select s
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from LocalVariableAccess a, string access
|
||||
where a.getEnclosingCallable().getDeclaringType().hasName("OutVariables")
|
||||
and if a instanceof LocalVariableRead then access="read" else access="write"
|
||||
where
|
||||
a.getEnclosingCallable().getDeclaringType().hasName("OutVariables") and
|
||||
if a instanceof LocalVariableRead then access = "read" else access = "write"
|
||||
select a, access
|
||||
|
||||
@@ -2,4 +2,3 @@ import csharp
|
||||
|
||||
from ConstructedLocalFunction generic
|
||||
select generic, generic.toStringWithTypes(), generic.getUnboundGeneric().toStringWithTypes()
|
||||
|
||||
|
||||
@@ -1,9 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from
|
||||
AssignableDefinition def,
|
||||
AssignableRead read,
|
||||
Ssa::Definition ssaDef
|
||||
where ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition() = def
|
||||
and read = ssaDef.getARead()
|
||||
from AssignableDefinition def, AssignableRead read, Ssa::Definition ssaDef
|
||||
where
|
||||
ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition() = def and
|
||||
read = ssaDef.getARead()
|
||||
select def, read
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from ForeachStmt stmt, int i
|
||||
select stmt, i, stmt.getVariableDeclExpr(i), stmt.getVariable(i), stmt.getIterableExpr(), stmt.getBody()
|
||||
select stmt, i, stmt.getVariableDeclExpr(i), stmt.getVariable(i), stmt.getIterableExpr(),
|
||||
stmt.getBody()
|
||||
|
||||
@@ -1,8 +1,7 @@
|
||||
import csharp
|
||||
|
||||
class DataflowConfiguration extends DataFlow::Configuration
|
||||
{
|
||||
DataflowConfiguration() { this="data flow configuration" }
|
||||
class DataflowConfiguration extends DataFlow::Configuration {
|
||||
DataflowConfiguration() { this = "data flow configuration" }
|
||||
|
||||
override predicate isSource(DataFlow::Node source) {
|
||||
source.asExpr().(Expr).getValue() = "tainted"
|
||||
|
||||
@@ -1,8 +1,7 @@
|
||||
import csharp
|
||||
|
||||
class DataflowConfiguration extends TaintTracking::Configuration
|
||||
{
|
||||
DataflowConfiguration() { this="taint tracking configuration" }
|
||||
class DataflowConfiguration extends TaintTracking::Configuration {
|
||||
DataflowConfiguration() { this = "taint tracking configuration" }
|
||||
|
||||
override predicate isSource(DataFlow::Node source) {
|
||||
source.asExpr().(Expr).getValue() = "tainted"
|
||||
|
||||
@@ -2,7 +2,8 @@ import csharp
|
||||
|
||||
query predicate edges(ControlFlow::Node n1, ControlFlow::Node n2, string attr, string val) {
|
||||
exists(SwitchStmt switch, ControlFlow::SuccessorType t |
|
||||
switch.getAControlFlowNode().getASuccessor*()=n1 |
|
||||
switch.getAControlFlowNode().getASuccessor*() = n1
|
||||
|
|
||||
n2 = n1.getASuccessorByType(t) and
|
||||
attr = "semmle.label" and
|
||||
val = t.toString()
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from IsPatternExpr e, boolean isVar
|
||||
where
|
||||
if e.getVariableDeclExpr().isImplicitlyTyped()
|
||||
then isVar=true
|
||||
else isVar=false
|
||||
where if e.getVariableDeclExpr().isImplicitlyTyped() then isVar = true else isVar = false
|
||||
select e, e.getTypeAccess(), e.getCheckedType().toString(), e.getVariableDeclExpr(), isVar
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Literal l, Class c
|
||||
where c.hasName("Literals")
|
||||
and l = c.getAField().getInitializer()
|
||||
where
|
||||
c.hasName("Literals") and
|
||||
l = c.getAField().getInitializer()
|
||||
select l, l.getValue()
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from LocalFunction fn
|
||||
select fn, fn.getName(), fn.getReturnType().toString(), fn.getParent(), fn.getStatement(), fn.toStringWithTypes()
|
||||
select fn, fn.getName(), fn.getReturnType().toString(), fn.getParent(), fn.getStatement(),
|
||||
fn.toStringWithTypes()
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Callable f
|
||||
where f.returnsRef()
|
||||
and f.fromSource()
|
||||
where
|
||||
f.returnsRef() and
|
||||
f.fromSource()
|
||||
select f
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
|
||||
import csharp
|
||||
import semmle.code.csharp.dataflow.TaintTracking
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from TupleExpr e, string access
|
||||
where if e.isReadAccess() then access="read" else access="write"
|
||||
where if e.isReadAccess() then access = "read" else access = "write"
|
||||
select e, access
|
||||
|
||||
@@ -2,4 +2,5 @@ import csharp
|
||||
|
||||
from TupleType tt, int i
|
||||
where tt.getAnElement().fromSource()
|
||||
select tt.getName(), tt.toStringWithTypes(), tt.getUnderlyingType().toStringWithTypes(), tt.getArity(), i, tt.getElement(i)
|
||||
select tt.getName(), tt.toStringWithTypes(), tt.getUnderlyingType().toStringWithTypes(),
|
||||
tt.getArity(), i, tt.getElement(i)
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import csharp
|
||||
|
||||
from TypeCase c, boolean isVar
|
||||
where
|
||||
if c.getVariableDeclExpr().isImplicitlyTyped()
|
||||
then isVar=true
|
||||
else isVar=false
|
||||
where if c.getVariableDeclExpr().isImplicitlyTyped() then isVar = true else isVar = false
|
||||
select c, c.getVariableDeclExpr(), c.getTypeAccess(), c.getCheckedType().toString(), isVar
|
||||
|
||||
@@ -3,9 +3,7 @@ import semmle.code.csharp.dataflow.DefUse
|
||||
import semmle.code.csharp.controlflow.Guards
|
||||
|
||||
class Configuration extends DataFlow::Configuration {
|
||||
Configuration() {
|
||||
this = "Configuration"
|
||||
}
|
||||
Configuration() { this = "Configuration" }
|
||||
|
||||
override predicate isSource(DataFlow::Node source) { any() }
|
||||
|
||||
@@ -29,7 +27,10 @@ predicate flowOutFromParameter(DataFlow::Configuration c, Parameter p) {
|
||||
}
|
||||
|
||||
predicate flowOutFromParameterOutOrRef(DataFlow::Configuration c, Parameter p, int outRef) {
|
||||
exists(DataFlow::ExprNode ne, Ssa::ExplicitDefinition def, DataFlow::ParameterNode np, Parameter outRefParameter |
|
||||
exists(
|
||||
DataFlow::ExprNode ne, Ssa::ExplicitDefinition def, DataFlow::ParameterNode np,
|
||||
Parameter outRefParameter
|
||||
|
|
||||
outRefParameter.isOutOrRef() and
|
||||
np.getParameter() = p and
|
||||
ne.getExpr() = def.getADefinition().getSource() and
|
||||
|
||||
@@ -2,6 +2,8 @@ import csharp
|
||||
import Common
|
||||
|
||||
from Configuration c, Parameter p, int outRefArg
|
||||
where flowOutFromParameter(c, p) and outRefArg = -1
|
||||
or flowOutFromParameterOutOrRef(c, p, outRefArg)
|
||||
where
|
||||
flowOutFromParameter(c, p) and outRefArg = -1
|
||||
or
|
||||
flowOutFromParameterOutOrRef(c, p, outRefArg)
|
||||
select p.getCallable(), p.getPosition(), outRefArg
|
||||
|
||||
@@ -3,15 +3,19 @@ import Common
|
||||
|
||||
class TaintTrackingConfiguration extends TaintTracking::Configuration {
|
||||
Configuration c;
|
||||
TaintTrackingConfiguration() {
|
||||
this = "Taint " + c
|
||||
}
|
||||
|
||||
TaintTrackingConfiguration() { this = "Taint " + c }
|
||||
|
||||
override predicate isSource(DataFlow::Node source) { c.isSource(source) }
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) { c.isSink(sink) }
|
||||
|
||||
override predicate isSanitizer(DataFlow::Node node) { c.isBarrier(node) }
|
||||
}
|
||||
|
||||
from TaintTrackingConfiguration c, Parameter p, int outRefArg
|
||||
where flowOutFromParameter(c, p) and outRefArg = -1
|
||||
or flowOutFromParameterOutOrRef(c, p, outRefArg)
|
||||
where
|
||||
flowOutFromParameter(c, p) and outRefArg = -1
|
||||
or
|
||||
flowOutFromParameterOutOrRef(c, p, outRefArg)
|
||||
select p.getCallable(), p.getPosition(), outRefArg
|
||||
|
||||
@@ -4,9 +4,9 @@ import csharp
|
||||
predicate defReaches(AssignableDefinition def, LocalScopeVariable v, ControlFlow::Node cfn) {
|
||||
def.getTarget() = v and cfn = def.getAControlFlowNode().getASuccessor()
|
||||
or
|
||||
exists(ControlFlow::Node mid |
|
||||
defReaches(def, v, mid) |
|
||||
not mid = any(AssignableDefinition ad | ad.getTarget() = v and ad.isCertain()).getAControlFlowNode() and
|
||||
exists(ControlFlow::Node mid | defReaches(def, v, mid) |
|
||||
not mid = any(AssignableDefinition ad | ad.getTarget() = v and ad.isCertain())
|
||||
.getAControlFlowNode() and
|
||||
cfn = mid.getASuccessor()
|
||||
)
|
||||
}
|
||||
@@ -20,14 +20,23 @@ predicate defUsePair(AssignableDefinition def, AssignableRead read) {
|
||||
|
||||
private LocalScopeVariableRead getAReachableUncertainRead(AssignableDefinition def) {
|
||||
exists(Ssa::Definition ssaDef |
|
||||
def = ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition() |
|
||||
def = ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition()
|
||||
|
|
||||
result = ssaDef.getARead()
|
||||
)
|
||||
}
|
||||
|
||||
from AssignableDefinition def, LocalScopeVariableRead read, string s
|
||||
where
|
||||
(read = getAReachableUncertainRead(def) and not defUsePair(def, read) and s = "not a def/use pair")
|
||||
(
|
||||
read = getAReachableUncertainRead(def) and
|
||||
not defUsePair(def, read) and
|
||||
s = "not a def/use pair"
|
||||
)
|
||||
or
|
||||
(defUsePair(def, read) and not read = getAReachableUncertainRead(def) and s = "missing def/use pair")
|
||||
(
|
||||
defUsePair(def, read) and
|
||||
not read = getAReachableUncertainRead(def) and
|
||||
s = "missing def/use pair"
|
||||
)
|
||||
select def, read, s
|
||||
|
||||
@@ -4,9 +4,9 @@ import csharp
|
||||
predicate parameterReaches(Parameter p, ControlFlow::Node cfn) {
|
||||
cfn = p.getCallable().getEntryPoint().getASuccessor()
|
||||
or
|
||||
exists(ControlFlow::Node mid |
|
||||
parameterReaches(p, mid) |
|
||||
not mid = any(AssignableDefinition ad | ad.getTarget() = p and ad.isCertain()).getAControlFlowNode() and
|
||||
exists(ControlFlow::Node mid | parameterReaches(p, mid) |
|
||||
not mid = any(AssignableDefinition ad | ad.getTarget() = p and ad.isCertain())
|
||||
.getAControlFlowNode() and
|
||||
cfn = mid.getASuccessor()
|
||||
)
|
||||
}
|
||||
@@ -16,16 +16,27 @@ predicate parameterUsePair(Parameter p, AssignableRead read) {
|
||||
read.getTarget() = p
|
||||
}
|
||||
|
||||
private LocalScopeVariableRead getAReachableUncertainRead(AssignableDefinitions::ImplicitParameterDefinition p) {
|
||||
private LocalScopeVariableRead getAReachableUncertainRead(
|
||||
AssignableDefinitions::ImplicitParameterDefinition p
|
||||
) {
|
||||
exists(Ssa::Definition ssaDef |
|
||||
p = ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition() |
|
||||
p = ssaDef.getAnUltimateDefinition().(Ssa::ExplicitDefinition).getADefinition()
|
||||
|
|
||||
result = ssaDef.getARead()
|
||||
)
|
||||
}
|
||||
|
||||
from AssignableDefinitions::ImplicitParameterDefinition p, AssignableRead read, string s
|
||||
where
|
||||
(read = getAReachableUncertainRead(p) and not parameterUsePair(p.getParameter(), read) and s = "not a param/use pair")
|
||||
(
|
||||
read = getAReachableUncertainRead(p) and
|
||||
not parameterUsePair(p.getParameter(), read) and
|
||||
s = "not a param/use pair"
|
||||
)
|
||||
or
|
||||
(parameterUsePair(p.getParameter(), read) and not read = getAReachableUncertainRead(p) and s = "missing param/use pair")
|
||||
(
|
||||
parameterUsePair(p.getParameter(), read) and
|
||||
not read = getAReachableUncertainRead(p) and
|
||||
s = "missing param/use pair"
|
||||
)
|
||||
select p, read, s
|
||||
|
||||
@@ -4,9 +4,9 @@ import csharp
|
||||
predicate useReaches(LocalScopeVariableRead read, LocalScopeVariable v, ControlFlow::Node cfn) {
|
||||
read.getTarget() = v and cfn = read.getAControlFlowNode().getASuccessor()
|
||||
or
|
||||
exists(ControlFlow::Node mid |
|
||||
useReaches(read, v, mid) |
|
||||
not mid = any(AssignableDefinition ad | ad.getTarget() = v and ad.isCertain()).getAControlFlowNode() and
|
||||
exists(ControlFlow::Node mid | useReaches(read, v, mid) |
|
||||
not mid = any(AssignableDefinition ad | ad.getTarget() = v and ad.isCertain())
|
||||
.getAControlFlowNode() and
|
||||
cfn = mid.getASuccessor()
|
||||
)
|
||||
}
|
||||
@@ -23,23 +23,29 @@ private newtype TLocalScopeVariableReadOrSsaDef =
|
||||
TSsaDefinition(Ssa::Definition ssaDef)
|
||||
|
||||
private TLocalScopeVariableReadOrSsaDef getANextReadOrDef(TLocalScopeVariableReadOrSsaDef prev) {
|
||||
exists(LocalScopeVariableRead read |
|
||||
prev = TLocalScopeVariableRead(read) |
|
||||
exists(LocalScopeVariableRead read | prev = TLocalScopeVariableRead(read) |
|
||||
result = TLocalScopeVariableRead(read.getANextRead())
|
||||
or
|
||||
not exists(read.getANextRead()) and
|
||||
exists(Ssa::Definition ssaDef, Ssa::PseudoDefinition pseudoDef, ControlFlow::Node cfn, ControlFlow::BasicBlock bb, int i |
|
||||
ssaDef.getARead() = read |
|
||||
exists(
|
||||
Ssa::Definition ssaDef, Ssa::PseudoDefinition pseudoDef, ControlFlow::Node cfn,
|
||||
ControlFlow::BasicBlock bb, int i
|
||||
|
|
||||
ssaDef.getARead() = read
|
||||
|
|
||||
pseudoDef.getAnInput() = ssaDef and
|
||||
pseudoDef.definesAt(bb, i) and
|
||||
cfn = read.getAReachableElement().getAControlFlowNode() and
|
||||
(cfn = bb.getNode(i) or cfn = bb.getFirstNode() and i < 0) and
|
||||
(
|
||||
cfn = bb.getNode(i)
|
||||
or
|
||||
cfn = bb.getFirstNode() and i < 0
|
||||
) and
|
||||
result = TSsaDefinition(pseudoDef)
|
||||
)
|
||||
)
|
||||
or
|
||||
exists(Ssa::Definition ssaDef |
|
||||
prev = TSsaDefinition(ssaDef) |
|
||||
exists(Ssa::Definition ssaDef | prev = TSsaDefinition(ssaDef) |
|
||||
result = TLocalScopeVariableRead(ssaDef.getAFirstRead())
|
||||
or
|
||||
not exists(ssaDef.getAFirstRead()) and
|
||||
|
||||
@@ -10,8 +10,7 @@ class Config extends DataFlow::Configuration {
|
||||
}
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) {
|
||||
sink.asExpr() instanceof Access
|
||||
and
|
||||
sink.asExpr() instanceof Access and
|
||||
exists(MethodCall mc |
|
||||
mc.getTarget().getName() = "Check" and
|
||||
mc.getAnArgument() = sink.asExpr().getParent*()
|
||||
|
||||
@@ -2,7 +2,7 @@ import csharp
|
||||
import Common
|
||||
|
||||
from Config c, DataFlow::Node source, DataFlow::Node sink, string s
|
||||
where c.hasFlow(source, sink)
|
||||
and s = sink.toString()
|
||||
select s
|
||||
order by s asc
|
||||
where
|
||||
c.hasFlow(source, sink) and
|
||||
s = sink.toString()
|
||||
select s order by s
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
/**
|
||||
* @kind path-problem
|
||||
*/
|
||||
|
||||
import csharp
|
||||
import Common
|
||||
import DataFlow::PathGraph
|
||||
|
||||
from Config c, DataFlow::PathNode source, DataFlow::PathNode sink, string s
|
||||
where c.hasFlowPath(source, sink)
|
||||
and s = sink.toString()
|
||||
select sink, s, source, sink
|
||||
order by s asc
|
||||
where
|
||||
c.hasFlowPath(source, sink) and
|
||||
s = sink.toString()
|
||||
select sink, s, source, sink order by s
|
||||
|
||||
@@ -3,21 +3,16 @@ import Common
|
||||
|
||||
class TTConfig extends TaintTracking::Configuration {
|
||||
Config c;
|
||||
TTConfig() {
|
||||
this = c
|
||||
}
|
||||
|
||||
override predicate isSource(DataFlow::Node source) {
|
||||
c.isSource(source)
|
||||
}
|
||||
TTConfig() { this = c }
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) {
|
||||
c.isSink(sink)
|
||||
}
|
||||
override predicate isSource(DataFlow::Node source) { c.isSource(source) }
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) { c.isSink(sink) }
|
||||
}
|
||||
|
||||
from TTConfig c, DataFlow::Node source, DataFlow::Node sink, string s
|
||||
where c.hasFlow(source, sink)
|
||||
and s = sink.toString()
|
||||
select s
|
||||
order by s asc
|
||||
where
|
||||
c.hasFlow(source, sink) and
|
||||
s = sink.toString()
|
||||
select s order by s
|
||||
|
||||
@@ -1,27 +1,23 @@
|
||||
/**
|
||||
* @kind path-problem
|
||||
*/
|
||||
|
||||
import csharp
|
||||
import Common
|
||||
import DataFlow::PathGraph
|
||||
|
||||
class TTConfig extends TaintTracking::Configuration {
|
||||
Config c;
|
||||
TTConfig() {
|
||||
this = c
|
||||
}
|
||||
|
||||
override predicate isSource(DataFlow::Node source) {
|
||||
c.isSource(source)
|
||||
}
|
||||
TTConfig() { this = c }
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) {
|
||||
c.isSink(sink)
|
||||
}
|
||||
override predicate isSource(DataFlow::Node source) { c.isSource(source) }
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) { c.isSink(sink) }
|
||||
}
|
||||
|
||||
from TTConfig c, DataFlow::PathNode source, DataFlow::PathNode sink, string s
|
||||
where c.hasFlowPath(source, sink)
|
||||
and s = sink.toString()
|
||||
select sink, s, source, sink
|
||||
order by s asc
|
||||
where
|
||||
c.hasFlowPath(source, sink) and
|
||||
s = sink.toString()
|
||||
select sink, s, source, sink order by s
|
||||
|
||||
@@ -11,8 +11,12 @@ predicate callableFlow(string callable, string flow, boolean preservesValue) {
|
||||
}
|
||||
|
||||
from string entity, string flow, boolean preservesValue
|
||||
where callableFlow(entity, flow, preservesValue)
|
||||
/* Remove certain results to make the test output consistent
|
||||
* between different versions of .NET Core. */
|
||||
and not entity = "System.IO.FileStream.CopyToAsync(Stream, int, CancellationToken)"
|
||||
where
|
||||
callableFlow(entity, flow, preservesValue) and
|
||||
/*
|
||||
* Remove certain results to make the test output consistent
|
||||
* between different versions of .NET Core.
|
||||
*/
|
||||
|
||||
not entity = "System.IO.FileStream.CopyToAsync(Stream, int, CancellationToken)"
|
||||
select entity, flow, preservesValue
|
||||
|
||||
@@ -2,8 +2,7 @@ import csharp
|
||||
|
||||
class MyFlowSource extends DataFlow::Node {
|
||||
MyFlowSource() {
|
||||
exists(Expr e |
|
||||
e = this.asExpr() |
|
||||
exists(Expr e | e = this.asExpr() |
|
||||
e.(StringLiteral).getValue() = "taint source" or
|
||||
e.(VariableAccess).getTarget().hasName("taintedDataContract") or
|
||||
e.(VariableAccess).getTarget().hasName("taintedHttpRequest") or
|
||||
@@ -12,8 +11,7 @@ class MyFlowSource extends DataFlow::Node {
|
||||
or
|
||||
this.asParameter().hasName("tainted")
|
||||
or
|
||||
exists(Expr e |
|
||||
e = this.(DataFlow::Internal::ImplicitDelegateCallNode).getArgument() |
|
||||
exists(Expr e | e = this.(DataFlow::Internal::ImplicitDelegateCallNode).getArgument() |
|
||||
e.(DelegateCreation).getArgument().(MethodAccess).getTarget().hasName("TaintedMethod") or
|
||||
e.(LambdaExpr).getExpressionBody().(StringLiteral).getValue() = "taint source"
|
||||
)
|
||||
|
||||
@@ -6,5 +6,4 @@ where
|
||||
DataFlow::localFlowStep+(source, DataFlow::exprNode(target)) and
|
||||
exists(MethodCall mc | mc.getTarget().getName() = "Check" and mc.getAnArgument() = target) and
|
||||
s = target.toString()
|
||||
select s
|
||||
order by s asc
|
||||
select s order by s
|
||||
|
||||
@@ -6,5 +6,4 @@ where
|
||||
TaintTracking::localTaintStep+(source, DataFlow::exprNode(sink)) and
|
||||
exists(MethodCall mc | mc.getTarget().getName() = "Check" and mc.getAnArgument() = sink) and
|
||||
s = sink.toString()
|
||||
select s
|
||||
order by s asc
|
||||
select s order by s
|
||||
|
||||
@@ -2,6 +2,8 @@ import csharp
|
||||
|
||||
from int uses, int live
|
||||
where
|
||||
uses = strictcount(Ssa::ExplicitDefinition ssa, AssignableRead read | read = ssa.getARead()) and
|
||||
live = strictcount(Ssa::ExplicitDefinition ssa, ControlFlow::BasicBlock bb | ssa.isLiveAtEndOfBlock(bb))
|
||||
uses = strictcount(Ssa::ExplicitDefinition ssa, AssignableRead read | read = ssa.getARead()) and
|
||||
live = strictcount(Ssa::ExplicitDefinition ssa, ControlFlow::BasicBlock bb |
|
||||
ssa.isLiveAtEndOfBlock(bb)
|
||||
)
|
||||
select uses, live
|
||||
|
||||
@@ -2,8 +2,9 @@ import csharp
|
||||
import semmle.code.csharp.dataflow.internal.BaseSSA
|
||||
|
||||
from AssignableRead ar, AssignableDefinition def, LocalScopeVariable v
|
||||
where ar = BaseSsa::getARead(def, v)
|
||||
and not exists(Ssa::ExplicitDefinition edef |
|
||||
where
|
||||
ar = BaseSsa::getARead(def, v) and
|
||||
not exists(Ssa::ExplicitDefinition edef |
|
||||
edef.getADefinition() = def and
|
||||
edef.getARead() = ar
|
||||
)
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Ssa::SourceVariable v, Ssa::Definition def
|
||||
where v = def.getSourceVariable()
|
||||
and def.isLiveOutRefParameterDefinition(_)
|
||||
where
|
||||
v = def.getSourceVariable() and
|
||||
def.isLiveOutRefParameterDefinition(_)
|
||||
select v, def
|
||||
|
||||
@@ -1,13 +1,12 @@
|
||||
import csharp
|
||||
import ControlFlow::Internal
|
||||
|
||||
query
|
||||
predicate defReadInconsistency(AssignableRead ar, Expr e, PreSsa::SimpleAssignable a, boolean b) {
|
||||
exists(AssignableDefinition def |
|
||||
e = def.getExpr() |
|
||||
query predicate defReadInconsistency(
|
||||
AssignableRead ar, Expr e, PreSsa::SimpleAssignable a, boolean b
|
||||
) {
|
||||
exists(AssignableDefinition def | e = def.getExpr() |
|
||||
b = true and
|
||||
exists(PreSsa::Definition ssaDef |
|
||||
ssaDef.getAssignable() = a |
|
||||
exists(PreSsa::Definition ssaDef | ssaDef.getAssignable() = a |
|
||||
PreSsa::firstReadSameVar(ssaDef, ar) and
|
||||
ssaDef.getDefinition() = def and
|
||||
not exists(Ssa::ExplicitDefinition edef |
|
||||
@@ -29,8 +28,9 @@ predicate defReadInconsistency(AssignableRead ar, Expr e, PreSsa::SimpleAssignab
|
||||
)
|
||||
}
|
||||
|
||||
query
|
||||
predicate readReadInconsistency(LocalScopeVariableRead read1, LocalScopeVariableRead read2, PreSsa::SimpleAssignable a, boolean b) {
|
||||
query predicate readReadInconsistency(
|
||||
LocalScopeVariableRead read1, LocalScopeVariableRead read2, PreSsa::SimpleAssignable a, boolean b
|
||||
) {
|
||||
b = true and
|
||||
a = read1.getTarget() and
|
||||
PreSsa::adjacentReadPairSameVar(read1, read2) and
|
||||
@@ -43,17 +43,17 @@ predicate readReadInconsistency(LocalScopeVariableRead read1, LocalScopeVariable
|
||||
not PreSsa::adjacentReadPairSameVar(read1, read2)
|
||||
}
|
||||
|
||||
query
|
||||
predicate phiInconsistency(ControlFlowElement cfe, Expr e, PreSsa::SimpleAssignable a, boolean b) {
|
||||
exists(AssignableDefinition adef |
|
||||
e = adef.getExpr() |
|
||||
query predicate phiInconsistency(
|
||||
ControlFlowElement cfe, Expr e, PreSsa::SimpleAssignable a, boolean b
|
||||
) {
|
||||
exists(AssignableDefinition adef | e = adef.getExpr() |
|
||||
b = true and
|
||||
exists(PreSsa::Definition def |
|
||||
a = def.getAssignable() |
|
||||
exists(PreSsa::Definition def | a = def.getAssignable() |
|
||||
adef = def.getAPhiInput+().getDefinition() and
|
||||
cfe = def.getBasicBlock().getFirstElement() and
|
||||
not exists(Ssa::PhiNode phi, ControlFlow::BasicBlock bb, Ssa::ExplicitDefinition edef |
|
||||
edef = phi.getAnUltimateDefinition() |
|
||||
edef = phi.getAnUltimateDefinition()
|
||||
|
|
||||
edef.getADefinition() = adef and
|
||||
phi.definesAt(bb, _) and
|
||||
cfe = bb.getFirstNode().getElement()
|
||||
@@ -62,7 +62,8 @@ predicate phiInconsistency(ControlFlowElement cfe, Expr e, PreSsa::SimpleAssigna
|
||||
or
|
||||
b = false and
|
||||
exists(Ssa::PhiNode phi, ControlFlow::BasicBlock bb, Ssa::ExplicitDefinition edef |
|
||||
a = phi.getSourceVariable().getAssignable() |
|
||||
a = phi.getSourceVariable().getAssignable()
|
||||
|
|
||||
edef = phi.getAnUltimateDefinition() and
|
||||
edef.getADefinition() = adef and
|
||||
phi.definesAt(bb, _) and
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Ssa::SourceVariable v, Ssa::PhiNode phi, Ssa::Definition input
|
||||
where phi.getAnInput() = input
|
||||
and v = phi.getSourceVariable()
|
||||
where
|
||||
phi.getAnInput() = input and
|
||||
v = phi.getSourceVariable()
|
||||
select v, phi, input
|
||||
|
||||
@@ -1,6 +1,12 @@
|
||||
import csharp
|
||||
|
||||
from string inout, Ssa::ExplicitDefinition def, Ssa::Definition targetDef, Call c
|
||||
where (inout = "in" and def.isCapturedVariableDefinitionFlowIn(targetDef, c))
|
||||
or (inout = "out" and def.isCapturedVariableDefinitionFlowOut(targetDef) and targetDef.(Ssa::ImplicitCallDefinition).getCall() = c)
|
||||
where
|
||||
(inout = "in" and def.isCapturedVariableDefinitionFlowIn(targetDef, c))
|
||||
or
|
||||
(
|
||||
inout = "out" and
|
||||
def.isCapturedVariableDefinitionFlowOut(targetDef) and
|
||||
targetDef.(Ssa::ImplicitCallDefinition).getCall() = c
|
||||
)
|
||||
select inout, def.getSourceVariable(), def, targetDef, c
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Ssa::SourceVariable v, Ssa::Definition def, AssignableRead read
|
||||
where read = def.getARead()
|
||||
and v = def.getSourceVariable()
|
||||
where
|
||||
read = def.getARead() and
|
||||
v = def.getSourceVariable()
|
||||
select v, def, read
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import csharp
|
||||
|
||||
from Ssa::SourceVariable v, Ssa::Definition def, Ssa::Definition u
|
||||
where u = def.getAnUltimateDefinition()
|
||||
and v = def.getSourceVariable()
|
||||
where
|
||||
u = def.getAnUltimateDefinition() and
|
||||
v = def.getSourceVariable()
|
||||
select v, def, u
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
/**
|
||||
* @name Test for delegates
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
from DelegateType d
|
||||
where d.hasName("FooDelegate")
|
||||
and d.getNumberOfParameters() = 3
|
||||
where
|
||||
d.hasName("FooDelegate") and
|
||||
d.getNumberOfParameters() = 3
|
||||
select d
|
||||
|
||||
@@ -1,18 +1,20 @@
|
||||
/**
|
||||
* @name Test for delegates
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
from DelegateType d
|
||||
where d.hasQualifiedName("Delegates.FooDelegate")
|
||||
and d.getReturnType() instanceof DoubleType
|
||||
and d.getParameter(0).hasName("param")
|
||||
and d.getParameter(0).isRef()
|
||||
and d.getParameter(0).getType() instanceof StringType
|
||||
and d.getParameter(1).getName() = "condition"
|
||||
and d.getParameter(1).isOut()
|
||||
and d.getParameter(1).getType() instanceof BoolType
|
||||
and d.getParameter(2).hasName("args")
|
||||
and d.getParameter(2).isParams()
|
||||
and d.getParameter(2).getType().(ArrayType).getElementType() instanceof StringType
|
||||
where
|
||||
d.hasQualifiedName("Delegates.FooDelegate") and
|
||||
d.getReturnType() instanceof DoubleType and
|
||||
d.getParameter(0).hasName("param") and
|
||||
d.getParameter(0).isRef() and
|
||||
d.getParameter(0).getType() instanceof StringType and
|
||||
d.getParameter(1).getName() = "condition" and
|
||||
d.getParameter(1).isOut() and
|
||||
d.getParameter(1).getType() instanceof BoolType and
|
||||
d.getParameter(2).hasName("args") and
|
||||
d.getParameter(2).isParams() and
|
||||
d.getParameter(2).getType().(ArrayType).getElementType() instanceof StringType
|
||||
select d, d.getAParameter().getType().toString()
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
/**
|
||||
* @name Test for delegates
|
||||
*/
|
||||
|
||||
import csharp
|
||||
|
||||
from DelegateType d
|
||||
where d.hasQualifiedName("System.Threading.ContextCallback")
|
||||
and d.getNumberOfParameters() = 1
|
||||
and d.getParameter(0).hasName("state")
|
||||
and d.getParameter(0).isValue()
|
||||
and d.getParameter(0).getType() instanceof ObjectType
|
||||
and d.getReturnType() instanceof VoidType
|
||||
where
|
||||
d.hasQualifiedName("System.Threading.ContextCallback") and
|
||||
d.getNumberOfParameters() = 1 and
|
||||
d.getParameter(0).hasName("state") and
|
||||
d.getParameter(0).isValue() and
|
||||
d.getParameter(0).getType() instanceof ObjectType and
|
||||
d.getReturnType() instanceof VoidType
|
||||
select d.toString()
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user