From 8f026b1dc2219e9d2e3ceeda5e5bdcc385bb9f4d Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Mon, 6 Jul 2026 13:15:40 +0100 Subject: [PATCH 1/8] Allow inline expectation comments in more file formats --- .../internal/InlineExpectationsTestImpl.qll | 46 +++++++++++++++++-- 1 file changed, 42 insertions(+), 4 deletions(-) diff --git a/csharp/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll b/csharp/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll index 962ea7aa004..6916c5f6106 100644 --- a/csharp/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll +++ b/csharp/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll @@ -1,13 +1,51 @@ private import csharp as CS +private import semmle.code.asp.AspNet as ASP private import codeql.util.test.InlineExpectationsTest module Impl implements InlineExpectationsTestSig { + private newtype TExpectationComment = + TCSharpComment(CS::SinglelineComment c) or + TXmlComment(CS::XmlComment c) or + TAspComment(ASP::AspComment c) + /** - * A class representing line comments in C# used by the InlineExpectations core code + * A class representing comments that may contain inline expectations. + * Supports C# single-line comments (`//`), XML comments (``), and + * ASP.NET comments (`` and `<%-- --%>`) in their respective file types. */ - class ExpectationComment extends CS::SinglelineComment { - /** Gets the contents of the given comment, _without_ the preceding comment marker (`//`). */ - string getContents() { result = this.getText() } + class ExpectationComment extends TExpectationComment { + CS::SinglelineComment asCSharpComment() { this = TCSharpComment(result) } + + CS::XmlComment asXmlComment() { this = TXmlComment(result) } + + ASP::AspComment asAspComment() { this = TAspComment(result) } + + /** Gets the contents of this comment, _without_ the preceding comment marker. */ + string getContents() { + result = this.asCSharpComment().getText() + or + result = this.asXmlComment().getText() + or + result = this.asAspComment().getBody() + } + + /** Gets the location of this comment. */ + Location getLocation() { + result = this.asCSharpComment().getLocation() + or + result = this.asXmlComment().getLocation() + or + result = this.asAspComment().getLocation() + } + + /** Gets a textual representation of this comment. */ + string toString() { + result = this.asCSharpComment().toString() + or + result = this.asXmlComment().toString() + or + result = this.asAspComment().toString() + } } class Location = CS::Location; From 366d70bfee9885d03957cc6ecd9ca7a68985bcbe Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Sat, 4 Jul 2026 22:46:21 +0100 Subject: [PATCH 2/8] Convert qlref tests to inline expectations --- .../ModifiedFnvFunctionDetection.qlref | 3 +- .../NumberOfKnownCommandsAboveThreshold.qlref | 3 +- .../NumberOfKnownHashesAboveThreshold.qlref | 3 +- .../NumberOfKnownLiteralsAboveThreshold.qlref | 3 +- ...mberOfKnownMethodNamesAboveThreshold.qlref | 3 +- .../SwallowEverythingExceptionHandler.qlref | 3 +- .../Solorigate/test/Solorigate/test.cs | 434 +++++++++--------- .../BlazorTest/Components/MyOutput.razor | 2 +- .../Components/Pages/TestPage.razor | 6 +- .../all-platforms/blazor/XSS.qlref | 4 +- .../BlazorTest/Components/MyOutput.razor | 2 +- .../Components/Pages/TestPage.razor | 6 +- .../blazor_build_mode_none/XSS.qlref | 4 +- .../BlazorTest/Components/MyOutput.razor | 2 +- .../Components/Pages/TestPage.razor | 6 +- .../all-platforms/blazor_net_8/XSS.qlref | 4 +- .../DatabaseQualityDiagnostics.qlref | 2 +- .../DatabaseQualityDiagnostics.qlref | 2 +- .../CWE-020/RuntimeChecksBypassBad.cs | 2 +- .../experimental/CWE-918/RequestForgery.cs | 4 +- .../experimental/CWE-918/RequestForgery.qlref | 3 +- .../CWE-759/HashWithoutSalt.cs | 18 +- .../CWE-759/HashWithoutSalt.qlref | 4 +- ...urity-validations-always-return-true.qlref | 3 +- .../JsonWebTokenHandler/delegation-test.cs | 18 +- .../security-validation-disabled-test.cs | 12 +- .../security-validation-disabled.qlref | 3 +- .../DefiningDatasetRelatedType.qlref | 3 +- ...finingPotentiallyUnsafeXmlSerializer.qlref | 3 +- ...UnsafeTypeUsedDataContractSerializer.qlref | 3 +- .../XmlDeserializationWithDataSet.qlref | 3 +- .../Security Features/Serialization/test0.cs | 14 +- .../DangerousNativeFunctionCall.qlref | 3 +- .../backdoor/PotentialTimeBomb.qlref | 3 +- .../backdoor/ProcessNameToHashTaintFlow.qlref | 3 +- .../Security Features/backdoor/test.cs | 10 +- .../library-tests/arguments/PrintAst.qlref | 2 +- .../library-tests/assignments/PrintAst.qlref | 2 +- .../library-tests/attributes/PrintAst.qlref | 2 +- .../library-tests/comments/PrintAst.qlref | 2 +- .../compilations/CompilerError.qlref | 2 +- .../compilations/CompilerMessage.qlref | 2 +- .../compilations/ExtractorError.qlref | 2 +- .../compilations/ExtractorMessage.qlref | 2 +- .../library-tests/constructors/PrintAst.qlref | 2 +- .../conversion/operator/PrintAst.qlref | 2 +- .../library-tests/csharp11/PrintAst.qlref | 2 +- .../test/library-tests/csharp6/PrintAst.qlref | 2 +- .../library-tests/csharp7.1/PrintAst.qlref | 2 +- .../library-tests/csharp7.2/PrintAst.qlref | 2 +- .../library-tests/csharp7.3/PrintAst.qlref | 2 +- .../test/library-tests/csharp7/PrintAst.qlref | 2 +- .../test/library-tests/csharp8/PrintAst.qlref | 2 +- .../test/library-tests/csharp9/PrintAst.qlref | 2 +- .../dataflow/implicittostring/PrintAst.qlref | 2 +- .../dataflow/tuples/PrintAst.qlref | 2 +- .../library-tests/definitions/PrintAst.qlref | 2 +- .../definitions/definitions.qlref | 2 +- .../library-tests/delegates/PrintAst.qlref | 2 +- .../DiagnosticExtractorErrors.qlref | 2 +- .../diagnostics/ExtractedFiles.qlref | 2 +- .../test/library-tests/dynamic/PrintAst.qlref | 2 +- .../test/library-tests/enums/PrintAst.qlref | 2 +- .../test/library-tests/events/PrintAst.qlref | 2 +- .../library-tests/exceptions/PrintAst.qlref | 2 +- .../library-tests/expressions/PrintAst.qlref | 2 +- .../library-tests/extension/PrintAst.qlref | 2 +- .../test/library-tests/fields/PrintAst.qlref | 2 +- .../filters/ClassifyFiles/ClassifyFiles.qlref | 2 +- .../Components_Pages_TestPage_razor.g.cs | 4 +- .../microsoft/aspnetcore/blazor/Name.cs | 4 +- .../microsoft/aspnetcore/blazor/NameList.cs | 4 +- .../microsoft/aspnetcore/blazor/NameList2.cs | 4 +- .../microsoft/aspnetcore/blazor/Xss.qlref | 4 +- .../library-tests/generics/PrintAst.qlref | 2 +- .../ql/test/library-tests/goto/PrintAst.qlref | 2 +- .../library-tests/indexers/PrintAst.qlref | 2 +- .../library-tests/initializers/PrintAst.qlref | 2 +- .../ql/test/library-tests/linq/PrintAst.qlref | 2 +- .../test/library-tests/members/PrintAst.qlref | 2 +- .../test/library-tests/methods/PrintAst.qlref | 2 +- .../test/library-tests/nameof/PrintAst.qlref | 2 +- .../library-tests/namespaces/PrintAst.qlref | 2 +- .../library-tests/nestedtypes/PrintAst.qlref | 2 +- .../library-tests/operators/PrintAst.qlref | 2 +- .../test/library-tests/partial/PrintAst.qlref | 2 +- .../library-tests/properties/PrintAst.qlref | 2 +- .../library-tests/statements/PrintAst.qlref | 2 +- .../stringinterpolation/PrintAst.qlref | 2 +- .../test/library-tests/types/PrintAst.qlref | 2 +- .../test/library-tests/unsafe/PrintAst.qlref | 2 +- .../CallToGCCollect/CallToGCCollect.qlref | 3 +- .../CallToGCCollect/CallToGCCollectBad.cs | 2 +- .../CallToObsoleteMethod.cs | 2 +- .../CallToObsoleteMethod.qlref | 3 +- .../CallToObsoleteMethodBad.cs | 2 +- .../ClassDoesNotImplementEquals.cs | 6 +- .../ClassDoesNotImplementEquals.qlref | 3 +- .../ClassDoesNotImplementEqualsBad.cs | 2 +- .../ClassImplementsICloneable.qlref | 3 +- .../ClassImplementsICloneableBad.cs | 4 +- .../DisposeNotCalledOnException.cs | 6 +- .../DisposeNotCalledOnException.qlref | 3 +- .../DisposeNotCalledOnExceptionBad.cs | 4 +- .../InconsistentEqualsGetHashCode.cs | 4 +- .../InconsistentEqualsGetHashCode.qlref | 3 +- .../InconsistentEqualsGetHashCodeBad.cs | 2 +- .../IncorrectCompareToSignature.cs | 2 +- .../IncorrectCompareToSignature.qlref | 3 +- .../IncorrectCompareToSignatureBad.cs | 2 +- .../IncorrectEqualsSignature.cs | 2 +- .../IncorrectEqualsSignature.qlref | 3 +- .../IncorrectEqualsSignatureBad.cs | 2 +- .../MissingDisposeCall/MissingDisposeCall.cs | 8 +- .../MissingDisposeCall.qlref | 3 +- .../MissingDisposeCallBad.cs | 2 +- .../MissingDisposeMethod.cs | 12 +- .../MissingDisposeMethod.qlref | 3 +- .../MissingDisposeMethodBad.cs | 2 +- .../NonOverridingMethod.cs | 4 +- .../NonOverridingMethod.qlref | 3 +- .../NonOverridingMethodBad.cs | 2 +- .../NullArgumentToEquals.cs | 6 +- .../NullArgumentToEquals.qlref | 3 +- .../NullArgumentToEqualsBad.cs | 2 +- .../UncheckedReturnValue.cs | 12 +- .../UncheckedReturnValue.qlref | 3 +- .../UncheckedReturnValueBad.cs | 4 +- .../BlockCodeResponseWrite.qlref | 3 +- .../BlockCodeResponseWriteBad.aspx | 2 +- .../ASP/BlockCodeResponseWrite/test.aspx | 2 +- .../ComplexInlineCode/ComplexInlineCode.qlref | 3 +- .../ComplexInlineCodeBad.aspx | 2 +- .../ASP/ComplexInlineCode/test.aspx | 2 +- .../NonInternationalizedText.qlref | 3 +- .../NonInternationalizedTextBad.aspx | 2 +- .../ASP/NonInternationalizedText/test.aspx | 2 +- .../SplitControlStructure.qlref | 3 +- .../SplitControlStructureBad.aspx | 2 +- .../ASP/SplitControlStructure/test.aspx | 2 +- .../AlertSuppression/AlertSuppression.qlref | 2 +- .../MutualDependency/MutualDependency.qlref | 3 +- .../MutualDependency/MutualDependencyBad.cs | 2 +- .../FeatureEnvy/FeatureEnvy.qlref | 3 +- .../FeatureEnvy/FeatureEnvyBad.cs | 2 +- .../InappropriateIntimacy.cs | 4 +- .../InappropriateIntimacy.qlref | 3 +- .../EmptyInterface/EmptyInterface.qlref | 3 +- .../EmptyInterface/EmptyInterfaceBad.cs | 2 +- .../LocalScopeVariableShadowsMember.cs | 12 +- .../LocalScopeVariableShadowsMember.qlref | 3 +- .../LocalScopeVariableShadowsMemberBad.cs | 2 +- .../NoConstantsOnly/NoConstantsOnly.cs | 2 +- .../NoConstantsOnly/NoConstantsOnly.qlref | 3 +- .../NoConstantsOnly/NoConstantsOnlyBad.cs | 2 +- .../TooManyRefParameters.qlref | 3 +- .../TooManyRefParametersBad.cs | 2 +- .../EmptyCatchBlock/EmptyCatchBlock.cs | 2 +- .../EmptyCatchBlock/EmptyCatchBlock.qlref | 3 +- .../AbstractToConcreteCollection.cs | 2 +- .../AbstractToConcreteCollection.qlref | 3 +- .../AbstractToConcreteCollectionBad.cs | 2 +- .../ExposeRepresentation.cs | 2 +- .../ExposeRepresentation.qlref | 3 +- .../ExposeRepresentationBad.cs | 2 +- .../StaticArray/StaticArray.cs | 6 +- .../StaticArray/StaticArray.qlref | 3 +- .../StaticArray/StaticArrayBad.cs | 2 +- .../ConfusingMethodNames.qlref | 3 +- .../ConfusingMethodNames/Program.cs | 2 +- .../VariableNameTooShort.cs | 6 +- .../VariableNameTooShort.qlref | 3 +- .../Bad Practices/Path Combine/PathCombine.cs | 2 +- .../Path Combine/PathCombine.qlref | 3 +- .../VirtualCallInConstructorOrDestructor.cs | 10 +- ...VirtualCallInConstructorOrDestructor.qlref | 3 +- .../CompareIdenticalValues.cs | 48 +- .../CompareIdenticalValues.qlref | 3 +- .../FutileSyncOnField/FutileSyncOnField.cs | 6 +- .../FutileSyncOnField/FutileSyncOnField.qlref | 3 +- .../Concurrency/LockOrder/LockOrder.cs | 6 +- .../Concurrency/LockOrder/LockOrder.qlref | 3 +- .../Concurrency/LockOrder/LockOrderBad.cs | 2 +- .../Concurrency/LockThis/LockThis.cs | 2 +- .../Concurrency/LockThis/LockThis.qlref | 3 +- .../Concurrency/LockedWait/LockedWait.cs | 30 +- .../Concurrency/LockedWait/LockedWait.qlref | 3 +- .../SynchSetUnsynchGet/SynchSetUnsynchGet.cs | 4 +- .../SynchSetUnsynchGet.qlref | 3 +- .../UnsafeLazyInitialization.cs | 12 +- .../UnsafeLazyInitialization.qlref | 3 +- .../UnsynchronizedStaticAccess.cs | 4 +- .../UnsynchronizedStaticAccess.qlref | 3 +- .../EmptyPasswordInConfigurationFile.qlref | 3 +- .../PasswordInConfigurationFile.qlref | 3 +- .../PasswordInConfigurationFile/config.xml | 16 +- .../NonAssignedFields/NonAssignedFields.cs | 4 +- .../NonAssignedFields/NonAssignedFields.qlref | 3 +- .../Dead Code/Tests/DeadRefTypes.qlref | 3 +- .../Dead Code/Tests/UnusedField.qlref | 3 +- .../Dead Code/Tests/UnusedMethod.qlref | 3 +- .../query-tests/Dead Code/Tests/deadcode.cs | 4 +- .../query-tests/Dead Code/Tests/regression.cs | 20 +- .../Documentation/XmldocExtraParam.qlref | 3 +- .../Documentation/XmldocExtraTypeParam.qlref | 3 +- .../Documentation/XmldocMissing.qlref | 3 +- .../XmldocMissingException.qlref | 3 +- .../Documentation/XmldocMissingParam.qlref | 3 +- .../Documentation/XmldocMissingReturn.qlref | 3 +- .../Documentation/XmldocMissingSummary.qlref | 3 +- .../XmldocMissingTypeParam.qlref | 3 +- .../Documentation/documentation.cs | 16 +- .../test/query-tests/EmptyBlock/EmptyBlock.cs | 6 +- .../query-tests/EmptyBlock/EmptyBlock.qlref | 3 +- .../CatchOfGenericException.cs | 6 +- .../CatchOfGenericException.qlref | 3 +- .../Language Abuse/ChainedIs/ChainedIs.cs | 2 +- .../Language Abuse/ChainedIs/ChainedIs.qlref | 3 +- .../DubiousTypeTestOfThis.cs | 4 +- .../DubiousTypeTestOfThis.qlref | 3 +- .../DubiousTypeTestOfThis2.cs | 2 +- .../ForeachCapture/ForeachCapture.cs | 4 +- .../ForeachCapture/ForeachCapture.qlref | 3 +- .../MissedTernaryOpportunity.cs | 4 +- .../MissedTernaryOpportunity.qlref | 3 +- .../Language Abuse/NestedIf/NestedIf.qlref | 3 +- .../Language Abuse/NestedIf/nestedif.cs | 6 +- .../RethrowException/RethrowException.cs | 4 +- .../RethrowException/RethrowException.qlref | 3 +- .../SimplifyBoolExpr/SimplifyBoolExpr.cs | 60 +-- .../SimplifyBoolExpr/SimplifyBoolExpr.qlref | 3 +- .../SimplifyBoolExpr/SimplifyBoolExprBad.cs | 6 +- .../UselessCastToSelf/UselessCastToSelf.cs | 14 +- .../UselessCastToSelf/UselessCastToSelf.qlref | 3 +- .../UselessIsBeforeAs/UselessIsBeforeAs.cs | 2 +- .../UselessIsBeforeAs/UselessIsBeforeAs.qlref | 3 +- .../UselessNullCoalescingExpression.cs | 16 +- .../UselessNullCoalescingExpression.qlref | 3 +- .../UselessUpcast/UselessUpcast.cs | 16 +- .../UselessUpcast/UselessUpcast.qlref | 3 +- .../UselessUpcast/UselessUpcastBad.cs | 2 +- .../Likely Bugs/BadCheckOdd/BadCheckOdd.cs | 8 +- .../Likely Bugs/BadCheckOdd/BadCheckOdd.qlref | 3 +- .../ContainerLengthCmpOffByOne.cs | 8 +- .../ContainerLengthCmpOffByOne.qlref | 3 +- .../ContainerSizeCmpZero.cs | 60 +-- .../ContainerSizeCmpZero.qlref | 3 +- .../DangerousNonShortCircuitLogic.cs | 9 +- .../DangerousNonShortCircuitLogic.qlref | 3 +- .../Likely Bugs/Dynamic/BadDynamicCall.qlref | 3 +- .../Likely Bugs/Dynamic/dynamic.cs | 30 +- .../Likely Bugs/EqualsArray/EqualsArray.cs | 8 +- .../Likely Bugs/EqualsArray/EqualsArray.qlref | 3 +- .../Likely Bugs/EqualsUsesAs/EqualsUsesAs.cs | 2 +- .../EqualsUsesAs/EqualsUsesAs.qlref | 3 +- .../Likely Bugs/EqualsUsesIs/EqualsUsesIs.cs | 2 +- .../EqualsUsesIs/EqualsUsesIs.qlref | 3 +- .../IncomparableEquals/IncomparableEquals.cs | 2 +- .../IncomparableEquals.qlref | 3 +- .../InconsistentCompareTo.cs | 8 +- .../InconsistentCompareTo.qlref | 3 +- .../MishandlingJapaneseEra.qlref | 3 +- .../MishandlingJapaneseEra/Program.cs | 12 +- .../NestedLoopsSameVariable.cs | 2 +- .../NestedLoopsSameVariable.qlref | 3 +- .../NestedLoopsSameVariable/Test.cs | 8 +- .../ObjectComparison/ObjectComparison.cs | 8 +- .../ObjectComparison/ObjectComparison.qlref | 3 +- .../PossibleLossOfPrecision.cs | 28 +- .../PossibleLossOfPrecision.qlref | 3 +- .../RandomUsedOnce/RandomUsedOnce.cs | 10 +- .../RandomUsedOnce/RandomUsedOnce.qlref | 3 +- .../RecursiveEquals/RecursiveEquals.cs | 2 +- .../RecursiveEquals/RecursiveEquals.qlref | 3 +- .../SelfAssignment/SelfAssignment.qlref | 3 +- .../Likely Bugs/SelfAssignment/selfassigns.cs | 22 +- .../StaticFieldWrittenByInstance.cs | 6 +- .../StaticFieldWrittenByInstance.qlref | 3 +- .../StringBufferCharInit.qlref | 3 +- .../StringBuilderCharInit.cs | 10 +- .../ThreadUnsafeICryptoTransform.cs | 10 +- .../ThreadUnsafeICryptoTransform.qlref | 3 +- .../ThreadUnsafeICryptoTransformLambda.cs | 8 +- .../ThreadUnsafeICryptoTransformLambda.qlref | 3 +- .../UncheckedCastInEquals.cs | 2 +- .../UncheckedCastInEquals.qlref | 3 +- .../UnsafeYearConstruction/Program.cs | 10 +- .../UnsafeYearConstruction.qlref | 3 +- .../MissedCastOpportunity.cs | 8 +- .../MissedCastOpportunity.qlref | 3 +- .../MissedWhereOpportunity.cs | 8 +- .../MissedWhereOpportunity.qlref | 3 +- .../MagicConstants/AttributeInts.cs | 2 +- .../MagicConstants/AttributeStrings.cs | 2 +- .../MagicConstants/AttributeStrings.qlref | 3 +- .../query-tests/MagicConstants/HashCode.cs | 2 +- .../MagicConstantsNumbers.qlref | 3 +- .../MagicConstants/MagicNumbersUseConstant.cs | 4 +- .../MagicNumbersUseConstant.qlref | 3 +- .../MagicConstants/MagicStringsUseConstant.cs | 4 +- .../MagicStringsUseConstant.qlref | 3 +- .../flinesofcommentedcode.qlref | 2 +- .../RefTypes/TNumberOfFields/EnumSize.qlref | 2 +- .../Metrics/Summaries/LinesOfCode.qlref | 2 +- .../StringBuilderInLoop.cs | 4 +- .../StringBuilderInLoop.qlref | 3 +- .../StringConcatenationInLoop.cs | 4 +- .../StringConcatenationInLoop.qlref | 3 +- .../UseTryGetValue/UseTryGetValue.cs | 20 +- .../UseTryGetValue/UseTryGetValue.qlref | 3 +- .../ReadOnlyContainer/ReadOnlyContainer.cs | 24 +- .../ReadOnlyContainer/ReadOnlyContainer.qlref | 3 +- .../CWE-011/ASPNetDebug.qlref | 3 +- .../Security Features/CWE-011/bad1/Web.config | 2 +- .../Security Features/CWE-011/bad2/Web.config | 2 +- .../ASPNetMaxRequestLength.qlref | 3 +- .../ASPNetMaxRequestLength/bad/Web.config | 4 +- .../ASPNetPagesValidateRequest.qlref | 3 +- .../ASPNetPagesValidateRequestBad.config | 4 +- .../ASPNetRequestValidationMode.qlref | 3 +- .../ASPNetRequestValidationModeBad.config | 2 +- .../ExternalAPIsUsedWithUntrustedData.qlref | 2 +- .../CWE-020/RuntimeChecksBypass.cs | 6 +- .../CWE-020/RuntimeChecksBypassBad.cs | 2 +- .../CWE-020/RuntimeChecksbypass.qlref | 3 +- .../CWE-020/UntrustedData.cs | 4 +- .../CWE-020/UntrustedDataToExternalAPI.qlref | 4 +- .../CWE-022/TaintedPath/TaintedPath.cs | 16 +- .../CWE-022/TaintedPath/TaintedPath.qlref | 4 +- .../CWE-022/ZipSlip/ZipSlip.cs | 22 +- .../CWE-022/ZipSlip/ZipSlip.qlref | 4 +- .../CWE-022/ZipSlip/ZipSlipBad.cs | 4 +- .../CWE-078/CommandInjection.cs | 16 +- .../CWE-078/CommandInjection.qlref | 4 +- .../CWE-079/StoredXSS/StoredXSS.cs | 4 +- .../CWE-079/StoredXSS/StoredXSS.qlref | 4 +- .../Security Features/CWE-079/XSSAsp/XSS.cs | 36 +- .../CWE-079/XSSAsp/XSS.qlref | 4 +- .../CWE-079/XSSAsp/script.aspx | 6 +- .../Areas/TestArea/Views/Shared/Test18.cshtml | 3 +- .../Areas/TestArea/Views/Test4/Test17.cshtml | 3 +- .../Controllers/TestController.cs | 48 +- ...s_TestArea_Views_Shared_Test18.cshtml.g.cs | 2 +- ...as_TestArea_Views_Test4_Test17.cshtml.g.cs | 2 +- .../Generated/Pages_Shared_Test21.cshtml.g.cs | 2 +- .../XSSRazorPages/Generated/Template.g | 2 +- .../Views_Custom2_Test16.cshtml.g.cs | 2 +- .../Views_Custom_Test3_Test15.cshtml.g.cs | 2 +- .../Generated/Views_Other_Test13.cshtml.g.cs | 2 +- .../Generated/Views_Other_Test5.cshtml.g.cs | 2 +- .../Generated/Views_Other_Test6.cshtml.g.cs | 2 +- .../Generated/Views_Other_Test8.cshtml.g.cs | 2 +- .../Generated/Views_Other_Test9.cshtml.g.cs | 2 +- .../Generated/Views_Shared_Test14.cshtml.g.cs | 2 +- .../Generated/Views_Shared_Test19.cshtml.g.cs | 2 +- .../Generated/Views_Shared_Test2.cshtml.g.cs | 2 +- .../Generated/Views_Shared_Test23.cshtml.g.cs | 2 +- .../Generated/Views_Test2_Test10.cshtml.g.cs | 2 +- .../Generated/Views_Test2_Test11.cshtml.g.cs | 2 +- .../Generated/Views_Test_Test1.cshtml.g.cs | 2 +- .../Generated/Views_Test_Test3.cshtml.g.cs | 2 +- .../Generated/Views_Test_Test4.cshtml.g.cs | 2 +- .../Generated/Views_Test_Test7.cshtml.g.cs | 2 +- .../XSSRazorPages/MyAreas/Test4/Test22.cshtml | 3 +- .../XSSRazorPages/Pages/Shared/Test21.cshtml | 3 +- .../Views/Custom/Test3/Test15.cshtml | 3 +- .../XSSRazorPages/Views/Custom2/Test16.cshtml | 3 +- .../XSSRazorPages/Views/Other/Test13.cshtml | 3 +- .../XSSRazorPages/Views/Other/Test5.cshtml | 3 +- .../XSSRazorPages/Views/Other/Test6.cshtml | 3 +- .../XSSRazorPages/Views/Other/Test8.cshtml | 3 +- .../XSSRazorPages/Views/Other/Test9.cshtml | 3 +- .../XSSRazorPages/Views/Shared/Test12.cshtml | 3 +- .../XSSRazorPages/Views/Shared/Test14.cshtml | 3 +- .../XSSRazorPages/Views/Shared/Test19.cshtml | 3 +- .../XSSRazorPages/Views/Shared/Test2.cshtml | 3 +- .../XSSRazorPages/Views/Shared/Test23.cshtml | 3 +- .../XSSRazorPages/Views/Shared/Test3.cshtml | 3 +- .../XSSRazorPages/Views/Test/Test1.cshtml | 7 +- .../XSSRazorPages/Views/Test/Test3.cshtml | 3 +- .../XSSRazorPages/Views/Test/Test4.cshtml | 3 +- .../XSSRazorPages/Views/Test/Test7.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test1.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test10.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test11.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test12.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test14.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test2.cshtml | 3 +- .../XSSRazorPages/Views/Test2/Test3.cshtml | 3 +- .../XSSRazorPages/Views/Test4/Test20.cshtml | 3 +- .../CWE-079/XSSRazorPages/XSS.expected | 42 +- .../CWE-079/XSSRazorPages/XSS.qlref | 3 +- .../CWE-090/LDAPInjection.cs | 18 +- .../CWE-090/LDAPInjection.qlref | 4 +- .../CWE-091/XMLInjection/Test.cs | 4 +- .../CWE-091/XMLInjection/XMLInjection.qlref | 4 +- .../CWE-094/CodeInjection.cs | 8 +- .../CWE-094/CodeInjection.qlref | 4 +- .../CWE-099/ResourceInjection.cs | 6 +- .../CWE-099/ResourceInjection.qlref | 4 +- .../CWE-112/MissingXMLValidation.cs | 10 +- .../CWE-112/MissingXMLValidation.qlref | 4 +- .../AssemblyPathInjection.qlref | 4 +- .../CWE-114/AssemblyPathInjection/Test.cs | 4 +- .../CWE-119/LocalUnvalidatedArithmetic.cs | 2 +- .../CWE-119/LocalUnvalidatedArithmetic.qlref | 3 +- .../ExposureInTransmittedData.cs | 18 +- .../ExposureInTransmittedData.qlref | 4 +- .../CWE-209/ExceptionInformationExposure.cs | 14 +- .../ExceptionInformationExposure.qlref | 4 +- .../MissingASPNETGlobalErrorHandler.qlref | 3 +- .../WebConfigOff/Web.config | 2 +- .../MissingASPNETGlobalErrorHandler.qlref | 3 +- .../WebFormsTests/MissingAccessControl.qlref | 3 +- .../WebFormsTests/Test1/EditProfile.aspx.cs | 2 +- .../WebFormsTests/Test1/ViewProfile.aspx.cs | 2 +- .../WebFormsTests/Test3/B/EditProfile.aspx.cs | 2 +- .../CWE-312/CleartextStorage.cs | 20 +- .../CWE-312/CleartextStorage.qlref | 3 +- .../HardcodedSymmetricEncryptionKey.cs | 16 +- .../HardcodedSymmetricEncryptionKey.qlref | 4 +- .../DontInstallRootCert.qlref | 3 +- .../CWE-327/DontInstallRootCert/Test.cs | 12 +- .../InsecureSQLConnection.cs | 10 +- .../InsecureSQLConnection.qlref | 3 +- .../InsufficientKeySize.cs | 6 +- .../InsufficientKeySize.qlref | 3 +- .../CWE-338/InsecureRandomness.cs | 14 +- .../CWE-338/InsecureRandomness.qlref | 4 +- .../MissingAntiForgeryTokenValidation.qlref | 3 +- .../MissingAntiForgeryTokenValidation.cs | 4 +- .../MissingAntiForgeryTokenValidation.qlref | 1 + .../MissingAntiForgeryTokenValidation.cs | 4 +- .../MissingAntiForgeryTokenValidation.qlref | 3 +- .../CWE-359/ExposureOfPrivateInformation.cs | 10 +- .../ExposureOfPrivateInformation.qlref | 3 +- .../CWE-384/AbandonSession.cs | 6 +- .../CWE-384/AbandonSession.qlref | 3 +- .../MissingXFrameOptions.qlref | 3 +- .../MissingXFrameOptions.qlref | 3 +- .../MissingXFrameOptions.qlref | 3 +- .../PersistentCookie/PersistentCookie.cs | 4 +- .../PersistentCookie/PersistentCookie.qlref | 3 +- .../CWE-548/ASPNetDirectoryListing.qlref | 3 +- .../Security Features/CWE-548/web.config | 2 +- .../CWE-601/UrlRedirect/UrlRedirect.cs | 16 +- .../CWE-601/UrlRedirect/UrlRedirect.qlref | 4 +- .../CWE-601/UrlRedirect/UrlRedirect2.cs | 2 +- .../CWE-601/UrlRedirect/UrlRedirectCore.cs | 24 +- .../Security Features/CWE-611/Test.cs | 6 +- .../CWE-611/UntrustedDataInsecureXml.qlref | 4 +- .../CWE-611/UseXmlSecureResolver.qlref | 4 +- .../RequireSSL/AddedInCode/RequireSSL.qlref | 3 +- .../RequireSSL/AddedInForms/RequireSSL.qlref | 3 +- .../HttpCookiesCorrect/RequireSSL.qlref | 3 +- .../RequireSSL/HttpCookiesCorrect/Web.config | 2 +- .../RequireSSLMissing/RequireSSL.qlref | 3 +- .../RequireSSL/RequireSSLMissing/Web.config | 4 +- .../CWE-639/MVCTests/CommentController.cs | 4 +- .../InsecureDirectObjectReference.qlref | 3 +- .../CWE-639/MVCTests/MiscTestControllers.cs | 6 +- .../CWE-639/MVCTests/ProfileController.cs | 2 +- .../CWE-639/WebFormsTests/EditComment.aspx.cs | 2 +- .../InsecureDirectObjectReference.qlref | 3 +- .../CWE-643/XPathInjection.cs | 24 +- .../CWE-643/XPathInjection.qlref | 4 +- .../CWE-730/ReDoS/ExponentialRegex.cs | 12 +- .../CWE-730/ReDoS/ReDoS.qlref | 4 +- .../CWE-730/ReDoSGlobalTimeout/ReDoS.qlref | 4 +- .../CWE-730/RegexInjection/RegexInjection.cs | 4 +- .../RegexInjection/RegexInjection.qlref | 4 +- .../CWE-798/HardcodedConnectionString.qlref | 3 +- .../CWE-798/HardcodedCredentials.cs | 18 +- .../CWE-798/HardcodedCredentials.qlref | 3 +- .../CWE-798/TestHardcodedCredentials.cs | 2 +- .../CWE-807/ConditionalBypass.cs | 24 +- .../CWE-807/ConditionalBypass.qlref | 4 +- .../Security Features/CWE-838/HtmlEncode.cs | 2 +- .../CWE-838/InappropriateEncoding.cs | 24 +- .../CWE-838/InappropriateEncoding.qlref | 4 +- .../Security Features/CWE-838/SqlEncode.cs | 4 +- .../Security Features/CWE-838/UrlEncode.cs | 2 +- .../LibraryUsage/ExternalLibraryUsage.qlref | 2 +- .../LibraryUsage/SupportedExternalTaint.qlref | 2 +- .../UnsupportedExternalAPIs.qlref | 2 +- .../SupportedExternalApis.qlref | 2 +- .../SupportedExternalSinks.qlref | 2 +- .../SupportedExternalSources.qlref | 2 +- .../UnusedPropertyValue.cs | 6 +- .../UnusedPropertyValue.qlref | 3 +- .../test/query-tests/UseBraces/UseBraces.cs | 10 +- .../query-tests/UseBraces/UseBraces.qlref | 3 +- .../PointlessForwardingMethod.cs | 4 +- .../PointlessForwardingMethod.qlref | 3 +- .../WriteOnlyContainer/WriteOnlyContainer.cs | 68 +-- .../WriteOnlyContainer.qlref | 3 +- .../IncomparableEquals/IncomparableEquals.cs | 6 +- .../IncomparableEquals.qlref | 3 +- .../ObjectComparison/ObjectComparison.cs | 4 +- .../ObjectComparison/ObjectComparison.qlref | 3 +- .../ApplicationModeEndpoints.qlref | 2 +- .../modeleditor/FrameworkModeEndpoints.qlref | 2 +- 502 files changed, 1602 insertions(+), 1360 deletions(-) diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/ModifiedFnvFunctionDetection.qlref b/csharp/ql/campaigns/Solorigate/test/Solorigate/ModifiedFnvFunctionDetection.qlref index 0bfdf5905b3..d861fc929b2 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/ModifiedFnvFunctionDetection.qlref +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/ModifiedFnvFunctionDetection.qlref @@ -1 +1,2 @@ -ModifiedFnvFunctionDetection.ql +query: ModifiedFnvFunctionDetection.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownCommandsAboveThreshold.qlref b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownCommandsAboveThreshold.qlref index 61c6c1e04a8..6854e44501f 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownCommandsAboveThreshold.qlref +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownCommandsAboveThreshold.qlref @@ -1 +1,2 @@ -NumberOfKnownCommandsAboveThreshold.ql +query: NumberOfKnownCommandsAboveThreshold.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownHashesAboveThreshold.qlref b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownHashesAboveThreshold.qlref index 718d6c67048..a66d6d55d19 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownHashesAboveThreshold.qlref +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownHashesAboveThreshold.qlref @@ -1 +1,2 @@ -NumberOfKnownHashesAboveThreshold.ql +query: NumberOfKnownHashesAboveThreshold.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownLiteralsAboveThreshold.qlref b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownLiteralsAboveThreshold.qlref index e17b18d08ae..38b9897d068 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownLiteralsAboveThreshold.qlref +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownLiteralsAboveThreshold.qlref @@ -1 +1,2 @@ -NumberOfKnownLiteralsAboveThreshold.ql +query: NumberOfKnownLiteralsAboveThreshold.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownMethodNamesAboveThreshold.qlref b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownMethodNamesAboveThreshold.qlref index 747fb006e43..7f5e000495e 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownMethodNamesAboveThreshold.qlref +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/NumberOfKnownMethodNamesAboveThreshold.qlref @@ -1 +1,2 @@ -NumberOfKnownMethodNamesAboveThreshold.ql +query: NumberOfKnownMethodNamesAboveThreshold.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/SwallowEverythingExceptionHandler.qlref b/csharp/ql/campaigns/Solorigate/test/Solorigate/SwallowEverythingExceptionHandler.qlref index 538eee55bf2..e49d40d16e1 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/SwallowEverythingExceptionHandler.qlref +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/SwallowEverythingExceptionHandler.qlref @@ -1 +1,2 @@ -SwallowEverythingExceptionHandler.ql +query: SwallowEverythingExceptionHandler.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs b/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs index 8680d834694..2530492ef74 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs @@ -6,12 +6,12 @@ class FalsePositiveCases // regular FVN ulong GetRegularFvnHash(string s) { - ulong num = 14695981039346656037UL; /* FNV base offset */ + ulong num = 14695981039346656037UL; /* FNV base offset */ // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] foreach (byte b in Encoding.UTF8.GetBytes(s)) { num ^= (ulong)b; - num *= 1099511628211UL; /* FNV prime */ + num *= 1099511628211UL; /* FNV prime */ // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] } return num; @@ -22,24 +22,24 @@ class TestCases { ulong GetRegularFvnHash(string s) { - ulong num = 14695981039346656037UL; + ulong num = 14695981039346656037UL; // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] try { foreach (byte b in Encoding.UTF8.GetBytes(s)) { num ^= (ulong)b; - num *= 1099511628211UL; + num *= 1099511628211UL; // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] } } catch // BUG : SwallowEverythingExceptionHandler { - } + } // $ Alert[cs/solorigate/swallow-everything-exception] - return num ^ 6605813339339102567UL; // BUG (ModifiedFnvFunctionDetection.ql) + return num ^ 6605813339339102567UL; // $ Alert[cs/solorigate/modified-fnv-function-detection] Alert[cs/solorigate/number-of-known-hashes-above-threshold] // BUG (ModifiedFnvFunctionDetection.ql) } - enum JobEngine + enum JobEngine // $ Alert[cs/solorigate/number-of-known-commands-in-enum-above-threshold] { Idle, Exit, @@ -62,222 +62,222 @@ class TestCases None } - void Abort() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void AddFileExecutionEngine() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void AddRegistryExecutionEngine() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void AdjustTokenPrivileges() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Base64Decode() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Base64Encode() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ByteArrayToHexString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CheckServerConnection() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Close() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CloseHandle() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CollectSystemDescription() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Compress() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CreateSecureString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CreateString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CreateUploadRequest() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void CreateUploadRequestImpl() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Decompress() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void DecryptShort() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Deflate() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void DelayMin() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void DelayMs() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void DeleteFile() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void DeleteRegistryValue() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void DeleteValue() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ExecuteEngine() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void FileExists() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetAddresses() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetAddressFamily() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetArgumentIndex() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetBaseUri() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetBaseUriImpl() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetCache() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetCurrentProcess() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetCurrentString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetDescriptionId() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetFileHash() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetFileSystemEntries() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetHash() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetHive() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetIntArray() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetIPHostEntry() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetManagementObjectProperty() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetNetworkAdapterConfiguration() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetNewOwnerName() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetNextString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetNextStringEx() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetOrCreateUserID() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetOrionImprovementCustomerId() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetOSVersion() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetPreviousString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetProcessByDescription() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetRegistrySubKeyAndValueNames() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetStatus() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetStringHash() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetSubKeyAndValueNames() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetUserAgent() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetValue() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void GetWebProxy() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void HexStringToByteArray() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Inflate() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Initialize() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void InitiateSystemShutdownExW() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void IsNullOrInvalidName() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void IsSynchronized() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void KillTask() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void LookupPrivilegeValueW() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void OpenProcessToken() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ParseServiceResponse() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Quote() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ReadConfig() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ReadDeviceInfo() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ReadRegistryValue() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ReadReportStatus() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ReadServiceStatus() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void RebootComputer() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void RunTask() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SearchAssemblies() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SearchConfigurations() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SearchServices() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetAutomaticMode() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetKeyOwner() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetKeyOwnerWithPrivileges() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetKeyPermissions() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetManualMode() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetProcessPrivilege() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetRegistryValue() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetTime() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SetValue() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void SplitString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void ToString() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void TrackEvent() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void TrackProcesses() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Unquote() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Unzip() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Update() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void UpdateBuffer() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void UpdateNotification() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void UploadSystemDescription() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Valid() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void WriteConfig() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void WriteFile() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void WriteReportStatus() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void WriteServiceStatus() { } // BUG : NumberOfKnownMethodNamesAboveThreshold - void Zip() { } // BUG : NumberOfKnownMethodNamesAboveThreshold + void Abort() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void AddFileExecutionEngine() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void AddRegistryExecutionEngine() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void AdjustTokenPrivileges() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Base64Decode() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Base64Encode() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ByteArrayToHexString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CheckServerConnection() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Close() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CloseHandle() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CollectSystemDescription() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Compress() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CreateSecureString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CreateString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CreateUploadRequest() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void CreateUploadRequestImpl() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Decompress() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void DecryptShort() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Deflate() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void DelayMin() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void DelayMs() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void DeleteFile() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void DeleteRegistryValue() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void DeleteValue() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ExecuteEngine() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void FileExists() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetAddresses() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetAddressFamily() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetArgumentIndex() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetBaseUri() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetBaseUriImpl() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetCache() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetCurrentProcess() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetCurrentString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetDescriptionId() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetFileHash() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetFileSystemEntries() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetHash() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetHive() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetIntArray() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetIPHostEntry() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetManagementObjectProperty() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetNetworkAdapterConfiguration() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetNewOwnerName() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetNextString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetNextStringEx() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetOrCreateUserID() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetOrionImprovementCustomerId() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetOSVersion() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetPreviousString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetProcessByDescription() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetRegistrySubKeyAndValueNames() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetStatus() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetStringHash() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetSubKeyAndValueNames() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetUserAgent() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetValue() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void GetWebProxy() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void HexStringToByteArray() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Inflate() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Initialize() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void InitiateSystemShutdownExW() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void IsNullOrInvalidName() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void IsSynchronized() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void KillTask() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void LookupPrivilegeValueW() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void OpenProcessToken() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ParseServiceResponse() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Quote() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ReadConfig() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ReadDeviceInfo() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ReadRegistryValue() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ReadReportStatus() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ReadServiceStatus() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void RebootComputer() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void RunTask() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SearchAssemblies() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SearchConfigurations() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SearchServices() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetAutomaticMode() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetKeyOwner() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetKeyOwnerWithPrivileges() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetKeyPermissions() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetManualMode() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetProcessPrivilege() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetRegistryValue() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetTime() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SetValue() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void SplitString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void ToString() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void TrackEvent() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void TrackProcesses() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Unquote() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Unzip() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Update() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void UpdateBuffer() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void UpdateNotification() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void UploadSystemDescription() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Valid() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void WriteConfig() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void WriteFile() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void WriteReportStatus() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void WriteServiceStatus() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold + void Zip() { } // $ Alert[cs/solorigate/number-of-known-method-names-above-threshold] // BUG : NumberOfKnownMethodNamesAboveThreshold void Hashes() { ulong[] hashes = { // BUG : NumberOfKnownHashesAboveThreshold - 10063651499895178962, 10235971842993272939, 10296494671777307979, - 10336842116636872171, 10374841591685794123, 10393903804869831898, - 10463926208560207521, 10484659978517092504, 10501212300031893463, - 10545868833523019926, 10657751674541025650, 106672141413120087, 10734127004244879770, - 10829648878147112121, 1099511628211, 11073283311104541690, 1109067043404435916, - 11109294216876344399, 11266044540366291518, 11385275378891906608, - 11771945869106552231, 11801746708619571308, 11818825521849580123, - 11913842725949116895, 12027963942392743532, 12094027092655598256, - 12343334044036541897, 12445177985737237804, 12445232961318634374, - 12574535824074203265, 12679195163651834776, 12709986806548166638, - 12718416789200275332, 12785322942775634499, 12790084614253405985, - 12969190449276002545, 13014156621614176974, 13029357933491444455, - 13135068273077306806, 13260224381505715848, 13316211011159594063, - 13464308873961738403, 13544031715334011032, 13581776705111912829, - 13599785766252827703, 13611051401579634621, 13611814135072561278, - 13655261125244647696, 1367627386496056834, 1368907909245890092, 13693525876560827283, - 13783346438774742614, 13799353263187722717, 13825071784440082496, - 13852439084267373191, 13876356431472225791, 14055243717250701608, - 14079676299181301772, 14095938998438966337, 14111374107076822891, - 14193859431895170587, 14226582801651130532, 14243671177281069512, - 14256853800858727521, 14480775929210717493, 14482658293117931546, - 14513577387099045298, 14630721578341374856, 14695981039346656037, - 14710585101020280896, 1475579823244607677, 14868920869169964081, 14968320160131875803, - 14971809093655817917, 15039834196857999838, 15092207615430402812, - 15114163911481793350, 15194901817027173566, 15267980678929160412, - 15457732070353984570, 15514036435533858158, 15535773470978271326, - 15587050164583443069, 155978580751494388, 15695338751700748390, 15997665423159927228, - 16066522799090129502, 16066651430762394116, 16112751343173365533, - 16130138450758310172, 1614465773938842903, 16292685861617888592, 16335643316870329598, - 16423314183614230717, 16570804352575357627, 1682585410644922036, 16858955978146406642, - 16990567851129491937, 17017923349298346219, 17097380490166623672, - 17109238199226571972, 17204844226884380288, 17291806236368054941, - 17351543633914244545, 17439059603042731363, 17574002783607647274, - 17624147599670377042, 17633734304611248415, 17683972236092287897, - 17849680105131524334, 17939405613729073960, 17956969551821596225, - 17978774977754553159, 17984632978012874803, 17997967489723066537, - 18147627057830191163, 18150909006539876521, 18159703063075866524, - 18246404330670877335, 18294908219222222902, 18392881921099771407, - 18446744073709551613, 191060519014405309, 2032008861530788751, 2128122064571842954, - 2147483647, 2147745794, 2380224015317016190, 2478231962306073784, - 2532538262737333146, 2589926981877829912, 2597124982561782591, 2600364143812063535, - 2717025511528702475, 2734787258623754862, 27407921587843457, 2760663353550280147, - 2797129108883749491, 2810460305047003196, 292198192373389586, 2934149816356927366, - 3045986759481489935, 3178468437029279937, 3200333496547938354, 3320026265773918739, - 3320767229281015341, 3341747963119755850, 3407972863931386250, 3413052607651207697, - 3413886037471417852, 3421197789791424393, 3421213182954201407, 3425260965299690882, - 3538022140597504361, 3575761800716667678, 3588624367609827560, 3626142665768487764, - 3642525650883269872, 3656637464651387014, 3660705254426876796, 3769837838875367802, - 3778500091710709090, 3796405623695665524, 3869935012404164040, 3890769468012566366, - 3890794756780010537, 397780960855462669, 4030236413975199654, 4088976323439621041, - 4454255944391929578, 4501656691368064027, 4578480846255629462, 4821863173800309721, - 4931721628717906635, 506634811745884560, 5132256620104998637, 5183687599225757871, - 521157249538507889, 5219431737322569038, 541172992193764396, 5415426428750045503, - 5449730069165757263, 5587557070429522647, 5614586596107908838, 576626207276463000, - 5942282052525294911, 5945487981219695001, 5984963105389676759, 607197993339007484, - 6088115528707848728, 6116246686670134098, 6180361713414290679, 6195833633417633900, - 6274014997237900919, 640589622539783622, 6461429591783621719, 6491986958834001955, - 6508141243778577344, 6605813339339102567, 682250828679635420, 6827032273910657891, - 6943102301517884811, 700598796416086955, 7080175711202577138, 7175363135479931834, - 7315838824213522000, 7412338704062093516, 7516148236133302073, 7574774749059321801, - 7701683279824397773, 7775177810774851294, 7810436520414958497, 7878537243757499832, - 79089792725215063, 7982848972385914508, 8052533790968282297, 8129411991672431889, - 8146185202538899243, 835151375515278827, 8381292265993977266, 8408095252303317471, - 8473756179280619170, 8478833628889826985, 8612208440357175863, 8697424601205169055, - 8698326794961817906, 8709004393777297355, 8727477769544302060, 8760312338504300643, - 8799118153397725683, 8873858923435176895, 8994091295115840290, 9007106680104765185, - 9061219083560670602, 9149947745824492274, 917638920165491138, 9234894663364701749, - 9333057603143916814, 9384605490088500348, 9531326785919727076, 9555688264681862794, - 9559632696372799208, 9903758755917170407 + 10063651499895178962, 10235971842993272939, 10296494671777307979, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 10336842116636872171, 10374841591685794123, 10393903804869831898, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 10463926208560207521, 10484659978517092504, 10501212300031893463, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 10545868833523019926, 10657751674541025650, 106672141413120087, 10734127004244879770, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 10829648878147112121, 1099511628211, 11073283311104541690, 1109067043404435916, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 11109294216876344399, 11266044540366291518, 11385275378891906608, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 11771945869106552231, 11801746708619571308, 11818825521849580123, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 11913842725949116895, 12027963942392743532, 12094027092655598256, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 12343334044036541897, 12445177985737237804, 12445232961318634374, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 12574535824074203265, 12679195163651834776, 12709986806548166638, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 12718416789200275332, 12785322942775634499, 12790084614253405985, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 12969190449276002545, 13014156621614176974, 13029357933491444455, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 13135068273077306806, 13260224381505715848, 13316211011159594063, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 13464308873961738403, 13544031715334011032, 13581776705111912829, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 13599785766252827703, 13611051401579634621, 13611814135072561278, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 13655261125244647696, 1367627386496056834, 1368907909245890092, 13693525876560827283, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 13783346438774742614, 13799353263187722717, 13825071784440082496, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 13852439084267373191, 13876356431472225791, 14055243717250701608, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 14079676299181301772, 14095938998438966337, 14111374107076822891, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 14193859431895170587, 14226582801651130532, 14243671177281069512, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 14256853800858727521, 14480775929210717493, 14482658293117931546, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 14513577387099045298, 14630721578341374856, 14695981039346656037, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 14710585101020280896, 1475579823244607677, 14868920869169964081, 14968320160131875803, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 14971809093655817917, 15039834196857999838, 15092207615430402812, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 15114163911481793350, 15194901817027173566, 15267980678929160412, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 15457732070353984570, 15514036435533858158, 15535773470978271326, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 15587050164583443069, 155978580751494388, 15695338751700748390, 15997665423159927228, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 16066522799090129502, 16066651430762394116, 16112751343173365533, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 16130138450758310172, 1614465773938842903, 16292685861617888592, 16335643316870329598, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 16423314183614230717, 16570804352575357627, 1682585410644922036, 16858955978146406642, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 16990567851129491937, 17017923349298346219, 17097380490166623672, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 17109238199226571972, 17204844226884380288, 17291806236368054941, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 17351543633914244545, 17439059603042731363, 17574002783607647274, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 17624147599670377042, 17633734304611248415, 17683972236092287897, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 17849680105131524334, 17939405613729073960, 17956969551821596225, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 17978774977754553159, 17984632978012874803, 17997967489723066537, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 18147627057830191163, 18150909006539876521, 18159703063075866524, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 18246404330670877335, 18294908219222222902, 18392881921099771407, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 18446744073709551613, 191060519014405309, 2032008861530788751, 2128122064571842954, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 2147483647, 2147745794, 2380224015317016190, 2478231962306073784, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 2532538262737333146, 2589926981877829912, 2597124982561782591, 2600364143812063535, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 2717025511528702475, 2734787258623754862, 27407921587843457, 2760663353550280147, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 2797129108883749491, 2810460305047003196, 292198192373389586, 2934149816356927366, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3045986759481489935, 3178468437029279937, 3200333496547938354, 3320026265773918739, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3320767229281015341, 3341747963119755850, 3407972863931386250, 3413052607651207697, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3413886037471417852, 3421197789791424393, 3421213182954201407, 3425260965299690882, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3538022140597504361, 3575761800716667678, 3588624367609827560, 3626142665768487764, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3642525650883269872, 3656637464651387014, 3660705254426876796, 3769837838875367802, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3778500091710709090, 3796405623695665524, 3869935012404164040, 3890769468012566366, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 3890794756780010537, 397780960855462669, 4030236413975199654, 4088976323439621041, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 4454255944391929578, 4501656691368064027, 4578480846255629462, 4821863173800309721, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 4931721628717906635, 506634811745884560, 5132256620104998637, 5183687599225757871, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 521157249538507889, 5219431737322569038, 541172992193764396, 5415426428750045503, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 5449730069165757263, 5587557070429522647, 5614586596107908838, 576626207276463000, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 5942282052525294911, 5945487981219695001, 5984963105389676759, 607197993339007484, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 6088115528707848728, 6116246686670134098, 6180361713414290679, 6195833633417633900, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 6274014997237900919, 640589622539783622, 6461429591783621719, 6491986958834001955, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 6508141243778577344, 6605813339339102567, 682250828679635420, 6827032273910657891, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 6943102301517884811, 700598796416086955, 7080175711202577138, 7175363135479931834, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 7315838824213522000, 7412338704062093516, 7516148236133302073, 7574774749059321801, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 7701683279824397773, 7775177810774851294, 7810436520414958497, 7878537243757499832, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 79089792725215063, 7982848972385914508, 8052533790968282297, 8129411991672431889, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 8146185202538899243, 835151375515278827, 8381292265993977266, 8408095252303317471, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 8473756179280619170, 8478833628889826985, 8612208440357175863, 8697424601205169055, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 8698326794961817906, 8709004393777297355, 8727477769544302060, 8760312338504300643, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 8799118153397725683, 8873858923435176895, 8994091295115840290, 9007106680104765185, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 9061219083560670602, 9149947745824492274, 917638920165491138, 9234894663364701749, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 9333057603143916814, 9384605490088500348, 9531326785919727076, 9555688264681862794, // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + 9559632696372799208, 9903758755917170407 // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] }; } void Literals() { string[] literals = { // BUG : NumberOfKnownLiteralsAboveThreshold - "(?i)([^a-z]|^)(test)([^a-z]|$)", "(?i)(solarwinds)", "[{0,5}] {1,-16} {2}\t{3,5} {4}\\{5}\n", - "[{0,5}] {1}\n", "[E] {0} {1} {2}", - "\"\\{[0-9a-f-]{36}\\}\"|\"[0-9a-f]{32}\"|\"[0-9a-f]{16}\"", ".CortexPlugin", ".Orion", - "\"EventName\":\"EventManager\",", "\"EventType\":\"Orion\",", - "\\OrionImprovement\\SolarWinds.OrionImprovement.exe", - "0123456789abcdefghijklmnopqrstuvwxyz-_.", "\"sessionId\":\"{0}\",", "\"steps\":[", - "\"Succeeded\":true,", "\"Timestamp\":\"\\/Date({0})\\/\",", "\"userId\":\"{0}\",", - "{0} {1} HTTP/{2}\n", "10140", "144.86.226.0", "154.118.140.0", "172.16.0.0", "18.130.0.0", - "184.72.0.0", "192.168.0.0", "199.201.117.0", "20.140.0.0", "20100", "20220", "217.163.7.0", - "224.0.0.0", "240.0.0.0", "255.240.0.0", "255.254.0.0", "255.255.248.0", "3.0.0.382", - "41.84.159.0", "43140", "4320", "43260", "524287", "583da945-62af-10e8-4902-a8f205c72b2e", - "65280", "71.152.53.0", "74.114.24.0", "8.18.144.0", "87.238.80.0", "96.31.172.0", "983040", - "99.79.0.0", "Administrator", "advapi32.dll", "Apollo", "appsync-api", "avsvmcloud.com", - "api.solarwinds.com", "-root", "-cert", "-universal_ca", "-ca", "-primary_ca", "-timestamp", - "-global", "-secureca", "CloudMonitoring", "MACAddress", "DHCPEnabled", "DHCPServer", - "DNSHostName", "DNSDomainSuffixSearchOrder", "DNSServerSearchOrder", "IPAddress", "IPSubnet", - "DefaultIPGateway", "OSArchitecture", "InstallDate", "Organization", "RegisteredUser", - "fc00::", "fe00::", "fec0::", "ffc0::", "ff00::", "HKCC", "HKCR", "HKCU", "HKDD", - "HKEY_CLASSES_ROOT", "HKEY_CURRENT_CONFIG", "HKEY_CURRENT_USER", "HKEY_DYN_DATA", - "HKEY_LOCAL_MACHINE", "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography", - "HKEY_PERFOMANCE_DATA", "HKEY_USERS", "HKLM", "HKPD", "HKU", "If-None-Match", - "Microsoft-CryptoAPI/", "Nodes", "Volumes", "Interfaces", "Components", "opensans", - "Organization", "OSArchitecture", "ParentProcessID", "PathName", "ReportWatcherPostpone", - "ReportWatcherRetry", "S-1-5-", "SeRestorePrivilege", "SeShutdownPrivilege", - "SeTakeOwnershipPrivilege", "SolarWinds", "SolarWindsOrionImprovementClient/", - "SourceCodePro", "SourceHanSans", "SourceHanSerif", "SourceSerifPro", "Start", "swip/Events", - "swip/upd/", "swip/Upload.ashx", "SYSTEM", "SYSTEM\\CurrentControlSet\\services", "us-east-1", - "us-east-2", "us-west-2", "fonts/woff/{0}-{1}-{2}{3}.woff2", - "fonts/woff/{0}-{1}-{2}-webfont{3}.woff2", "ph2eifo3n5utg1j8d94qrvbmk0sal76c", - "pki/crl/{0}{1}{2}.crl", "rq3gsalt6u1iyfzop572d49bnx8cvmkewhj", - "Select * From Win32_NetworkAdapterConfiguration where IPEnabled=true", - "Select * From Win32_OperatingSystem", "Select * From Win32_Process", - "Select * From Win32_SystemDriver", "Select * From Win32_UserAccount" + "(?i)([^a-z]|^)(test)([^a-z]|$)", "(?i)(solarwinds)", "[{0,5}] {1,-16} {2}\t{3,5} {4}\\{5}\n", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "[{0,5}] {1}\n", "[E] {0} {1} {2}", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "\"\\{[0-9a-f-]{36}\\}\"|\"[0-9a-f]{32}\"|\"[0-9a-f]{16}\"", ".CortexPlugin", ".Orion", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "\"EventName\":\"EventManager\",", "\"EventType\":\"Orion\",", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "\\OrionImprovement\\SolarWinds.OrionImprovement.exe", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "0123456789abcdefghijklmnopqrstuvwxyz-_.", "\"sessionId\":\"{0}\",", "\"steps\":[", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "\"Succeeded\":true,", "\"Timestamp\":\"\\/Date({0})\\/\",", "\"userId\":\"{0}\",", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "{0} {1} HTTP/{2}\n", "10140", "144.86.226.0", "154.118.140.0", "172.16.0.0", "18.130.0.0", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "184.72.0.0", "192.168.0.0", "199.201.117.0", "20.140.0.0", "20100", "20220", "217.163.7.0", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "224.0.0.0", "240.0.0.0", "255.240.0.0", "255.254.0.0", "255.255.248.0", "3.0.0.382", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "41.84.159.0", "43140", "4320", "43260", "524287", "583da945-62af-10e8-4902-a8f205c72b2e", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "65280", "71.152.53.0", "74.114.24.0", "8.18.144.0", "87.238.80.0", "96.31.172.0", "983040", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "99.79.0.0", "Administrator", "advapi32.dll", "Apollo", "appsync-api", "avsvmcloud.com", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "api.solarwinds.com", "-root", "-cert", "-universal_ca", "-ca", "-primary_ca", "-timestamp", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "-global", "-secureca", "CloudMonitoring", "MACAddress", "DHCPEnabled", "DHCPServer", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "DNSHostName", "DNSDomainSuffixSearchOrder", "DNSServerSearchOrder", "IPAddress", "IPSubnet", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "DefaultIPGateway", "OSArchitecture", "InstallDate", "Organization", "RegisteredUser", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "fc00::", "fe00::", "fec0::", "ffc0::", "ff00::", "HKCC", "HKCR", "HKCU", "HKDD", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "HKEY_CLASSES_ROOT", "HKEY_CURRENT_CONFIG", "HKEY_CURRENT_USER", "HKEY_DYN_DATA", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "HKEY_LOCAL_MACHINE", "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "HKEY_PERFOMANCE_DATA", "HKEY_USERS", "HKLM", "HKPD", "HKU", "If-None-Match", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "Microsoft-CryptoAPI/", "Nodes", "Volumes", "Interfaces", "Components", "opensans", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "Organization", "OSArchitecture", "ParentProcessID", "PathName", "ReportWatcherPostpone", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "ReportWatcherRetry", "S-1-5-", "SeRestorePrivilege", "SeShutdownPrivilege", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "SeTakeOwnershipPrivilege", "SolarWinds", "SolarWindsOrionImprovementClient/", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "SourceCodePro", "SourceHanSans", "SourceHanSerif", "SourceSerifPro", "Start", "swip/Events", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "swip/upd/", "swip/Upload.ashx", "SYSTEM", "SYSTEM\\CurrentControlSet\\services", "us-east-1", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "us-east-2", "us-west-2", "fonts/woff/{0}-{1}-{2}{3}.woff2", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "fonts/woff/{0}-{1}-{2}-webfont{3}.woff2", "ph2eifo3n5utg1j8d94qrvbmk0sal76c", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "pki/crl/{0}{1}{2}.crl", "rq3gsalt6u1iyfzop572d49bnx8cvmkewhj", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "Select * From Win32_NetworkAdapterConfiguration where IPEnabled=true", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "Select * From Win32_OperatingSystem", "Select * From Win32_Process", // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] + "Select * From Win32_SystemDriver", "Select * From Win32_UserAccount" // $ Alert[cs/solorigate/number-of-known-literals-above-threshold] }; - + } void SwallowExceptionTest() @@ -286,15 +286,15 @@ class TestCases Literals(); } catch // BUG : SwallowEverythingExceptionHandler - {} + {} // $ Alert[cs/solorigate/swallow-everything-exception] try{ Literals(); } catch( Exception e) // BUG : SwallowEverythingExceptionHandler { - // - } + // + } // $ Alert[cs/solorigate/swallow-everything-exception] try{ Literals(); diff --git a/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/MyOutput.razor b/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/MyOutput.razor index e583e6b2e9c..5476d75ccf9 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/MyOutput.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/MyOutput.razor @@ -2,7 +2,7 @@

Value from InputText: @Value

-

Raw value from InputText: @(new MarkupString(Value))

+

Raw value from InputText: @(new MarkupString(Value))

@* $ Alert[cs/web/xss]=r1 *@
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/Pages/TestPage.razor b/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/Pages/TestPage.razor index ac3ccbe1920..7a7a02ec222 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/Pages/TestPage.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/Components/Pages/TestPage.razor @@ -8,7 +8,7 @@

Route parameter

Go to: /test/@XssUrl

Parameter from URL: @UrlParam

-

Raw parameter from URL: @((MarkupString)UrlParam)

+

Raw parameter from URL: @((MarkupString)UrlParam)

@* $ Alert[cs/web/xss]=r2 $ Alert[cs/web/xss]=r2 *@
@@ -17,7 +17,7 @@

Query parameter

Go to: /test/?qs=@XssUrl

Parameter from query string: @QueryParam

-

Raw parameter from query string: @(new MarkupString(QueryParam))

+

Raw parameter from query string: @(new MarkupString(QueryParam))

@* $ Alert[cs/web/xss]=r3 $ Alert[cs/web/xss]=r3 *@
@@ -82,7 +82,7 @@
- + @* $ Source[cs/web/xss]=r1 *@
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor/XSS.qlref b/csharp/ql/integration-tests/all-platforms/blazor/XSS.qlref index 89b5b951bdb..a71d4784670 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor/XSS.qlref +++ b/csharp/ql/integration-tests/all-platforms/blazor/XSS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-079/XSS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor index e583e6b2e9c..5476d75ccf9 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor @@ -2,7 +2,7 @@

Value from InputText: @Value

-

Raw value from InputText: @(new MarkupString(Value))

+

Raw value from InputText: @(new MarkupString(Value))

@* $ Alert[cs/web/xss]=r1 *@
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor index ac3ccbe1920..7a7a02ec222 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor @@ -8,7 +8,7 @@

Route parameter

Go to: /test/@XssUrl

Parameter from URL: @UrlParam

-

Raw parameter from URL: @((MarkupString)UrlParam)

+

Raw parameter from URL: @((MarkupString)UrlParam)

@* $ Alert[cs/web/xss]=r2 $ Alert[cs/web/xss]=r2 *@
@@ -17,7 +17,7 @@

Query parameter

Go to: /test/?qs=@XssUrl

Parameter from query string: @QueryParam

-

Raw parameter from query string: @(new MarkupString(QueryParam))

+

Raw parameter from query string: @(new MarkupString(QueryParam))

@* $ Alert[cs/web/xss]=r3 $ Alert[cs/web/xss]=r3 *@
@@ -82,7 +82,7 @@
- + @* $ Source[cs/web/xss]=r1 *@
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref index 89b5b951bdb..a71d4784670 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref +++ b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-079/XSS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/MyOutput.razor b/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/MyOutput.razor index e583e6b2e9c..5476d75ccf9 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/MyOutput.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/MyOutput.razor @@ -2,7 +2,7 @@

Value from InputText: @Value

-

Raw value from InputText: @(new MarkupString(Value))

+

Raw value from InputText: @(new MarkupString(Value))

@* $ Alert[cs/web/xss]=r1 *@
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/Pages/TestPage.razor b/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/Pages/TestPage.razor index ac3ccbe1920..7a7a02ec222 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/Pages/TestPage.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor_net_8/BlazorTest/Components/Pages/TestPage.razor @@ -8,7 +8,7 @@

Route parameter

Go to: /test/@XssUrl

Parameter from URL: @UrlParam

-

Raw parameter from URL: @((MarkupString)UrlParam)

+

Raw parameter from URL: @((MarkupString)UrlParam)

@* $ Alert[cs/web/xss]=r2 $ Alert[cs/web/xss]=r2 *@
@@ -17,7 +17,7 @@

Query parameter

Go to: /test/?qs=@XssUrl

Parameter from query string: @QueryParam

-

Raw parameter from query string: @(new MarkupString(QueryParam))

+

Raw parameter from query string: @(new MarkupString(QueryParam))

@* $ Alert[cs/web/xss]=r3 $ Alert[cs/web/xss]=r3 *@
@@ -82,7 +82,7 @@
- + @* $ Source[cs/web/xss]=r1 *@
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.qlref b/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.qlref index 89b5b951bdb..a71d4784670 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.qlref +++ b/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-079/XSS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/integration-tests/all-platforms/standalone/DatabaseQualityDiagnostics.qlref b/csharp/ql/integration-tests/all-platforms/standalone/DatabaseQualityDiagnostics.qlref index 6ff2dbd1d5f..5d28fb2ecf9 100644 --- a/csharp/ql/integration-tests/all-platforms/standalone/DatabaseQualityDiagnostics.qlref +++ b/csharp/ql/integration-tests/all-platforms/standalone/DatabaseQualityDiagnostics.qlref @@ -1 +1 @@ -Telemetry/DatabaseQualityDiagnostics.ql \ No newline at end of file +query: Telemetry/DatabaseQualityDiagnostics.ql diff --git a/csharp/ql/integration-tests/all-platforms/standalone_buildless_option/DatabaseQualityDiagnostics.qlref b/csharp/ql/integration-tests/all-platforms/standalone_buildless_option/DatabaseQualityDiagnostics.qlref index 6ff2dbd1d5f..5d28fb2ecf9 100644 --- a/csharp/ql/integration-tests/all-platforms/standalone_buildless_option/DatabaseQualityDiagnostics.qlref +++ b/csharp/ql/integration-tests/all-platforms/standalone_buildless_option/DatabaseQualityDiagnostics.qlref @@ -1 +1 @@ -Telemetry/DatabaseQualityDiagnostics.ql \ No newline at end of file +query: Telemetry/DatabaseQualityDiagnostics.ql diff --git a/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs b/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs index 5d89942f9fe..8777e35874a 100644 --- a/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs +++ b/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs @@ -16,6 +16,6 @@ public class PersonBad : ISerializable [OnDeserializing] void ISerializable.GetObjectData(SerializationInfo info, StreamingContext context) { - Age = info.GetInt32("age"); // BAD - write is unsafe + Age = info.GetInt32("age"); // $ Alert // BAD - write is unsafe } } diff --git a/csharp/ql/test/experimental/CWE-918/RequestForgery.cs b/csharp/ql/test/experimental/CWE-918/RequestForgery.cs index 02e851d8df1..2c548337ed9 100644 --- a/csharp/ql/test/experimental/CWE-918/RequestForgery.cs +++ b/csharp/ql/test/experimental/CWE-918/RequestForgery.cs @@ -9,9 +9,9 @@ namespace RequestForgery.Controllers { [HttpPost] [ValidateAntiForgeryToken] - public async Task Bad(string url) + public async Task Bad(string url) // $ Source=r1 { - var request = new HttpRequestMessage(HttpMethod.Get, url); + var request = new HttpRequestMessage(HttpMethod.Get, url); // $ Alert=r1 var client = new HttpClient(); await client.SendAsync(request); diff --git a/csharp/ql/test/experimental/CWE-918/RequestForgery.qlref b/csharp/ql/test/experimental/CWE-918/RequestForgery.qlref index 3d529ae5a2c..d4f3819dbac 100644 --- a/csharp/ql/test/experimental/CWE-918/RequestForgery.qlref +++ b/csharp/ql/test/experimental/CWE-918/RequestForgery.qlref @@ -1 +1,2 @@ -experimental/CWE-918/RequestForgery.ql \ No newline at end of file +query: experimental/CWE-918/RequestForgery.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.cs b/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.cs index 302936c0ea6..3f1bd592743 100644 --- a/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.cs +++ b/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.cs @@ -15,9 +15,9 @@ public class Test // BAD - Hash without a salt. public static String HashPassword(string password, string strAlgName ="SHA256") { - IBuffer passBuff = CryptographicBuffer.ConvertStringToBinary(password, BinaryStringEncoding.Utf8); + IBuffer passBuff = CryptographicBuffer.ConvertStringToBinary(password, BinaryStringEncoding.Utf8); // $ Source HashAlgorithmProvider algProvider = HashAlgorithmProvider.OpenAlgorithm(strAlgName); - IBuffer hashBuff = algProvider.HashData(passBuff); + IBuffer hashBuff = algProvider.HashData(passBuff); // $ Alert return CryptographicBuffer.EncodeToBase64String(hashBuff); } @@ -35,8 +35,8 @@ public class Test public static string HashPassword(string password) { SHA256 sha256Hash = SHA256.Create(); - byte[] passBytes = System.Text.Encoding.ASCII.GetBytes(password); - byte[] hashBytes = sha256Hash.ComputeHash(passBytes); + byte[] passBytes = System.Text.Encoding.ASCII.GetBytes(password); // $ Source + byte[] hashBytes = sha256Hash.ComputeHash(passBytes); // $ Alert return Convert.ToBase64String(hashBytes); } @@ -47,11 +47,11 @@ public class Test byte[] saltBytes = GenerateSalt(); // Add the salt to the hash. - byte[] rawSalted = new byte[passBytes.Length + saltBytes.Length]; + byte[] rawSalted = new byte[passBytes.Length + saltBytes.Length]; passBytes.CopyTo(rawSalted, 0); saltBytes.CopyTo(rawSalted, passBytes.Length); - //Create the salted hash. + //Create the salted hash. SHA256 sha256 = SHA256.Create(); byte[] saltedPassBytes = sha256.ComputeHash(rawSalted); @@ -67,8 +67,8 @@ public class Test public static string HashPassword3(string password) { HashAlgorithm hashAlg = new SHA256CryptoServiceProvider(); - byte[] passBytes = System.Text.Encoding.ASCII.GetBytes(password); - byte[] hashBytes = hashAlg.ComputeHash(passBytes); + byte[] passBytes = System.Text.Encoding.ASCII.GetBytes(password); // $ Source + byte[] hashBytes = hashAlg.ComputeHash(passBytes); // $ Alert return Convert.ToBase64String(hashBytes); } @@ -164,7 +164,7 @@ public class Test StringBuilder sb = new StringBuilder (); foreach (byte b in result) sb.Append (b.ToString ("x2")); - + return sb.ToString (); } diff --git a/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.qlref b/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.qlref index 4816eabeacb..ed571d23e49 100644 --- a/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.qlref +++ b/csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.qlref @@ -1,2 +1,4 @@ query: experimental/Security Features/CWE-759/HashWithoutSalt.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.qlref b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.qlref index 527ea925973..2c6cebb2dfc 100644 --- a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.qlref +++ b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.qlref @@ -1 +1,2 @@ -experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql \ No newline at end of file +query: experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs index 01af41c4b0c..95118a986d3 100644 --- a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs +++ b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs @@ -98,8 +98,8 @@ namespace JsonWebTokenHandlerTest SaveSigninToken = true }; - tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // BUG delegated-security-validations-always-return-true - tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => true; // BUG delegated-security-validations-always-return-true + tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG delegated-security-validations-always-return-true + tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => true; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG delegated-security-validations-always-return-true tokenValidationParamsBaseline.TokenReplayValidator = (DateTime? expirationTime, string securityToken, TokenValidationParameters validationParameters) => // GOOD { if (securityToken is null) @@ -111,12 +111,12 @@ namespace JsonWebTokenHandlerTest tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetime02(securityToken, validationParameters); // GOOD tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => {return securityToken is null?false:true; }; // GOOD - - tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => { return true; }; // BUG - tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => !false ; // BUG - tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => { return securityToken is null?true:true; }; // BUG - tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => { return ValidateLifetimeAlwaysTrue(securityToken, validationParameters);}; //BUG - tokenValidationParamsBaseline.AudienceValidator = (audiences, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); //BUG + + tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => { return true; }; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG + tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => !false ; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG + tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => { return securityToken is null?true:true; }; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG + tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => { return ValidateLifetimeAlwaysTrue(securityToken, validationParameters);}; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] //BUG + tokenValidationParamsBaseline.AudienceValidator = (audiences, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] //BUG } @@ -134,4 +134,4 @@ namespace JsonWebTokenHandlerTest return !false; } } -} \ No newline at end of file +} diff --git a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled-test.cs b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled-test.cs index 505aba41416..9d302e051ba 100644 --- a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled-test.cs +++ b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled-test.cs @@ -28,16 +28,16 @@ namespace JsonWebTokenHandlerTest ClockSkew = TimeSpan.FromMinutes(5), ValidateActor = false, ValidateIssuerSigningKey = false, - ValidateIssuer = false, // BUG - ValidateAudience = false, // BUG - ValidateLifetime = false, // BUG - RequireExpirationTime = false, // BUG + ValidateIssuer = false, // $ Alert[cs/json-webtoken-handler/security-validations-disabled] // BUG + ValidateAudience = false, // $ Alert[cs/json-webtoken-handler/security-validations-disabled] // BUG + ValidateLifetime = false, // $ Alert[cs/json-webtoken-handler/security-validations-disabled] // BUG + RequireExpirationTime = false, // $ Alert[cs/json-webtoken-handler/security-validations-disabled] // BUG ValidateTokenReplay = false, RequireSignedTokens = false, - RequireAudience = false, // BUG + RequireAudience = false, // $ Alert[cs/json-webtoken-handler/security-validations-disabled] // BUG SaveSigninToken = false }; } } -} \ No newline at end of file +} diff --git a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.qlref b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.qlref index ee07957fa06..6e09f8b533b 100644 --- a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.qlref +++ b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.qlref @@ -1 +1,2 @@ -experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.ql \ No newline at end of file +query: experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/Serialization/DefiningDatasetRelatedType.qlref b/csharp/ql/test/experimental/Security Features/Serialization/DefiningDatasetRelatedType.qlref index 7283db95daf..2000d5d8876 100644 --- a/csharp/ql/test/experimental/Security Features/Serialization/DefiningDatasetRelatedType.qlref +++ b/csharp/ql/test/experimental/Security Features/Serialization/DefiningDatasetRelatedType.qlref @@ -1 +1,2 @@ -experimental/Security Features/Serialization/DefiningDatasetRelatedType.ql \ No newline at end of file +query: experimental/Security Features/Serialization/DefiningDatasetRelatedType.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.qlref b/csharp/ql/test/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.qlref index 8a8632c6ee3..767133e00a8 100644 --- a/csharp/ql/test/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.qlref +++ b/csharp/ql/test/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.qlref @@ -1 +1,2 @@ -experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql \ No newline at end of file +query: experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.qlref b/csharp/ql/test/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.qlref index 1593497c793..62c0d0c79d2 100644 --- a/csharp/ql/test/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.qlref +++ b/csharp/ql/test/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.qlref @@ -1 +1,2 @@ -experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.ql \ No newline at end of file +query: experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.qlref b/csharp/ql/test/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.qlref index 8054e46f929..1d26399183e 100644 --- a/csharp/ql/test/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.qlref +++ b/csharp/ql/test/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.qlref @@ -1 +1,2 @@ -experimental/Security Features/Serialization/XmlDeserializationWithDataSet.ql \ No newline at end of file +query: experimental/Security Features/Serialization/XmlDeserializationWithDataSet.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/Serialization/test0.cs b/csharp/ql/test/experimental/Security Features/Serialization/test0.cs index d2b2e772245..12ca6a18704 100644 --- a/csharp/ql/test/experimental/Security Features/Serialization/test0.cs +++ b/csharp/ql/test/experimental/Security Features/Serialization/test0.cs @@ -8,9 +8,9 @@ using System.Collections.Generic; namespace DataSetSerializationTest { - public class DerivesFromDeprecatedType1 : XmlSerializer // warning:DefiningDatasetRelatedType.ql + public class DerivesFromDeprecatedType1 : XmlSerializer // $ Alert[cs/dataset-serialization/defining-dataset-related-type] // warning:DefiningDatasetRelatedType.ql { - public DataSet MyDataSet { get; set; } // bug:DefiningPotentiallyUnsafeXmlSerializer.ql + public DataSet MyDataSet { get; set; } // $ Alert[cs/dataset-serialization/defining-potentially-unsafe-xml-serializer] // bug:DefiningPotentiallyUnsafeXmlSerializer.ql public DerivesFromDeprecatedType1() { @@ -54,9 +54,9 @@ namespace DataSetSerializationTest */ [Serializable()] - public class AttributeSerializer01 // warning:DefiningDatasetRelatedType.ql + public class AttributeSerializer01 // $ Alert[cs/dataset-serialization/defining-dataset-related-type] // warning:DefiningDatasetRelatedType.ql { - private DataSet MyDataSet; // bug:DefiningPotentiallyUnsafeXmlSerializer.ql + private DataSet MyDataSet; // $ Alert[cs/dataset-serialization/defining-potentially-unsafe-xml-serializer] // bug:DefiningPotentiallyUnsafeXmlSerializer.ql AttributeSerializer01() { @@ -83,15 +83,15 @@ namespace DataSetSerializationTest { DataTable newTable = new DataTable(); System.Xml.XmlTextReader reader = new System.Xml.XmlTextReader(fs); - newTable.ReadXmlSchema(reader); //bug:XmlDeserializationWithDataSet.ql + newTable.ReadXmlSchema(reader); // $ Alert[cs/dataset-serialization/xml-deserialization-with-dataset] //bug:XmlDeserializationWithDataSet.ql } } static void Main(string[] args) { - XmlSerializer x = new XmlSerializer(typeof(DataSet)); // bug:UnsafeTypeUsedDataContractSerializer.ql - XmlSerializer y = new XmlSerializer(typeof(AttributeSerializer01)); //bug:UnsafeTypeUsedDataContractSerializer.ql + XmlSerializer x = new XmlSerializer(typeof(DataSet)); // $ Alert[cs/dataset-serialization/unsafe-type-used-data-contract-serializer] // bug:UnsafeTypeUsedDataContractSerializer.ql + XmlSerializer y = new XmlSerializer(typeof(AttributeSerializer01)); // $ Alert[cs/dataset-serialization/unsafe-type-used-data-contract-serializer] //bug:UnsafeTypeUsedDataContractSerializer.ql Console.WriteLine("Hello World!"); } diff --git a/csharp/ql/test/experimental/Security Features/backdoor/DangerousNativeFunctionCall.qlref b/csharp/ql/test/experimental/Security Features/backdoor/DangerousNativeFunctionCall.qlref index 1215c001b40..4a8dc07046f 100644 --- a/csharp/ql/test/experimental/Security Features/backdoor/DangerousNativeFunctionCall.qlref +++ b/csharp/ql/test/experimental/Security Features/backdoor/DangerousNativeFunctionCall.qlref @@ -1 +1,2 @@ -experimental/Security Features/backdoor/DangerousNativeFunctionCall.ql \ No newline at end of file +query: experimental/Security Features/backdoor/DangerousNativeFunctionCall.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/backdoor/PotentialTimeBomb.qlref b/csharp/ql/test/experimental/Security Features/backdoor/PotentialTimeBomb.qlref index f76817aa089..c2b5b618cec 100644 --- a/csharp/ql/test/experimental/Security Features/backdoor/PotentialTimeBomb.qlref +++ b/csharp/ql/test/experimental/Security Features/backdoor/PotentialTimeBomb.qlref @@ -1 +1,2 @@ -experimental/Security Features/backdoor/PotentialTimeBomb.ql \ No newline at end of file +query: experimental/Security Features/backdoor/PotentialTimeBomb.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.qlref b/csharp/ql/test/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.qlref index d1d0d520d61..767d3e6961a 100644 --- a/csharp/ql/test/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.qlref +++ b/csharp/ql/test/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.qlref @@ -1 +1,2 @@ -experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.ql \ No newline at end of file +query: experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/experimental/Security Features/backdoor/test.cs b/csharp/ql/test/experimental/Security Features/backdoor/test.cs index 1aecc80aa83..c582f5e4926 100644 --- a/csharp/ql/test/experimental/Security Features/backdoor/test.cs +++ b/csharp/ql/test/experimental/Security Features/backdoor/test.cs @@ -29,7 +29,7 @@ class External void TestDangerousNativeFunctionCall() { - InitiateSystemShutdownExW(null, null, 0U, true, true, 2147745794U); // BUG : DangerousNativeFunctionCall + InitiateSystemShutdownExW(null, null, 0U, true, true, 2147745794U); // $ Alert[cs/backdoor/dangerous-native-functions] // BUG : DangerousNativeFunctionCall } ulong GetFvnHash(string s) @@ -66,12 +66,12 @@ class External void TestTimeBomb() { - DateTime lastWriteTime = System.IO.File.GetLastWriteTime("someFile"); + DateTime lastWriteTime = System.IO.File.GetLastWriteTime("someFile"); // $ Source[cs/backdoor/potential-time-bomb] int num = new Random().Next(288, 336); - if (DateTime.Now.CompareTo(lastWriteTime.AddHours((double)num)) >= 0) // BUG : Potential time bomb, currently not detected + if (DateTime.Now.CompareTo(lastWriteTime.AddHours((double)num)) >= 0) // $ Sink[cs/backdoor/potential-time-bomb] // BUG : Potential time bomb, currently not detected { // Some code here - } + } // $ Alert[cs/backdoor/potential-time-bomb] } -} \ No newline at end of file +} diff --git a/csharp/ql/test/library-tests/arguments/PrintAst.qlref b/csharp/ql/test/library-tests/arguments/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/arguments/PrintAst.qlref +++ b/csharp/ql/test/library-tests/arguments/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/assignments/PrintAst.qlref b/csharp/ql/test/library-tests/assignments/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/assignments/PrintAst.qlref +++ b/csharp/ql/test/library-tests/assignments/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/attributes/PrintAst.qlref b/csharp/ql/test/library-tests/attributes/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/attributes/PrintAst.qlref +++ b/csharp/ql/test/library-tests/attributes/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/comments/PrintAst.qlref b/csharp/ql/test/library-tests/comments/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/comments/PrintAst.qlref +++ b/csharp/ql/test/library-tests/comments/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/compilations/CompilerError.qlref b/csharp/ql/test/library-tests/compilations/CompilerError.qlref index a0132abfe57..4bceeaba10c 100644 --- a/csharp/ql/test/library-tests/compilations/CompilerError.qlref +++ b/csharp/ql/test/library-tests/compilations/CompilerError.qlref @@ -1 +1 @@ -Diagnostics/CompilerError.ql \ No newline at end of file +query: Diagnostics/CompilerError.ql diff --git a/csharp/ql/test/library-tests/compilations/CompilerMessage.qlref b/csharp/ql/test/library-tests/compilations/CompilerMessage.qlref index 0628dcba52e..c4a8ee06a01 100644 --- a/csharp/ql/test/library-tests/compilations/CompilerMessage.qlref +++ b/csharp/ql/test/library-tests/compilations/CompilerMessage.qlref @@ -1 +1 @@ -Diagnostics/CompilerMessage.ql \ No newline at end of file +query: Diagnostics/CompilerMessage.ql diff --git a/csharp/ql/test/library-tests/compilations/ExtractorError.qlref b/csharp/ql/test/library-tests/compilations/ExtractorError.qlref index 14290bb4ace..d343d7778b8 100644 --- a/csharp/ql/test/library-tests/compilations/ExtractorError.qlref +++ b/csharp/ql/test/library-tests/compilations/ExtractorError.qlref @@ -1 +1 @@ -Diagnostics/ExtractorError.ql +query: Diagnostics/ExtractorError.ql diff --git a/csharp/ql/test/library-tests/compilations/ExtractorMessage.qlref b/csharp/ql/test/library-tests/compilations/ExtractorMessage.qlref index ce6ac3bff0a..cedb003d69c 100644 --- a/csharp/ql/test/library-tests/compilations/ExtractorMessage.qlref +++ b/csharp/ql/test/library-tests/compilations/ExtractorMessage.qlref @@ -1 +1 @@ -Diagnostics/ExtractorMessage.ql \ No newline at end of file +query: Diagnostics/ExtractorMessage.ql diff --git a/csharp/ql/test/library-tests/constructors/PrintAst.qlref b/csharp/ql/test/library-tests/constructors/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/constructors/PrintAst.qlref +++ b/csharp/ql/test/library-tests/constructors/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/conversion/operator/PrintAst.qlref b/csharp/ql/test/library-tests/conversion/operator/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/conversion/operator/PrintAst.qlref +++ b/csharp/ql/test/library-tests/conversion/operator/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp11/PrintAst.qlref b/csharp/ql/test/library-tests/csharp11/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp11/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp11/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp6/PrintAst.qlref b/csharp/ql/test/library-tests/csharp6/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp6/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp6/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp7.1/PrintAst.qlref b/csharp/ql/test/library-tests/csharp7.1/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp7.1/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp7.1/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp7.2/PrintAst.qlref b/csharp/ql/test/library-tests/csharp7.2/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp7.2/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp7.2/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp7.3/PrintAst.qlref b/csharp/ql/test/library-tests/csharp7.3/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp7.3/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp7.3/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp7/PrintAst.qlref b/csharp/ql/test/library-tests/csharp7/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp7/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp7/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp8/PrintAst.qlref b/csharp/ql/test/library-tests/csharp8/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp8/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp8/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/csharp9/PrintAst.qlref b/csharp/ql/test/library-tests/csharp9/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/csharp9/PrintAst.qlref +++ b/csharp/ql/test/library-tests/csharp9/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/dataflow/implicittostring/PrintAst.qlref b/csharp/ql/test/library-tests/dataflow/implicittostring/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/dataflow/implicittostring/PrintAst.qlref +++ b/csharp/ql/test/library-tests/dataflow/implicittostring/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/dataflow/tuples/PrintAst.qlref b/csharp/ql/test/library-tests/dataflow/tuples/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/dataflow/tuples/PrintAst.qlref +++ b/csharp/ql/test/library-tests/dataflow/tuples/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/definitions/PrintAst.qlref b/csharp/ql/test/library-tests/definitions/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/definitions/PrintAst.qlref +++ b/csharp/ql/test/library-tests/definitions/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/definitions/definitions.qlref b/csharp/ql/test/library-tests/definitions/definitions.qlref index 11e03f5ab07..89fab02d103 100644 --- a/csharp/ql/test/library-tests/definitions/definitions.qlref +++ b/csharp/ql/test/library-tests/definitions/definitions.qlref @@ -1 +1 @@ -definitions.ql \ No newline at end of file +query: definitions.ql diff --git a/csharp/ql/test/library-tests/delegates/PrintAst.qlref b/csharp/ql/test/library-tests/delegates/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/delegates/PrintAst.qlref +++ b/csharp/ql/test/library-tests/delegates/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/diagnostics/DiagnosticExtractorErrors.qlref b/csharp/ql/test/library-tests/diagnostics/DiagnosticExtractorErrors.qlref index 7068705cc1b..498f8bf078e 100644 --- a/csharp/ql/test/library-tests/diagnostics/DiagnosticExtractorErrors.qlref +++ b/csharp/ql/test/library-tests/diagnostics/DiagnosticExtractorErrors.qlref @@ -1 +1 @@ -Diagnostics/DiagnosticExtractionErrors.ql +query: Diagnostics/DiagnosticExtractionErrors.ql diff --git a/csharp/ql/test/library-tests/diagnostics/ExtractedFiles.qlref b/csharp/ql/test/library-tests/diagnostics/ExtractedFiles.qlref index e900e9c5314..58bc903a431 100644 --- a/csharp/ql/test/library-tests/diagnostics/ExtractedFiles.qlref +++ b/csharp/ql/test/library-tests/diagnostics/ExtractedFiles.qlref @@ -1 +1 @@ -Diagnostics/ExtractedFiles.ql +query: Diagnostics/ExtractedFiles.ql diff --git a/csharp/ql/test/library-tests/dynamic/PrintAst.qlref b/csharp/ql/test/library-tests/dynamic/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/dynamic/PrintAst.qlref +++ b/csharp/ql/test/library-tests/dynamic/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/enums/PrintAst.qlref b/csharp/ql/test/library-tests/enums/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/enums/PrintAst.qlref +++ b/csharp/ql/test/library-tests/enums/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/events/PrintAst.qlref b/csharp/ql/test/library-tests/events/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/events/PrintAst.qlref +++ b/csharp/ql/test/library-tests/events/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/exceptions/PrintAst.qlref b/csharp/ql/test/library-tests/exceptions/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/exceptions/PrintAst.qlref +++ b/csharp/ql/test/library-tests/exceptions/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/expressions/PrintAst.qlref b/csharp/ql/test/library-tests/expressions/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/expressions/PrintAst.qlref +++ b/csharp/ql/test/library-tests/expressions/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/extension/PrintAst.qlref b/csharp/ql/test/library-tests/extension/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/extension/PrintAst.qlref +++ b/csharp/ql/test/library-tests/extension/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/fields/PrintAst.qlref b/csharp/ql/test/library-tests/fields/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/fields/PrintAst.qlref +++ b/csharp/ql/test/library-tests/fields/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/filters/ClassifyFiles/ClassifyFiles.qlref b/csharp/ql/test/library-tests/filters/ClassifyFiles/ClassifyFiles.qlref index 638bf456762..612f5dfb332 100644 --- a/csharp/ql/test/library-tests/filters/ClassifyFiles/ClassifyFiles.qlref +++ b/csharp/ql/test/library-tests/filters/ClassifyFiles/ClassifyFiles.qlref @@ -1 +1 @@ -filters/ClassifyFiles.ql \ No newline at end of file +query: filters/ClassifyFiles.ql diff --git a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Components_Pages_TestPage_razor.g.cs b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Components_Pages_TestPage_razor.g.cs index 8732f8c7e4b..4dcde99a22f 100644 --- a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Components_Pages_TestPage_razor.g.cs +++ b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Components_Pages_TestPage_razor.g.cs @@ -135,7 +135,7 @@ UrlParam __builder.AddContent(18, "Raw parameter from URL: "); __builder.AddContent(19, #nullable restore -(MarkupString)UrlParam +(MarkupString)UrlParam // $ Alert=r1 $ Alert=r1 #line default #line hidden @@ -185,7 +185,7 @@ QueryParam __builder.AddContent(35, "Raw parameter from query string: "); __builder.AddContent(36, #nullable restore -new MarkupString(QueryParam) +new MarkupString(QueryParam) // $ Alert=r2 $ Alert=r2 #line default #line hidden diff --git a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Name.cs b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Name.cs index a9d098470e4..d83db4eb071 100644 --- a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Name.cs +++ b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Name.cs @@ -10,7 +10,7 @@ namespace VulnerableBlazorApp.Components { builder.OpenElement(0, "div"); builder.OpenElement(1, "p"); - builder.AddContent(2, (MarkupString)TheName); + builder.AddContent(2, (MarkupString)TheName); // $ Alert=r3 $ Alert=r4 builder.CloseElement(); builder.CloseElement(); } @@ -19,4 +19,4 @@ namespace VulnerableBlazorApp.Components [Parameter] public string TheName { get; set; } } -} \ No newline at end of file +} diff --git a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList.cs b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList.cs index ceffb35303e..6b6b82014d3 100644 --- a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList.cs +++ b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList.cs @@ -28,7 +28,7 @@ namespace VulnerableBlazorApp.Components builder.OpenElement(6, "p"); builder.AddContent(7, "Name: "); builder.OpenComponent(8); - builder.AddComponentParameter(9, nameof(VulnerableBlazorApp.Components.Name.TheName), Name); + builder.AddComponentParameter(9, nameof(VulnerableBlazorApp.Components.Name.TheName), Name); // $ Source=r4 builder.CloseComponent(); builder.CloseElement(); } @@ -47,4 +47,4 @@ namespace VulnerableBlazorApp.Components public List Names { get; set; } = new List(); } -} \ No newline at end of file +} diff --git a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList2.cs b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList2.cs index d27d6f2dcde..4e06a14e824 100644 --- a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList2.cs +++ b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/NameList2.cs @@ -28,7 +28,7 @@ namespace VulnerableBlazorApp.Components builder.OpenElement(6, "p"); builder.AddContent(7, "Name: "); builder.OpenComponent(8); - builder.AddComponentParameter(9, "TheName", Name); + builder.AddComponentParameter(9, "TheName", Name); // $ Source=r3 builder.CloseComponent(); builder.CloseElement(); } @@ -47,4 +47,4 @@ namespace VulnerableBlazorApp.Components public List Names { get; set; } = new List(); } -} \ No newline at end of file +} diff --git a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref index 89b5b951bdb..a71d4784670 100644 --- a/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref +++ b/csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-079/XSS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/library-tests/generics/PrintAst.qlref b/csharp/ql/test/library-tests/generics/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/generics/PrintAst.qlref +++ b/csharp/ql/test/library-tests/generics/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/goto/PrintAst.qlref b/csharp/ql/test/library-tests/goto/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/goto/PrintAst.qlref +++ b/csharp/ql/test/library-tests/goto/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/indexers/PrintAst.qlref b/csharp/ql/test/library-tests/indexers/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/indexers/PrintAst.qlref +++ b/csharp/ql/test/library-tests/indexers/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/initializers/PrintAst.qlref b/csharp/ql/test/library-tests/initializers/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/initializers/PrintAst.qlref +++ b/csharp/ql/test/library-tests/initializers/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/linq/PrintAst.qlref b/csharp/ql/test/library-tests/linq/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/linq/PrintAst.qlref +++ b/csharp/ql/test/library-tests/linq/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/members/PrintAst.qlref b/csharp/ql/test/library-tests/members/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/members/PrintAst.qlref +++ b/csharp/ql/test/library-tests/members/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/methods/PrintAst.qlref b/csharp/ql/test/library-tests/methods/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/methods/PrintAst.qlref +++ b/csharp/ql/test/library-tests/methods/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/nameof/PrintAst.qlref b/csharp/ql/test/library-tests/nameof/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/nameof/PrintAst.qlref +++ b/csharp/ql/test/library-tests/nameof/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/namespaces/PrintAst.qlref b/csharp/ql/test/library-tests/namespaces/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/namespaces/PrintAst.qlref +++ b/csharp/ql/test/library-tests/namespaces/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/nestedtypes/PrintAst.qlref b/csharp/ql/test/library-tests/nestedtypes/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/nestedtypes/PrintAst.qlref +++ b/csharp/ql/test/library-tests/nestedtypes/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/operators/PrintAst.qlref b/csharp/ql/test/library-tests/operators/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/operators/PrintAst.qlref +++ b/csharp/ql/test/library-tests/operators/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/partial/PrintAst.qlref b/csharp/ql/test/library-tests/partial/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/partial/PrintAst.qlref +++ b/csharp/ql/test/library-tests/partial/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/properties/PrintAst.qlref b/csharp/ql/test/library-tests/properties/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/properties/PrintAst.qlref +++ b/csharp/ql/test/library-tests/properties/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/statements/PrintAst.qlref b/csharp/ql/test/library-tests/statements/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/statements/PrintAst.qlref +++ b/csharp/ql/test/library-tests/statements/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/stringinterpolation/PrintAst.qlref b/csharp/ql/test/library-tests/stringinterpolation/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/stringinterpolation/PrintAst.qlref +++ b/csharp/ql/test/library-tests/stringinterpolation/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/types/PrintAst.qlref b/csharp/ql/test/library-tests/types/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/types/PrintAst.qlref +++ b/csharp/ql/test/library-tests/types/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/library-tests/unsafe/PrintAst.qlref b/csharp/ql/test/library-tests/unsafe/PrintAst.qlref index f867dd01f9f..1db66182b0a 100644 --- a/csharp/ql/test/library-tests/unsafe/PrintAst.qlref +++ b/csharp/ql/test/library-tests/unsafe/PrintAst.qlref @@ -1 +1 @@ -shared/PrintAst.ql \ No newline at end of file +query: shared/PrintAst.ql diff --git a/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollect.qlref b/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollect.qlref index ca6961e370b..c911197abb3 100644 --- a/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollect.qlref +++ b/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollect.qlref @@ -1 +1,2 @@ -API Abuse/CallToGCCollect.ql \ No newline at end of file +query: API Abuse/CallToGCCollect.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollectBad.cs b/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollectBad.cs index acc30b87c8d..b081d201f10 100644 --- a/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollectBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/CallToGCCollect/CallToGCCollectBad.cs @@ -4,6 +4,6 @@ class Bad { void M() { - GC.Collect(); + GC.Collect(); // $ Alert } } diff --git a/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.cs b/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.cs index c546c406f31..ea0ffeeb764 100644 --- a/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.cs +++ b/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.cs @@ -16,7 +16,7 @@ class Program static void Main(string[] args) { // BAD: Call to obsolete method - ObsoleteMethod(); + ObsoleteMethod(); // $ Alert // GOOD: Call to non-obsolete method NotObsoleteMethod(); diff --git a/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.qlref b/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.qlref index 08b2c9a51d4..028fb010e8e 100644 --- a/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.qlref +++ b/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethod.qlref @@ -1 +1,2 @@ -API Abuse/CallToObsoleteMethod.ql \ No newline at end of file +query: API Abuse/CallToObsoleteMethod.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethodBad.cs b/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethodBad.cs index c8c10de283d..9ea4f5b80a4 100644 --- a/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethodBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/CallToObsoleteMethod/CallToObsoleteMethodBad.cs @@ -4,7 +4,7 @@ class Bad { void M() { - Logger.Log("Hello, World!"); + Logger.Log("Hello, World!"); // $ Alert } static class Logger diff --git a/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.cs b/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.cs index a2e5f7333e9..865b31f2ca0 100644 --- a/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.cs +++ b/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.cs @@ -1,7 +1,7 @@ using System; // BAD -class Incorrect +class Incorrect // $ Alert { public static bool operator ==(Incorrect a, Incorrect b) => default(bool); public static bool operator !=(Incorrect a, Incorrect b) => !(a == b); @@ -21,7 +21,7 @@ class Correct } // BAD: needs to redefine Equals -class IncorrectOverrides : Correct +class IncorrectOverrides : Correct // $ Alert { public static bool operator ==(IncorrectOverrides a, IncorrectOverrides b) => default(bool); public static bool operator !=(IncorrectOverrides a, IncorrectOverrides b) => !(a == b); @@ -47,7 +47,7 @@ class Program } // BAD: should also implement Equals. -class MyEquatable : IEquatable +class MyEquatable : IEquatable // $ Alert { public bool Equals(MyEquatable other) { diff --git a/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.qlref b/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.qlref index 5ffe8a70dec..9b025e76c30 100644 --- a/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.qlref +++ b/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEquals.qlref @@ -1 +1,2 @@ -API Abuse/ClassDoesNotImplementEquals.ql \ No newline at end of file +query: API Abuse/ClassDoesNotImplementEquals.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEqualsBad.cs b/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEqualsBad.cs index 619f462a96c..305bd87c2cf 100644 --- a/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEqualsBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/ClassDoesNotImplementEqualsBad.cs @@ -21,7 +21,7 @@ class Bad } } - class GasolineCar : Car + class GasolineCar : Car // $ Alert { protected bool unleaded; diff --git a/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneable.qlref b/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneable.qlref index e597d142a2d..65eb6ca729d 100644 --- a/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneable.qlref +++ b/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneable.qlref @@ -1 +1,2 @@ -API Abuse/ClassImplementsICloneable.ql \ No newline at end of file +query: API Abuse/ClassImplementsICloneable.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneableBad.cs b/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneableBad.cs index 0999bd87d28..e1636158bf2 100644 --- a/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneableBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/ClassImplementsICloneable/ClassImplementsICloneableBad.cs @@ -8,7 +8,7 @@ class Bad public Thing(int i) { I = i; } } - class Shallow : ICloneable + class Shallow : ICloneable // $ Alert { public Thing T { get; set; } public Shallow(Thing t) { T = t; } @@ -17,7 +17,7 @@ class Bad public object Clone() { return new Shallow(T); } } - class Deep : ICloneable + class Deep : ICloneable // $ Alert { public Thing T { get; set; } public Deep(Thing t) { T = t; } diff --git a/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.cs b/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.cs index acde0fc477f..31505eb740c 100644 --- a/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.cs +++ b/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.cs @@ -45,17 +45,17 @@ class Test // BAD: No Dispose call in case of exception SqlConnection c1d = new SqlConnection(); c1d.Open(); - c1d.Dispose(); + c1d.Dispose(); // $ Alert // BAD: No Dispose call in case of exception SqlConnection c1e = new SqlConnection(); Throw1(c1e); - c1e.Dispose(); + c1e.Dispose(); // $ Alert // BAD: No Dispose call in case of exception SqlConnection c1f = new SqlConnection(); Throw2(c1f); - c1f.Dispose(); + c1f.Dispose(); // $ Alert // GOOD: using declaration using SqlConnection c2 = new SqlConnection(""); diff --git a/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.qlref b/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.qlref index d55f9b7dcba..4273ca0a55c 100644 --- a/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.qlref +++ b/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnException.qlref @@ -1 +1,2 @@ -API Abuse/DisposeNotCalledOnException.ql \ No newline at end of file +query: API Abuse/DisposeNotCalledOnException.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnExceptionBad.cs b/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnExceptionBad.cs index c0674285bba..22827a1e3d0 100644 --- a/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnExceptionBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/DisposeNotCalledOnException/DisposeNotCalledOnExceptionBad.cs @@ -11,8 +11,8 @@ class Bad var cmd = new SqlCommand("SELECT * FROM Customers", conn); var ret = cmd.ExecuteReader(); - cmd.Dispose(); - conn.Dispose(); + cmd.Dispose(); // $ Alert + conn.Dispose(); // $ Alert return ret; } diff --git a/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.cs b/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.cs index 8e8b8f8430b..f05764f99c5 100644 --- a/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.cs +++ b/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.cs @@ -1,6 +1,6 @@ using System; -class ClassMissingGetHashCode +class ClassMissingGetHashCode // $ Alert { public override bool Equals(object other) { @@ -13,7 +13,7 @@ class ClassMissingGetHashCode } } -class ClassMissingEquals +class ClassMissingEquals // $ Alert { public new bool Equals(object other) { // not overridden diff --git a/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.qlref b/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.qlref index 6425e440f73..26171a4ca75 100644 --- a/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.qlref +++ b/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCode.qlref @@ -1 +1,2 @@ -API Abuse/InconsistentEqualsGetHashCode.ql \ No newline at end of file +query: API Abuse/InconsistentEqualsGetHashCode.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCodeBad.cs b/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCodeBad.cs index 6b3b95966dc..00da432846f 100644 --- a/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCodeBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/InconsistentEqualsGetHashCode/InconsistentEqualsGetHashCodeBad.cs @@ -1,6 +1,6 @@ using System; -class Bad +class Bad // $ Alert { private int id; diff --git a/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.cs b/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.cs index 5b5780ed977..5c674447211 100644 --- a/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.cs +++ b/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.cs @@ -2,7 +2,7 @@ using System; class C1 { - public int CompareTo(T other) => throw null; // BAD + public int CompareTo(T other) => throw null; // $ Alert // BAD } class C2 { } diff --git a/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.qlref b/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.qlref index 23abf6ab339..afab98e27ce 100644 --- a/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.qlref +++ b/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignature.qlref @@ -1 +1,2 @@ -API Abuse/IncorrectCompareToSignature.ql \ No newline at end of file +query: API Abuse/IncorrectCompareToSignature.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignatureBad.cs b/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignatureBad.cs index efeb55ce65b..33b1e3ad8d4 100644 --- a/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignatureBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/IncorrectCompareToSignature/IncorrectCompareToSignatureBad.cs @@ -2,5 +2,5 @@ using System; class Bad { - public int CompareTo(Bad b) => 0; + public int CompareTo(Bad b) => 0; // $ Alert } diff --git a/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.cs b/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.cs index effb17a558a..f858cc35a0f 100644 --- a/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.cs +++ b/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.cs @@ -3,7 +3,7 @@ using System; // BAD class Incorrect { - public bool Equals(Incorrect other) => false; + public bool Equals(Incorrect other) => false; // $ Alert } // GOOD diff --git a/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.qlref b/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.qlref index f56496da8be..c05a5f0af8d 100644 --- a/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.qlref +++ b/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignature.qlref @@ -1 +1,2 @@ -API Abuse/IncorrectEqualsSignature.ql \ No newline at end of file +query: API Abuse/IncorrectEqualsSignature.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignatureBad.cs b/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignatureBad.cs index 723110d1de1..7b03d029eb8 100644 --- a/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignatureBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/IncorrectEqualsSignatureBad.cs @@ -9,6 +9,6 @@ class Bad this.id = Id; } - public bool Equals(Bad b) => + public bool Equals(Bad b) => // $ Alert this.id == b.id; } diff --git a/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.cs b/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.cs index dd069476b1b..b71c2f2a5c9 100644 --- a/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.cs +++ b/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.cs @@ -20,7 +20,7 @@ class C1 : IDisposable C1 Field1; // GOOD C1 Field2; // BAD - public virtual void Dispose() + public virtual void Dispose() // $ Alert { Field1.Dispose(); } @@ -31,7 +31,7 @@ class C2 : C1 C1 Field1; // GOOD C1 Field2; // BAD - public override void Dispose() + public override void Dispose() // $ Alert { base.Dispose(); Field1.Dispose(); @@ -49,7 +49,7 @@ class C5 : C4 C1 Field1; // GOOD C1 Field2; // BAD - public override void Dispose(bool disposing) + public override void Dispose(bool disposing) // $ Alert { base.Dispose(disposing); if (disposing) @@ -64,7 +64,7 @@ class C6 : Component C1 Field1; // GOOD C1 Field2; // BAD - protected override void Dispose(bool disposing) + protected override void Dispose(bool disposing) // $ Alert { base.Dispose(disposing); if (disposing) diff --git a/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.qlref b/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.qlref index a1d17230230..442cf4780c1 100644 --- a/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.qlref +++ b/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCall.qlref @@ -1 +1,2 @@ -API Abuse/MissingDisposeCall.ql \ No newline at end of file +query: API Abuse/MissingDisposeCall.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCallBad.cs b/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCallBad.cs index 6386abc8400..ed3a1851c87 100644 --- a/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCallBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/MissingDisposeCall/MissingDisposeCallBad.cs @@ -6,7 +6,7 @@ class Bad : IDisposable private FileStream stream1 = new FileStream("a.txt", FileMode.Open); private FileStream stream2 = new FileStream("b.txt", FileMode.Open); - public void Dispose() + public void Dispose() // $ Alert { stream1.Dispose(); } diff --git a/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.cs b/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.cs index 1e71bba55eb..998bc757cd5 100644 --- a/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.cs +++ b/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.cs @@ -25,7 +25,7 @@ class C1 : IDisposable } } -class C2 : C1 +class C2 : C1 // $ Alert { C2 Field; // BAD } @@ -41,13 +41,13 @@ class C3 : C1 } } -class WebPage : Page +class WebPage : Page // $ Alert { C1 Field1; // BAD Control Field2; // GOOD } -class WebControl : Control +class WebControl : Control // $ Alert { C1 Field1; // BAD Control Field2; // GOOD @@ -73,12 +73,12 @@ class C5 : C4 } } -class C6 : C4 +class C6 : C4 // $ Alert { C2 Field; // BAD } -class C7 : Component +class C7 : Component // $ Alert { C2 Field; // BAD } @@ -97,7 +97,7 @@ class C8 : Component } } -class C9 : C1 +class C9 : C1 // $ Alert { C2 Field; // BAD diff --git a/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.qlref b/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.qlref index 61be6bbcf70..d9cb769bef3 100644 --- a/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.qlref +++ b/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethod.qlref @@ -1 +1,2 @@ -API Abuse/MissingDisposeMethod.ql \ No newline at end of file +query: API Abuse/MissingDisposeMethod.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethodBad.cs b/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethodBad.cs index db8067735cf..5cc9d68d7fa 100644 --- a/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethodBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/MissingDisposeMethod/MissingDisposeMethodBad.cs @@ -11,7 +11,7 @@ class BadBase : IDisposable } } -class Bad : BadBase +class Bad : BadBase // $ Alert { private FileStream stream2 = new FileStream("b.txt", FileMode.Open); } diff --git a/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.cs b/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.cs index b2cb30b17ad..a35d0d0b51a 100644 --- a/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.cs +++ b/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.cs @@ -12,13 +12,13 @@ class C1 class C2 : C1 { // BAD: M1 does not override C1.M1 - public int M1() { return 1; } + public int M1() { return 1; } // $ Alert // GOOD: M2 overrides using the explicit keyword "override" public override int M2() { return 2; } // BAD: M3 does not override C1.M3 - public IEnumerable M3() { return null; } + public IEnumerable M3() { return null; } // $ Alert // GOOD: M4 overrides using the explicit keyword "override" public override IEnumerable M4() { return null; } diff --git a/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.qlref b/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.qlref index fb31441316c..7fe57a6c15c 100644 --- a/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.qlref +++ b/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethod.qlref @@ -1 +1,2 @@ -API Abuse/NonOverridingMethod.ql \ No newline at end of file +query: API Abuse/NonOverridingMethod.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethodBad.cs b/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethodBad.cs index cb76d9ab994..8641dd60fbe 100644 --- a/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethodBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/NonOverridingMethod/NonOverridingMethodBad.cs @@ -7,6 +7,6 @@ class Bad class Sub : Super { - public void Foo() { } + public void Foo() { } // $ Alert } } diff --git a/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.cs b/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.cs index 08219f61a73..97af033f934 100644 --- a/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.cs +++ b/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.cs @@ -3,16 +3,16 @@ class NullArgumentToEquals void M() { int i = 0; - i.Equals(null); // BAD + i.Equals(null); // $ Alert // BAD int? i2 = null; i2.Equals(null); // GOOD C c = null; - c.Equals(null); // BAD + c.Equals(null); // $ Alert // BAD object o = null; - o.Equals(null); // BAD + o.Equals(null); // $ Alert // BAD } class C diff --git a/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.qlref b/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.qlref index c6b40febef0..12129a164b0 100644 --- a/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.qlref +++ b/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEquals.qlref @@ -1 +1,2 @@ -API Abuse/NullArgumentToEquals.ql \ No newline at end of file +query: API Abuse/NullArgumentToEquals.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEqualsBad.cs b/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEqualsBad.cs index 612aaa2b1ac..932ced4ef4a 100644 --- a/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEqualsBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/NullArgumentToEquals/NullArgumentToEqualsBad.cs @@ -1,4 +1,4 @@ class Bad { - bool IsNull(object o) => o.Equals(null); + bool IsNull(object o) => o.Equals(null); // $ Alert } diff --git a/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.cs b/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.cs index cf290a84bcb..3a03dddc63c 100644 --- a/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.cs +++ b/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.cs @@ -21,7 +21,7 @@ class C1 ret = intHashSet.Add(42); // BAD: - stringHashSet.Add("42"); + stringHashSet.Add("42"); // $ Alert } } @@ -64,8 +64,8 @@ class C3 ret = s.Read(null, 0, 0); ret = s.Read(null, 0, 0); ret = s.Read(null, 0, 0); - s.Read(null, 0, 0); // always check - s.ReadByte(); // always check + s.Read(null, 0, 0); // $ Alert // always check + s.ReadByte(); // $ Alert // always check } } @@ -82,7 +82,7 @@ class C4 ret1 = M1(); ret1 = M1(); ret1 = M1(); - M1(); // BAD + M1(); // $ Alert // BAD M1(); // GOOD var ret2 = M2(); @@ -103,7 +103,7 @@ class C4 ret2 = M2(); ret2 = M2(); ret2 = M2(); - M2(); // BAD + M2(); // $ Alert // BAD var ret3 = M3(null); ret3 = M3(null); @@ -115,7 +115,7 @@ class C4 ret3 = M3(null); ret3 = M3(null); M3(null); // GOOD - M3(null); // BAD + M3(null); // $ Alert // BAD M3(null); // GOOD } diff --git a/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.qlref b/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.qlref index ca9751d2857..c04faa8008a 100644 --- a/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.qlref +++ b/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValue.qlref @@ -1 +1,2 @@ -API Abuse/UncheckedReturnValue.ql \ No newline at end of file +query: API Abuse/UncheckedReturnValue.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValueBad.cs b/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValueBad.cs index 394906e7024..6d9743172c2 100644 --- a/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValueBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/UncheckedReturnValue/UncheckedReturnValueBad.cs @@ -26,13 +26,13 @@ class Bad if (DoPrint("I")) Console.WriteLine("I"); - DoPrint("J"); + DoPrint("J"); // $ Alert } void IgnoreRead(string path) { var file = new byte[10]; using (var f = new FileStream(path, FileMode.Open)) - f.Read(file, 0, file.Length); + f.Read(file, 0, file.Length); // $ Alert } } diff --git a/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWrite.qlref b/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWrite.qlref index 40da4c8a2d5..35d5389b718 100644 --- a/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWrite.qlref +++ b/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWrite.qlref @@ -1 +1,2 @@ -ASP/BlockCodeResponseWrite.ql +query: ASP/BlockCodeResponseWrite.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWriteBad.aspx b/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWriteBad.aspx index 1e4a0fffc01..ebf2cadc8b3 100644 --- a/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWriteBad.aspx +++ b/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/BlockCodeResponseWriteBad.aspx @@ -2,6 +2,6 @@ -

2 + 3 = <%Response.Write(2 + 3)%>

+

2 + 3 = <%Response.Write(2 + 3)%>

<%-- $ Alert[cs/asp/response-write] --%> diff --git a/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/test.aspx b/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/test.aspx index 1e4a0fffc01..ebf2cadc8b3 100644 --- a/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/test.aspx +++ b/csharp/ql/test/query-tests/ASP/BlockCodeResponseWrite/test.aspx @@ -2,6 +2,6 @@ -

2 + 3 = <%Response.Write(2 + 3)%>

+

2 + 3 = <%Response.Write(2 + 3)%>

<%-- $ Alert[cs/asp/response-write] --%> diff --git a/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCode.qlref b/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCode.qlref index 85395099ce9..9a5bdd6c37e 100644 --- a/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCode.qlref +++ b/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCode.qlref @@ -1 +1,2 @@ -ASP/ComplexInlineCode.ql +query: ASP/ComplexInlineCode.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCodeBad.aspx b/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCodeBad.aspx index f4457d89606..b8e0a25ac2c 100644 --- a/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCodeBad.aspx +++ b/csharp/ql/test/query-tests/ASP/ComplexInlineCode/ComplexInlineCodeBad.aspx @@ -15,6 +15,6 @@ } else { ec.Emit (Response, OpCodes.Ldloca, builder); } -%> +%> <%-- $ Alert[cs/asp/complex-inline-code] --%> diff --git a/csharp/ql/test/query-tests/ASP/ComplexInlineCode/test.aspx b/csharp/ql/test/query-tests/ASP/ComplexInlineCode/test.aspx index 1c2d09586ab..39055702e35 100644 --- a/csharp/ql/test/query-tests/ASP/ComplexInlineCode/test.aspx +++ b/csharp/ql/test/query-tests/ASP/ComplexInlineCode/test.aspx @@ -9,7 +9,7 @@ Response.write(3 + 2); } End If -%>

+%>

<%-- $ Alert[cs/asp/complex-inline-code] --%>

2 + 3 = <%=2 + 3%>

diff --git a/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedText.qlref b/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedText.qlref index 16700623f76..0ca3c026d73 100644 --- a/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedText.qlref +++ b/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedText.qlref @@ -1 +1,2 @@ -ASP/NonInternationalizedText.ql +query: ASP/NonInternationalizedText.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedTextBad.aspx b/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedTextBad.aspx index 2d5e7757d3a..935a9c19e0e 100644 --- a/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedTextBad.aspx +++ b/csharp/ql/test/query-tests/ASP/NonInternationalizedText/NonInternationalizedTextBad.aspx @@ -2,6 +2,6 @@ -

Amount: <%= Amount %>

+

Amount: <%= Amount %>

<%-- $ Alert[cs/asp/text-not-internationalized] --%> diff --git a/csharp/ql/test/query-tests/ASP/NonInternationalizedText/test.aspx b/csharp/ql/test/query-tests/ASP/NonInternationalizedText/test.aspx index 44b6ab46947..7027d6a07cb 100644 --- a/csharp/ql/test/query-tests/ASP/NonInternationalizedText/test.aspx +++ b/csharp/ql/test/query-tests/ASP/NonInternationalizedText/test.aspx @@ -2,6 +2,6 @@ -

This text is plain English.

+

This text is plain English.

<%-- $ Alert[cs/asp/text-not-internationalized] --%> diff --git a/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructure.qlref b/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructure.qlref index 4e98f2ecbaa..57c16f0abe6 100644 --- a/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructure.qlref +++ b/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructure.qlref @@ -1 +1,2 @@ -ASP/SplitControlStructure.ql +query: ASP/SplitControlStructure.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructureBad.aspx b/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructureBad.aspx index 4ef3f00f3bf..870c3df8fd3 100644 --- a/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructureBad.aspx +++ b/csharp/ql/test/query-tests/ASP/SplitControlStructure/SplitControlStructureBad.aspx @@ -2,7 +2,7 @@ -<% If ShouldWarn() Then %> +<% If ShouldWarn() Then %> <%-- $ Alert[cs/asp/split-control-structure] --%>

WARNING: <%=warning()%>

<% End If %> diff --git a/csharp/ql/test/query-tests/ASP/SplitControlStructure/test.aspx b/csharp/ql/test/query-tests/ASP/SplitControlStructure/test.aspx index 8cd7245d0ca..69d889b570a 100644 --- a/csharp/ql/test/query-tests/ASP/SplitControlStructure/test.aspx +++ b/csharp/ql/test/query-tests/ASP/SplitControlStructure/test.aspx @@ -2,7 +2,7 @@ -<% If Something() Then %> +<% If Something() Then %> <%-- $ Alert[cs/asp/split-control-structure] --%>

2 + 3 = <%=2 + 3%>

<% End If %> diff --git a/csharp/ql/test/query-tests/AlertSuppression/AlertSuppression.qlref b/csharp/ql/test/query-tests/AlertSuppression/AlertSuppression.qlref index 1641277045f..dc898fca718 100644 --- a/csharp/ql/test/query-tests/AlertSuppression/AlertSuppression.qlref +++ b/csharp/ql/test/query-tests/AlertSuppression/AlertSuppression.qlref @@ -1 +1 @@ -AlertSuppression.ql \ No newline at end of file +query: AlertSuppression.ql diff --git a/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependency.qlref b/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependency.qlref index ab1dbe353ef..273ed4d757a 100644 --- a/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependency.qlref +++ b/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependency.qlref @@ -1 +1,2 @@ -Architecture/Dependencies/MutualDependency.ql \ No newline at end of file +query: Architecture/Dependencies/MutualDependency.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependencyBad.cs b/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependencyBad.cs index 370b75b4589..4aeddea95ba 100644 --- a/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependencyBad.cs +++ b/csharp/ql/test/query-tests/Architecture/Dependencies/MutualDependency/MutualDependencyBad.cs @@ -1,6 +1,6 @@ public class Bad { - private class BadModel + private class BadModel // $ Alert { private int i; private BadView view; diff --git a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvy.qlref b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvy.qlref index 9a63a65cd86..6931ecc2f7e 100644 --- a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvy.qlref +++ b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvy.qlref @@ -1 +1,2 @@ -Architecture/Refactoring Opportunities/FeatureEnvy.ql \ No newline at end of file +query: Architecture/Refactoring Opportunities/FeatureEnvy.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvyBad.cs b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvyBad.cs index 15678d58576..a3f064ff746 100644 --- a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvyBad.cs +++ b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/FeatureEnvy/FeatureEnvyBad.cs @@ -13,7 +13,7 @@ class Bad class Basket { - decimal GetTotalPrice(Item i) + decimal GetTotalPrice(Item i) // $ Alert { if (i.IsOutOfStock) throw new Exception("Item ${i} is out of stock."); diff --git a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.cs b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.cs index 95ff360b3d8..19ce015cdb5 100644 --- a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.cs +++ b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.cs @@ -2,7 +2,7 @@ using System; class InappropriateIntimacy { - class A + class A // $ Alert { public int F1; public int F2; @@ -25,7 +25,7 @@ class InappropriateIntimacy b.F1 + b.F2 + b.F3 + b.F4 + b.F5 + b.F6 + b.F7 + b.F8 + b.F9 + b.F10 + b.F11 + b.F12 + b.F13 + b.F14 + b.F15 + b.F16; } - class B + class B // $ Alert { public int F1; public int F2; diff --git a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.qlref b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.qlref index 3b1c4aa5b01..938449179ae 100644 --- a/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.qlref +++ b/csharp/ql/test/query-tests/Architecture/Refactoring Opportunities/InappropriateIntimacy/InappropriateIntimacy.qlref @@ -1 +1,2 @@ -Architecture/Refactoring Opportunities/InappropriateIntimacy.ql \ No newline at end of file +query: Architecture/Refactoring Opportunities/InappropriateIntimacy.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterface.qlref b/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterface.qlref index 3984405db6b..b2b0cf600bc 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterface.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterface.qlref @@ -1 +1,2 @@ -Bad Practices/Declarations/EmptyInterface.ql \ No newline at end of file +query: Bad Practices/Declarations/EmptyInterface.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterfaceBad.cs b/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterfaceBad.cs index 00f577a62a4..09fcf1003d7 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterfaceBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/EmptyInterface/EmptyInterfaceBad.cs @@ -2,6 +2,6 @@ using System; class Bad { - interface IsPrintable { } + interface IsPrintable { } // $ Alert class Form1 : IsPrintable { } } diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.cs b/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.cs index cf3062f8af6..05e3dab22c4 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.cs @@ -4,13 +4,13 @@ class LocalScopeVariableShadowsMember { protected int f; - protected virtual void M1(int f) { } // BAD + protected virtual void M1(int f) { } // $ Alert // BAD int M2(int f) => this.f + f; // GOOD void M3() { - var f = ""; // BAD + var f = ""; // $ Alert // BAD } void M4() @@ -23,13 +23,13 @@ class LocalScopeVariableShadowsMember { int f; - void M1(int f) { } // BAD + void M1(int f) { } // $ Alert // BAD int M2(int f) => this.f + f; // GOOD void M3() { - var f = ""; // BAD + var f = ""; // $ Alert // BAD } void M4() @@ -45,9 +45,9 @@ class LocalScopeVariableShadowsMember class C2 : C, I { - protected override void M1(int f) { } // BAD + protected override void M1(int f) { } // $ Alert // BAD - public void M5(int f) { } // BAD + public void M5(int f) { } // $ Alert // BAD } class C3 : C, I diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.qlref b/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.qlref index 913445e68f2..d7d02b3a9b8 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMember.qlref @@ -1 +1,2 @@ -Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql \ No newline at end of file +query: Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMemberBad.cs b/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMemberBad.cs index 80ce4546937..d2be1899576 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMemberBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/LocalScopeVariableShadowsMember/LocalScopeVariableShadowsMemberBad.cs @@ -7,7 +7,7 @@ class Bad public void DisplayDetails() { - var title = "Person Details"; + var title = "Person Details"; // $ Alert var message = "Title: " + title + "\nName: " + name; MessageBox.Show(message, title); } diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.cs b/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.cs index 0d7d15b5653..0fa96bccb0f 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.cs @@ -2,7 +2,7 @@ using System; class NoConstantsOnly { - abstract class MathConstants + abstract class MathConstants // $ Alert { public const double Pi = 3.14; // BAD } diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.qlref b/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.qlref index 3b7e478699d..b46263c9d51 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnly.qlref @@ -1 +1,2 @@ -Bad Practices/Declarations/NoConstantsOnly.ql \ No newline at end of file +query: Bad Practices/Declarations/NoConstantsOnly.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnlyBad.cs b/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnlyBad.cs index 28f308546ad..cd92eabd7cf 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnlyBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/NoConstantsOnly/NoConstantsOnlyBad.cs @@ -2,7 +2,7 @@ using System; class Bad { - abstract class MathConstants + abstract class MathConstants // $ Alert { public static readonly double Pi = 3.14; } diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParameters.qlref b/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParameters.qlref index 867e4e929bd..37d7e6ce81e 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParameters.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParameters.qlref @@ -1 +1,2 @@ -Bad Practices/Declarations/TooManyRefParameters.ql \ No newline at end of file +query: Bad Practices/Declarations/TooManyRefParameters.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParametersBad.cs b/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParametersBad.cs index 08da4c6c334..2d8f65570ee 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParametersBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Declarations/TooManyRefParameters/TooManyRefParametersBad.cs @@ -2,7 +2,7 @@ using System; class Bad { - private static void PopulateDetails(ref string name, ref string address, ref string tel) + private static void PopulateDetails(ref string name, ref string address, ref string tel) // $ Alert { name = "Foo"; address = "23 Bar Street"; diff --git a/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.cs b/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.cs index e57deea7f3d..812c271e176 100644 --- a/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.cs +++ b/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.cs @@ -9,7 +9,7 @@ class EmptyCatchBlock } catch (Exception) { - } + } // $ Alert } void good() diff --git a/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.qlref b/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.qlref index 734bb1cadf9..3ba3a011473 100644 --- a/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/EmptyCatchBlock/EmptyCatchBlock.qlref @@ -1 +1,2 @@ -Bad Practices/EmptyCatchBlock.ql \ No newline at end of file +query: Bad Practices/EmptyCatchBlock.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.cs b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.cs index 795952a8205..8fc03028947 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.cs @@ -4,7 +4,7 @@ class AbstractToConcreteCollection { void M(IEnumerable strings) { - var list = (List) strings; // BAD + var list = (List) strings; // $ Alert // BAD var o = (object) strings; // GOOD } } diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.qlref b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.qlref index 307c259dbbb..26e061e5206 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollection.qlref @@ -1 +1,2 @@ -Bad Practices/Implementation Hiding/AbstractToConcreteCollection.ql \ No newline at end of file +query: Bad Practices/Implementation Hiding/AbstractToConcreteCollection.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollectionBad.cs b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollectionBad.cs index 9538fb9d7a0..92b80ea94d7 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollectionBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/AbstractToConcreteCollection/AbstractToConcreteCollectionBad.cs @@ -5,7 +5,7 @@ class Bad public static void Main(string[] args) { var names = GetNames(); - var list = (List) names; + var list = (List) names; // $ Alert list.Add("Eve"); } diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.cs b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.cs index 01b05a00027..073ae9086cf 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.cs @@ -5,7 +5,7 @@ class ExposeRepresentation class Range { private int[] rarray = new int[2]; - public void Set(int[] a) { rarray = a; } + public void Set(int[] a) { rarray = a; } // $ Alert } public static void Main(string[] args) diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.qlref b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.qlref index e8bd17759d4..eafb170539a 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.qlref @@ -1 +1,2 @@ -Bad Practices/Implementation Hiding/ExposeRepresentation.ql \ No newline at end of file +query: Bad Practices/Implementation Hiding/ExposeRepresentation.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentationBad.cs b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentationBad.cs index 221f906aa97..ee56212d173 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentationBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentationBad.cs @@ -15,7 +15,7 @@ class Bad } } - public int[] Get() => rarray; + public int[] Get() => rarray; // $ Alert } public static void Main(string[] args) diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.cs b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.cs index 210be320a6e..c42eef53adc 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.cs @@ -10,13 +10,13 @@ class Program public static readonly int[] EmptyArray4; // GOOD: empty - public static readonly int[] NonEmptyArray1 = new int[] { 42 }; // BAD + public static readonly int[] NonEmptyArray1 = new int[] { 42 }; // $ Alert // BAD static readonly int[] NonEmptyArray2 = new int[] { 42 }; // GOOD: private - public static readonly int[] NonEmptyArray3; // BAD + public static readonly int[] NonEmptyArray3; // $ Alert // BAD - public static readonly int[] Array = new int[new Random().Next()]; // BAD + public static readonly int[] Array = new int[new Random().Next()]; // $ Alert // BAD static Program() { diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.qlref b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.qlref index 8dcd9bf72be..e49a055b5a5 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArray.qlref @@ -1 +1,2 @@ -Bad Practices/Implementation Hiding/StaticArray.ql \ No newline at end of file +query: Bad Practices/Implementation Hiding/StaticArray.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArrayBad.cs b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArrayBad.cs index fe035d4e4f1..57d8f21c195 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArrayBad.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/StaticArray/StaticArrayBad.cs @@ -1,6 +1,6 @@ class Bad { - public static readonly string[] Foo = { "hello", "world" }; + public static readonly string[] Foo = { "hello", "world" }; // $ Alert public static void Main(string[] args) { Foo[0] = "goodbye"; diff --git a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/ConfusingMethodNames.qlref b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/ConfusingMethodNames.qlref index 3308ff3889e..94d4dc04c64 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/ConfusingMethodNames.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/ConfusingMethodNames.qlref @@ -1 +1,2 @@ -Bad Practices/Naming Conventions/ConfusingMethodNames.ql +query: Bad Practices/Naming Conventions/ConfusingMethodNames.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/Program.cs b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/Program.cs index 7ec82a41031..119c46139af 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/Program.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/ConfusingMethodNames/Program.cs @@ -1,6 +1,6 @@ class C1 { - int F() => 0; // BAD: Confusing + int F() => 0; // $ Alert // BAD: Confusing int f() => 0; int G() => 0; // GOOD: Same name int G(int x) => x; diff --git a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.cs b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.cs index a5eb951e148..bbabb2e0cee 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.cs @@ -3,14 +3,14 @@ using System.Linq; class VariableNameTooShort { - int F; // BAD + int F; // $ Alert // BAD int Foo; // GOOD Func Func = _ => ""; - void M(int i /* BAD */, int[] args /* GOOD */) + void M(int i /* BAD */, int[] args /* GOOD */) // $ Alert { args.Select(x /* GOOD */ => x + 1); - Func func = x /* BAD */ => x + 1; + Func func = x /* BAD */ => x + 1; // $ Alert } } diff --git a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.qlref b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.qlref index 02458a1b30f..c80ef4583b0 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Naming Conventions/VariableNameTooShort/VariableNameTooShort.qlref @@ -1 +1,2 @@ -Bad Practices/Naming Conventions/VariableNameTooShort.ql \ No newline at end of file +query: Bad Practices/Naming Conventions/VariableNameTooShort.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.cs b/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.cs index bf9b19c4a5c..d3595dfb540 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.cs +++ b/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.cs @@ -4,7 +4,7 @@ class PathCombine { void bad() { - Path.Combine(@"C:\Users", @"C:\Program Files"); + Path.Combine(@"C:\Users", @"C:\Program Files"); // $ Alert } void good() diff --git a/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.qlref b/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.qlref index eaf41d04740..db4baecbd0f 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.qlref @@ -1 +1,2 @@ -Bad Practices/PathCombine.ql \ No newline at end of file +query: Bad Practices/PathCombine.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.cs b/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.cs index 767c4e484a1..6db005e00ce 100644 --- a/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.cs +++ b/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.cs @@ -42,7 +42,7 @@ namespace TestVirtualCalls C() { // Method call - f_virtual(); // BAD + f_virtual(); // $ Alert // BAD f_sealed(); // GOOD f_nonvirtual(); // GOOD f_interface(); // GOOD @@ -51,23 +51,23 @@ namespace TestVirtualCalls // Method access Action a; - a = f_virtual; // BAD + a = f_virtual; // $ Alert // BAD a = f_sealed; // GOOD a = f_nonvirtual; // GOOD a = f_interface; // GOOD // Property access - int i = p_virtual; // BAD + int i = p_virtual; // $ Alert // BAD i = p_sealed; // GOOD i = p_nonvirtual; // GOOD // Indexer access - i = this[0]; // BAD + i = this[0]; // $ Alert // BAD i = this[""]; // GOOD i = this[new object()]; // GOOD // Event access - e_virtual += f_nonvirtual; // BAD + e_virtual += f_nonvirtual; // $ Alert // BAD e_sealed += f_nonvirtual; // GOOD e_nonvirtual += f_nonvirtual; // GOOD } diff --git a/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.qlref b/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.qlref index 22b4b9fc49c..b7e586c7dac 100644 --- a/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.qlref +++ b/csharp/ql/test/query-tests/Bad Practices/VirtualCallInConstructorOrDestructor/VirtualCallInConstructorOrDestructor.qlref @@ -1 +1,2 @@ -Bad Practices/VirtualCallInConstructorOrDestructor.ql \ No newline at end of file +query: Bad Practices/VirtualCallInConstructorOrDestructor.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs index 719aaa86576..540ce6bb814 100644 --- a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs +++ b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs @@ -11,8 +11,8 @@ class CompareIdenticalValues : Super { public void M() { - if (this.Foo == Foo) ; - if (base.Foo == Foo) ; + if (this.Foo == Foo) ; // $ Alert + if (base.Foo == Foo) ; // $ Alert if (Foo == new CompareIdenticalValues().Foo) ; var x = "Abc"; @@ -20,45 +20,45 @@ class CompareIdenticalValues : Super var temp = x == x; // BAD: but flagged by cs/constant-comparison double d = double.NaN; - if (d == d) ; // !double.IsNan(d) - if (d <= d) ; // !double.IsNan(d), but unlikely to be intentional - if (d >= d) ; // !double.IsNan(d), but unlikely to be intentional - if (d != d) ; // double.IsNan(d) - if (d > d) ; // always false - if (d < d) ; // always false + if (d == d) ; // $ Alert // !double.IsNan(d) + if (d <= d) ; // $ Alert // !double.IsNan(d), but unlikely to be intentional + if (d >= d) ; // $ Alert // !double.IsNan(d), but unlikely to be intentional + if (d != d) ; // $ Alert // double.IsNan(d) + if (d > d) ; // $ Alert // always false + if (d < d) ; // $ Alert // always false float f = float.NaN; - if (f == f) ; // !float.IsNan(f) - if (f <= f) ; // !float.IsNan(f), but unlikely to be intentional - if (f >= f) ; // !float.IsNan(f), but unlikely to be intentional - if (f != f) ; // float.IsNan(f) - if (f > f) ; // always false - if (f < f) ; // always false + if (f == f) ; // $ Alert // !float.IsNan(f) + if (f <= f) ; // $ Alert // !float.IsNan(f), but unlikely to be intentional + if (f >= f) ; // $ Alert // !float.IsNan(f), but unlikely to be intentional + if (f != f) ; // $ Alert // float.IsNan(f) + if (f > f) ; // $ Alert // always false + if (f < f) ; // $ Alert // always false int i = 0; if (i == i) ; // BAD: but flagged by cs/constant-condition if (i != i) ; // BAD: but flagged by cs/constant-condition CompareIdenticalValues c = null; - c.Prop.Equals(c.Prop); - Equals(c.Prop.Prop.Prop.Foo + 2, c.Prop.Prop.Prop.Foo + 2); + c.Prop.Equals(c.Prop); // $ Alert + Equals(c.Prop.Prop.Prop.Foo + 2, c.Prop.Prop.Prop.Foo + 2); // $ Alert Equals(c.Prop.Prop.Prop.Foo, c.Prop.Prop.Foo); if (base.Bar == Bar) ; - if (Bar == this.Bar) ; - Equals(this); + if (Bar == this.Bar) ; // $ Alert + Equals(this); // $ Alert if (1 + 1 == 2) ; // BAD: but flagged by cs/constant-condition if (1 + 1 == 3) ; if (0 == 1) ; var a = new int[0]; - if (a[0] == a[0]) ; + if (a[0] == a[0]) ; // $ Alert - if (this.Bar[0] == Bar[1 - 1]) ; + if (this.Bar[0] == Bar[1 - 1]) ; // $ Alert if (this.Bar[0] == Bar[1]) ; - if (this.Prop[Foo] == Prop[this.Foo]) ; + if (this.Prop[Foo] == Prop[this.Foo]) ; // $ Alert if (this.Prop[0] == Prop[1]) ; } @@ -73,17 +73,17 @@ class CompareIdenticalValues : Super public void IsBoxedWrong1(T x) where T : struct { - ReferenceEquals(x, x); + ReferenceEquals(x, x); // $ Alert } public void IsBoxedWrong2(T x) where T : class { - ReferenceEquals(x, x); + ReferenceEquals(x, x); // $ Alert } public void IsBoxedWrong3(T x) where T : Super { - ReferenceEquals(x, x); + ReferenceEquals(x, x); // $ Alert } public int this[int i] { get { return 0; } } diff --git a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.qlref b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.qlref index 9df8726c312..cbe82efdbb0 100644 --- a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.qlref +++ b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.qlref @@ -1 +1,2 @@ -CSI/CompareIdenticalValues.ql \ No newline at end of file +query: CSI/CompareIdenticalValues.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.cs b/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.cs index b0fd29e17fa..3bb2733dee0 100644 --- a/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.cs +++ b/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.cs @@ -10,12 +10,12 @@ class Foo void test() { - lock (o) + lock (o) // $ Alert { o = new Foo(); // BAD } - lock (o) + lock (o) // $ Alert { f(o = null); // BAD } @@ -25,7 +25,7 @@ class Foo o = new Foo(); // GOOD } - lock (o2) + lock (o2) // $ Alert { GetNewObject(out o2); // BAD } diff --git a/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.qlref b/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.qlref index f3967efa87b..74b0da761fb 100644 --- a/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.qlref +++ b/csharp/ql/test/query-tests/Concurrency/FutileSyncOnField/FutileSyncOnField.qlref @@ -1 +1,2 @@ -Concurrency/FutileSyncOnField.ql \ No newline at end of file +query: Concurrency/FutileSyncOnField.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.cs b/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.cs index d2634c3e793..69f1b89c657 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.cs +++ b/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.cs @@ -3,7 +3,7 @@ using System; class LocalTest { // BAD: b is flagged. - Object a, b, c; + Object a, b, c; // $ Alert void F() { @@ -24,7 +24,7 @@ class LocalTest class GlobalTest { // BAD: b is flagged. - static Object a, b, c; + static Object a, b, c; // $ Alert void F() { @@ -51,7 +51,7 @@ class GlobalTest class LambdaTest { // BAD: a is flagged. - static Object a, b; + static Object a, b; // $ Alert void F() { diff --git a/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.qlref b/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.qlref index ee922bdeb80..7404f9bf018 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.qlref +++ b/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrder.qlref @@ -1 +1,2 @@ -Concurrency/LockOrder.ql \ No newline at end of file +query: Concurrency/LockOrder.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrderBad.cs b/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrderBad.cs index a9dd05ac866..f2c3b18f1b4 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrderBad.cs +++ b/csharp/ql/test/query-tests/Concurrency/LockOrder/LockOrderBad.cs @@ -3,7 +3,7 @@ using System.Threading; class Deadlock { - private readonly Object lock1 = new Object(); + private readonly Object lock1 = new Object(); // $ Alert private readonly Object lock2 = new Object(); public void thread1() diff --git a/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.cs b/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.cs index f1bc631ced9..02c7afff5c9 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.cs +++ b/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.cs @@ -6,7 +6,7 @@ class Program void f() { - lock (this) // Not OK + lock (this) // $ Alert // Not OK { } diff --git a/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.qlref b/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.qlref index 1cdf31326db..7eb86f638bd 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.qlref +++ b/csharp/ql/test/query-tests/Concurrency/LockThis/LockThis.qlref @@ -1 +1,2 @@ -Concurrency/LockThis.ql \ No newline at end of file +query: Concurrency/LockThis.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.cs b/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.cs index 8fbee2d035a..2067229d9ff 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.cs +++ b/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.cs @@ -22,14 +22,14 @@ class Program lock (lock1) { - System.Threading.Monitor.Wait(lock2); // BAD + System.Threading.Monitor.Wait(lock2); // $ Alert // BAD } lock (lock1) { lock (lock2) { - System.Threading.Monitor.Wait(lock2); // BAD + System.Threading.Monitor.Wait(lock2); // $ Alert // BAD } } @@ -37,7 +37,7 @@ class Program { lock (lock2) { - System.Threading.Monitor.Wait(lock1); // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD } } } @@ -45,13 +45,13 @@ class Program [MethodImpl(MethodImplOptions.Synchronized)] void Lock2() { - System.Threading.Monitor.Wait(lock1); // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD System.Threading.Monitor.Wait(this); // GOOD - System.Threading.Monitor.Wait(typeof(Program)); // BAD - System.Threading.Monitor.Wait(typeof(Int32)); // BAD + System.Threading.Monitor.Wait(typeof(Program)); // $ Alert // BAD + System.Threading.Monitor.Wait(typeof(Int32)); // $ Alert // BAD lock (lock1) { - System.Threading.Monitor.Wait(lock1); // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD } } @@ -60,28 +60,28 @@ class Program { lock (lock1) { - System.Threading.Monitor.Wait(lock1); // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD } - System.Threading.Monitor.Wait(lock1); // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD System.Threading.Monitor.Wait(typeof(Program)); // GOOD - System.Threading.Monitor.Wait(typeof(Int32)); // BAD + System.Threading.Monitor.Wait(typeof(Int32)); // $ Alert // BAD } void Lock4() { lock (this) { - System.Threading.Monitor.Wait(typeof(Program)); // BAD + System.Threading.Monitor.Wait(typeof(Program)); // $ Alert // BAD System.Threading.Monitor.Wait(this); // GOOD - System.Threading.Monitor.Wait(lock1); // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD } lock (typeof(Program)) { System.Threading.Monitor.Wait(typeof(Program)); // GOOD - System.Threading.Monitor.Wait(this); // BAD - System.Threading.Monitor.Wait(lock1); // BAD - System.Threading.Monitor.Wait(typeof(Int32)); // BAD + System.Threading.Monitor.Wait(this); // $ Alert // BAD + System.Threading.Monitor.Wait(lock1); // $ Alert // BAD + System.Threading.Monitor.Wait(typeof(Int32)); // $ Alert // BAD } } } diff --git a/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.qlref b/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.qlref index 559d900bb6c..64c4021f0d8 100644 --- a/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.qlref +++ b/csharp/ql/test/query-tests/Concurrency/LockedWait/LockedWait.qlref @@ -1 +1,2 @@ -Concurrency/LockedWait.ql \ No newline at end of file +query: Concurrency/LockedWait.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.cs b/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.cs index 8b41604a9e6..288783fabae 100644 --- a/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.cs +++ b/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.cs @@ -6,7 +6,7 @@ class C1 object mutex = new Object(); // BAD: getter is unlocked - int BadProperty1 + int BadProperty1 // $ Alert { get { @@ -20,7 +20,7 @@ class C1 } // BAD: getter is not properly locked - int BadProperty2 + int BadProperty2 // $ Alert { get { diff --git a/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.qlref b/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.qlref index e1b6f28159c..4604a0daa6c 100644 --- a/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.qlref +++ b/csharp/ql/test/query-tests/Concurrency/SynchSetUnsynchGet/SynchSetUnsynchGet.qlref @@ -1 +1,2 @@ -Concurrency/SynchSetUnsynchGet.ql \ No newline at end of file +query: Concurrency/SynchSetUnsynchGet.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.cs b/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.cs index cd83b18e65c..6a292c83ae5 100644 --- a/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.cs +++ b/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.cs @@ -23,13 +23,13 @@ class Program obj1 = null; } } - } + } // $ Alert // BAD if (obj1 == null) lock (mutex) if (obj1 == null) - obj1 = null; + obj1 = null; // $ Alert // GOOD: A value-type if (cond1) @@ -84,7 +84,7 @@ class Program if (null == obj1) obj1 = null; } - } + } // $ Alert // GOOD: not a field object a = null; @@ -103,7 +103,7 @@ class Program obj1 = null; } } - } + } // $ Alert // BAD: both obj1 and obj3 are flagged. if (obj1 == null && obj3 == null) @@ -116,7 +116,7 @@ class Program obj3 = null; } } - } + } // $ Alert // GOOD: Locking a struct if (struct1 == struct2) @@ -134,7 +134,7 @@ class Program if (struct1.x is null) lock (mutex) if(struct1.x is null) - struct1.x = 3; + struct1.x = 3; // $ Alert // GOOD: Tuples are structs so cannot be volatile. if(pair1 == (1,2)) diff --git a/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.qlref b/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.qlref index 084b5abcc17..a78173ad9fb 100644 --- a/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.qlref +++ b/csharp/ql/test/query-tests/Concurrency/UnsafeLazyInitialization/UnsafeLazyInitialization.qlref @@ -1 +1,2 @@ -Concurrency/UnsafeLazyInitialization.ql \ No newline at end of file +query: Concurrency/UnsafeLazyInitialization.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.cs b/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.cs index c78ca515b51..eef9339a23f 100644 --- a/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.cs +++ b/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.cs @@ -20,7 +20,7 @@ public class Klass public void test() { // BAD: unsynchronized access - string val = dict["foo"]; + string val = dict["foo"]; // $ Alert lock (mutex) { @@ -66,6 +66,6 @@ public class Klass private void testMethod() { // BAD: called concurrently by thread - string val = dict["foo"]; + string val = dict["foo"]; // $ Alert } } diff --git a/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.qlref b/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.qlref index 59d6716994f..2fceef74528 100644 --- a/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.qlref +++ b/csharp/ql/test/query-tests/Concurrency/UnsynchronizedStaticAccess/UnsynchronizedStaticAccess.qlref @@ -1 +1,2 @@ -Concurrency/UnsynchronizedStaticAccess.ql \ No newline at end of file +query: Concurrency/UnsynchronizedStaticAccess.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/EmptyPasswordInConfigurationFile.qlref b/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/EmptyPasswordInConfigurationFile.qlref index 9dae41964f3..75899b3d5f2 100644 --- a/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/EmptyPasswordInConfigurationFile.qlref +++ b/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/EmptyPasswordInConfigurationFile.qlref @@ -1 +1,2 @@ -Configuration/EmptyPasswordInConfigurationFile.ql +query: Configuration/EmptyPasswordInConfigurationFile.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/PasswordInConfigurationFile.qlref b/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/PasswordInConfigurationFile.qlref index b440a1f6909..9ae43388c25 100644 --- a/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/PasswordInConfigurationFile.qlref +++ b/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/PasswordInConfigurationFile.qlref @@ -1 +1,2 @@ -Configuration/PasswordInConfigurationFile.ql +query: Configuration/PasswordInConfigurationFile.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/config.xml b/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/config.xml index a72d5f8fa75..7a5f382236f 100644 --- a/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/config.xml +++ b/csharp/ql/test/query-tests/Configuration/PasswordInConfigurationFile/config.xml @@ -1,15 +1,15 @@ - - + + - - + + - - - - + + + + diff --git a/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.cs b/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.cs index f7f18a187da..00f79bc89d7 100644 --- a/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.cs +++ b/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.cs @@ -84,8 +84,8 @@ struct PtrToStructure2 class Fields1 { // BAD: - int BadNonAssigned; - object BadAssignedNull = null; + int BadNonAssigned; // $ Alert + object BadAssignedNull = null; // $ Alert // GOOD: int GoodAssignedByInitializer = 0; diff --git a/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.qlref b/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.qlref index 39148492539..c2632de3dd2 100644 --- a/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.qlref +++ b/csharp/ql/test/query-tests/Dead Code/NonAssignedFields/NonAssignedFields.qlref @@ -1 +1,2 @@ -Dead Code/NonAssignedFields.ql \ No newline at end of file +query: Dead Code/NonAssignedFields.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Dead Code/Tests/DeadRefTypes.qlref b/csharp/ql/test/query-tests/Dead Code/Tests/DeadRefTypes.qlref index 56db2195eb8..e8ba93a5e7f 100644 --- a/csharp/ql/test/query-tests/Dead Code/Tests/DeadRefTypes.qlref +++ b/csharp/ql/test/query-tests/Dead Code/Tests/DeadRefTypes.qlref @@ -1 +1,2 @@ -Dead Code/DeadRefTypes.ql \ No newline at end of file +query: Dead Code/DeadRefTypes.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Dead Code/Tests/UnusedField.qlref b/csharp/ql/test/query-tests/Dead Code/Tests/UnusedField.qlref index 8464f79cd9b..3803f9ec7ba 100644 --- a/csharp/ql/test/query-tests/Dead Code/Tests/UnusedField.qlref +++ b/csharp/ql/test/query-tests/Dead Code/Tests/UnusedField.qlref @@ -1 +1,2 @@ -Dead Code/UnusedField.ql +query: Dead Code/UnusedField.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Dead Code/Tests/UnusedMethod.qlref b/csharp/ql/test/query-tests/Dead Code/Tests/UnusedMethod.qlref index efc3937de8c..9edba82f5db 100644 --- a/csharp/ql/test/query-tests/Dead Code/Tests/UnusedMethod.qlref +++ b/csharp/ql/test/query-tests/Dead Code/Tests/UnusedMethod.qlref @@ -1 +1,2 @@ -Dead Code/UnusedMethod.ql +query: Dead Code/UnusedMethod.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Dead Code/Tests/deadcode.cs b/csharp/ql/test/query-tests/Dead Code/Tests/deadcode.cs index d6905a6100f..fb406104d6a 100644 --- a/csharp/ql/test/query-tests/Dead Code/Tests/deadcode.cs +++ b/csharp/ql/test/query-tests/Dead Code/Tests/deadcode.cs @@ -21,7 +21,7 @@ sealed class Exported : Interface1 } // BAD: Class is dead -sealed class Dead2 +sealed class Dead2 // $ Alert[cs/unused-reftype] { } @@ -82,7 +82,7 @@ namespace MainTests public struct S { - C Field; // dead + C Field; // $ Alert[cs/unused-field] // dead class C { } // not dead } diff --git a/csharp/ql/test/query-tests/Dead Code/Tests/regression.cs b/csharp/ql/test/query-tests/Dead Code/Tests/regression.cs index 3f6a4a2937b..bc4a3d6ce89 100644 --- a/csharp/ql/test/query-tests/Dead Code/Tests/regression.cs +++ b/csharp/ql/test/query-tests/Dead Code/Tests/regression.cs @@ -4,7 +4,7 @@ using System.Collections.Generic; class Test : IComparer { // this is really dead - private string dead = "Actual dead field"; + private string dead = "Actual dead field"; // $ Alert[cs/unused-field] private static void Main(string[] args) { @@ -48,7 +48,7 @@ class Test : IComparer } // this is really dead - private void ActualDeadMethod() { } + private void ActualDeadMethod() { } // $ Alert[cs/unused-method] // this is live private void DynamicSig(dynamic d) { } @@ -57,7 +57,7 @@ class Test : IComparer private void DynamicallyCalled(int i) { } // this is dead - private void NotDynamicallyCalled(int i) { } + private void NotDynamicallyCalled(int i) { } // $ Alert[cs/unused-method] // this is live private void DynamicallyCalledOnDynamicType(int i) { } @@ -74,14 +74,14 @@ class Test : IComparer static int liveFieldAccessedFromGeneric; // BAD: This is dead - void DeadCaller() + void DeadCaller() // $ Alert[cs/unused-method] { DeadGeneric(0); DeadGeneric(0.0); } // BAD: This is dead (called from dead) - void DeadGeneric(V a) { } + void DeadGeneric(V a) { } // $ Alert[cs/unused-method] } class GenericClass @@ -102,18 +102,18 @@ class GenericClass int liveField; // BAD: These are not live - void DeadGeneric1() + void DeadGeneric1() // $ Alert[cs/unused-method] { DeadGeneric2(0); DeadGeneric2(1.0); } - void DeadGeneric2(V v) { } + void DeadGeneric2(V v) { } // $ Alert[cs/unused-method] // BAD: This is dead (never accessed) - int deadField; + int deadField; // $ Alert[cs/unused-field] // BAD: This is dead (only ever written) - int deadWrittenField; + int deadWrittenField; // $ Alert[cs/unused-field] } class MemberInitialization @@ -126,7 +126,7 @@ class MemberInitialization public class FieldOutParam { // BAD: Only written (by an out param) - int deadField; + int deadField; // $ Alert[cs/unused-field] public void Test() { diff --git a/csharp/ql/test/query-tests/Documentation/XmldocExtraParam.qlref b/csharp/ql/test/query-tests/Documentation/XmldocExtraParam.qlref index fd8371466b6..8439ce413ec 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocExtraParam.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocExtraParam.qlref @@ -1 +1,2 @@ -Documentation/XmldocExtraParam.ql +query: Documentation/XmldocExtraParam.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocExtraTypeParam.qlref b/csharp/ql/test/query-tests/Documentation/XmldocExtraTypeParam.qlref index bc8515e6675..67de8cb4600 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocExtraTypeParam.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocExtraTypeParam.qlref @@ -1 +1,2 @@ -Documentation/XmldocExtraTypeParam.ql \ No newline at end of file +query: Documentation/XmldocExtraTypeParam.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocMissing.qlref b/csharp/ql/test/query-tests/Documentation/XmldocMissing.qlref index 281a5cb0702..6ca5136a2e3 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocMissing.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocMissing.qlref @@ -1 +1,2 @@ -Documentation/XmldocMissing.ql \ No newline at end of file +query: Documentation/XmldocMissing.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocMissingException.qlref b/csharp/ql/test/query-tests/Documentation/XmldocMissingException.qlref index ec059908e38..4cd24783258 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocMissingException.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocMissingException.qlref @@ -1 +1,2 @@ -Documentation/XmldocMissingException.ql +query: Documentation/XmldocMissingException.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocMissingParam.qlref b/csharp/ql/test/query-tests/Documentation/XmldocMissingParam.qlref index 9a8d6f801b7..9b34d284c01 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocMissingParam.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocMissingParam.qlref @@ -1 +1,2 @@ -Documentation/XmldocMissingParam.ql +query: Documentation/XmldocMissingParam.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocMissingReturn.qlref b/csharp/ql/test/query-tests/Documentation/XmldocMissingReturn.qlref index 6eb8865b4b5..ad0ea969742 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocMissingReturn.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocMissingReturn.qlref @@ -1 +1,2 @@ -Documentation/XmldocMissingReturn.ql +query: Documentation/XmldocMissingReturn.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocMissingSummary.qlref b/csharp/ql/test/query-tests/Documentation/XmldocMissingSummary.qlref index 5046e31a3db..b90b6e39ce7 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocMissingSummary.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocMissingSummary.qlref @@ -1 +1,2 @@ -Documentation/XmldocMissingSummary.ql +query: Documentation/XmldocMissingSummary.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/XmldocMissingTypeParam.qlref b/csharp/ql/test/query-tests/Documentation/XmldocMissingTypeParam.qlref index f06bbb263d0..7090a1612d8 100644 --- a/csharp/ql/test/query-tests/Documentation/XmldocMissingTypeParam.qlref +++ b/csharp/ql/test/query-tests/Documentation/XmldocMissingTypeParam.qlref @@ -1 +1,2 @@ -Documentation/XmldocMissingTypeParam.ql +query: Documentation/XmldocMissingTypeParam.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Documentation/documentation.cs b/csharp/ql/test/query-tests/Documentation/documentation.cs index 810e9b5a34a..1efeeb8d459 100644 --- a/csharp/ql/test/query-tests/Documentation/documentation.cs +++ b/csharp/ql/test/query-tests/Documentation/documentation.cs @@ -30,13 +30,13 @@ public class Class1 /// BAD: This XML comment is missing several tags /// BAD: This parameter does not exist /// BAD: This should say Exception2 - public int method2(int p1, int p2) + public int method2(int p1, int p2) // $ Alert[cs/xmldoc/missing-exception] Alert[cs/xmldoc/missing-parameter] Alert[cs/xmldoc/missing-return] Alert[cs/xmldoc/missing-summary] Alert[cs/xmldoc/unknown-parameter] { return p1 > 0 ? throw new Exception2() : p2; } // BAD: Missing documentation comment - public int method3() + public int method3() // $ Alert[cs/xmldoc/missing-xmldoc] { return 0; } @@ -48,7 +48,7 @@ public class Class1 } // BAD: Public class is not documented - public class Class2 + public class Class2 // $ Alert[cs/xmldoc/missing-xmldoc] { } @@ -71,7 +71,7 @@ public class Class1 } // BAD: Constructor is public and not documented - public Class1(int a, int b) + public Class1(int a, int b) // $ Alert[cs/xmldoc/missing-xmldoc] { } @@ -80,7 +80,7 @@ public class Class1 /// BAD: Contains an extra typeparam /// /// The type - class Class4 { } + class Class4 { } // $ Alert[cs/xmldoc/missing-type-parameter] Alert[cs/xmldoc/unknown-type-parameter] /// /// GOOD: Type params are correctly labeled @@ -95,7 +95,7 @@ public class Class1 /// /// BAD typeparam /// GOOD typeparam - void method5() { } + void method5() { } // $ Alert[cs/xmldoc/missing-type-parameter] Alert[cs/xmldoc/unknown-type-parameter] // BAD: These fields are empty /// @@ -103,7 +103,7 @@ public class Class1 /// /// /// - public virtual int method4(int p1, int p2) { return p1; } + public virtual int method4(int p1, int p2) { return p1; } // $ Alert[cs/xmldoc/missing-parameter] Alert[cs/xmldoc/missing-return] Alert[cs/xmldoc/missing-summary] Alert[cs/xmldoc/missing-type-parameter] } class Class2 : Class1 @@ -132,7 +132,7 @@ class Class2 : Class1 // BAD: Has only System.Runtime.CompilerServices attribute [System.Runtime.CompilerServices.My2] - public void method6() + public void method6() // $ Alert[cs/xmldoc/missing-xmldoc] { } } diff --git a/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.cs b/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.cs index b3e0cff6ae3..4095af2863a 100644 --- a/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.cs +++ b/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.cs @@ -7,7 +7,7 @@ class EmptyBlock // BAD foreach (var arg in args) { - } + } // $ Alert // OK - comment foreach (var arg in args) @@ -24,7 +24,7 @@ class EmptyBlock // BAD if (true) { - } + } // $ Alert // OK - comment if (true) @@ -46,6 +46,6 @@ class EmptyBlock // BAD: there is no update for (int i = 0; i < 10;) { - } + } // $ Alert } } diff --git a/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.qlref b/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.qlref index af8a3a21f8a..5fe264815b8 100644 --- a/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.qlref +++ b/csharp/ql/test/query-tests/EmptyBlock/EmptyBlock.qlref @@ -1 +1,2 @@ -Likely Bugs/Statements/EmptyBlock.ql +query: Likely Bugs/Statements/EmptyBlock.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.cs b/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.cs index 64c4038d331..45dc182cc72 100644 --- a/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.cs +++ b/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.cs @@ -9,14 +9,14 @@ class CatchOfGenericException } catch (Exception) { // BAD - } + } // $ Alert try { } catch { // BAD - } + } // $ Alert try { @@ -53,6 +53,6 @@ class CatchOfGenericException { // BAD // division by zero, return 0 return 0; - } + } // $ Alert } } diff --git a/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.qlref b/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.qlref index 9606fc128a7..c5b986a2b66 100644 --- a/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/CatchOfGenericException/CatchOfGenericException.qlref @@ -1 +1,2 @@ -Language Abuse/CatchOfGenericException.ql \ No newline at end of file +query: Language Abuse/CatchOfGenericException.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.cs b/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.cs index ffe1da80875..3917ff99080 100644 --- a/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.cs +++ b/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.cs @@ -62,7 +62,7 @@ class ChainedIs } else if (x is F) { - } // BAD + } // $ Alert // BAD } class A { } diff --git a/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.qlref b/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.qlref index 0d67fca3239..a4692315902 100644 --- a/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/ChainedIs/ChainedIs.qlref @@ -1 +1,2 @@ -Language Abuse/ChainedIs.ql +query: Language Abuse/ChainedIs.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.cs b/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.cs index a6cad0e456e..c8a3e85f363 100644 --- a/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.cs +++ b/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.cs @@ -4,10 +4,10 @@ class DubiousTypeTestOfThis { public int add(int x) { - if (this is FiveAdder) + if (this is FiveAdder) // $ Alert return x + 5; - if (this is TenAdder) + if (this is TenAdder) // $ Alert return x + 10; return 0; diff --git a/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.qlref b/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.qlref index cf59e9dbd51..c51f8fb4f46 100644 --- a/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis.qlref @@ -1 +1,2 @@ -Language Abuse/DubiousTypeTestOfThis.ql \ No newline at end of file +query: Language Abuse/DubiousTypeTestOfThis.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis2.cs b/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis2.cs index 0c3a8e543f7..8f09181dafd 100644 --- a/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis2.cs +++ b/csharp/ql/test/query-tests/Language Abuse/DubiousTypeTestOfThis/DubiousTypeTestOfThis2.cs @@ -5,7 +5,7 @@ class C { void M() { - if (this is D) ; // BAD + if (this is D) ; // $ Alert // BAD Debug.Assert(this is D); // GOOD } } diff --git a/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.cs b/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.cs index 18fdcc9c1bc..9af0f31392d 100644 --- a/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.cs +++ b/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.cs @@ -11,7 +11,7 @@ class Test foreach (var arg in args) { // BAD: Storing a delegate in an event. - event1 += () => arg; + event1 += () => arg; // $ Alert // GOOD: Make a copy of the loop variable. var argCopy = arg; @@ -21,7 +21,7 @@ class Test goodUseOfDelegate(() => arg); // BAD: Calling a function which stores the delegate - badUseOfDelegate(() => arg); + badUseOfDelegate(() => arg); // $ Alert // GOOD: The delegate does not escape the loop Del d = () => arg; diff --git a/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.qlref b/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.qlref index 733f31198af..01f701f769f 100644 --- a/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/ForeachCapture/ForeachCapture.qlref @@ -1 +1,2 @@ -Language Abuse/ForeachCapture.ql +query: Language Abuse/ForeachCapture.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.cs b/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.cs index 407bde9643e..f5796513c78 100644 --- a/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.cs +++ b/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.cs @@ -6,11 +6,11 @@ class MissedTernaryOpportunity { if (true) { return false; } else { Field++; return true; } // GOOD return true ? false : true; // GOOD - if (true) return false; else { { return true; } } // BAD + if (true) return false; else { { return true; } } // $ Alert // BAD var x = ""; if (true) { Field = 0; } else { x = ""; } // GOOD if (true) { Field = 0; } else { x = ""; Field = 1; } // GOOD Field = true ? 0 : 1; // GOOD - if (true) { this.Field = 0; } else Field = 1; // BAD + if (true) { this.Field = 0; } else Field = 1; // $ Alert // BAD } } diff --git a/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.qlref b/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.qlref index 7efb97ac6fe..4d45b7edd2f 100644 --- a/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/MissedTernaryOpportunity/MissedTernaryOpportunity.qlref @@ -1 +1,2 @@ -Language Abuse/MissedTernaryOpportunity.ql +query: Language Abuse/MissedTernaryOpportunity.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/NestedIf/NestedIf.qlref b/csharp/ql/test/query-tests/Language Abuse/NestedIf/NestedIf.qlref index c3c2012be18..19cd4d8ca68 100644 --- a/csharp/ql/test/query-tests/Language Abuse/NestedIf/NestedIf.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/NestedIf/NestedIf.qlref @@ -1 +1,2 @@ -Language Abuse/NestedIf.ql \ No newline at end of file +query: Language Abuse/NestedIf.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/NestedIf/nestedif.cs b/csharp/ql/test/query-tests/Language Abuse/NestedIf/nestedif.cs index 733325d2c59..bb59facd9c8 100644 --- a/csharp/ql/test/query-tests/Language Abuse/NestedIf/nestedif.cs +++ b/csharp/ql/test/query-tests/Language Abuse/NestedIf/nestedif.cs @@ -5,10 +5,10 @@ class NestedIf void fn() { // BAD: - if (true) if (false) return; + if (true) if (false) return; // $ Alert // BAD - if (true) if (false) if (true) return; + if (true) if (false) if (true) return; // $ Alert // BAD: using braces if (true) @@ -18,7 +18,7 @@ class NestedIf { } } - } + } // $ Alert // GOOD: contains else part if (true) diff --git a/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.cs b/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.cs index ee7cf41a0a2..a42490db4d3 100644 --- a/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.cs +++ b/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.cs @@ -9,7 +9,7 @@ class C } catch (Exception e) { - throw e; // BAD + throw e; // $ Alert // BAD } try @@ -18,7 +18,7 @@ class C catch (Exception e) { if (true) - throw e; // BAD + throw e; // $ Alert // BAD } try diff --git a/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.qlref b/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.qlref index b406a8b5fcc..1f83a6b74e6 100644 --- a/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/RethrowException/RethrowException.qlref @@ -1 +1,2 @@ -Language Abuse/RethrowException.ql \ No newline at end of file +query: Language Abuse/RethrowException.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.cs b/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.cs index 5ea4c8c15cf..175507010a1 100644 --- a/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.cs +++ b/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.cs @@ -6,36 +6,36 @@ class Test bool b = false; int x = 0, y = 0; - if (b == true) ; - if (b == false) ; - if (true == b) ; - if (false == b) ; - if (b != true) ; - if (b != false) ; - if (true != b) ; - if (false != b) ; - if (b && true) ; - if (b && false) ; - if (true && b) ; - if (false && b) ; - if (b || true) ; - if (b || false) ; - if (true || b) ; - if (false || b) ; - if (!(x == y)) ; - if (!(x != y)) ; - if (!(x < y)) ; - if (!(x <= y)) ; - if (!(x >= y)) ; - if (!(x > y)) ; - if (b ? true : false) ; - if (b ? true : true) ; - if (b ? false : true) ; - if (b ? true : true) ; - if (b ? b : false) ; - if (b ? b : true) ; - if (b ? false : b) ; - if (b ? true : b) ; + if (b == true) ; // $ Alert + if (b == false) ; // $ Alert + if (true == b) ; // $ Alert + if (false == b) ; // $ Alert + if (b != true) ; // $ Alert + if (b != false) ; // $ Alert + if (true != b) ; // $ Alert + if (false != b) ; // $ Alert + if (b && true) ; // $ Alert + if (b && false) ; // $ Alert + if (true && b) ; // $ Alert + if (false && b) ; // $ Alert + if (b || true) ; // $ Alert + if (b || false) ; // $ Alert + if (true || b) ; // $ Alert + if (false || b) ; // $ Alert + if (!(x == y)) ; // $ Alert + if (!(x != y)) ; // $ Alert + if (!(x < y)) ; // $ Alert + if (!(x <= y)) ; // $ Alert + if (!(x >= y)) ; // $ Alert + if (!(x > y)) ; // $ Alert + if (b ? true : false) ; // $ Alert + if (b ? true : true) ; // $ Alert + if (b ? false : true) ; // $ Alert + if (b ? true : true) ; // $ Alert + if (b ? b : false) ; // $ Alert + if (b ? b : true) ; // $ Alert + if (b ? false : b) ; // $ Alert + if (b ? true : b) ; // $ Alert // BAD if (true ? b : b) ; diff --git a/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.qlref b/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.qlref index 27f8ee90aa9..222fc236213 100644 --- a/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExpr.qlref @@ -1 +1,2 @@ -Language Abuse/SimplifyBoolExpr.ql \ No newline at end of file +query: Language Abuse/SimplifyBoolExpr.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExprBad.cs b/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExprBad.cs index e65c2a88fbf..89e72c2780a 100644 --- a/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExprBad.cs +++ b/csharp/ql/test/query-tests/Language Abuse/SimplifyBoolExpr/SimplifyBoolExprBad.cs @@ -2,7 +2,7 @@ class Bad { int Size { get; set; } - bool Espresso => !(Size > 4); - bool Latte => Espresso == false && Size <= 8; - bool Grande => Espresso == false ? Latte != true : false; + bool Espresso => !(Size > 4); // $ Alert + bool Latte => Espresso == false && Size <= 8; // $ Alert + bool Grande => Espresso == false ? Latte != true : false; // $ Alert } diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs b/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs index e3aa1ad3067..3b3f06ded0f 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs +++ b/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs @@ -6,11 +6,11 @@ class Test void f() { // BAD - var bad1 = (int)1; - var bad2 = (Test)this; - var bad3 = this as Test; + var bad1 = (int)1; // $ Alert + var bad2 = (Test)this; // $ Alert + var bad3 = this as Test; // $ Alert func = (Func)(x => x); // MISSING - exprFunc = (Expression>)(x => x); + exprFunc = (Expression>)(x => x); // $ Alert // GOOD var good1 = (object)1; @@ -22,16 +22,16 @@ class Test var good7 = (Action)((int x) => { }); func = x => x; exprFunc = x => x; - exprFuncUntyped = (Expression>)(x => x); // FP + exprFuncUntyped = (Expression>)(x => x); // $ Alert // FP } enum Enum { A = 2, B = 1 | A, - C = 1 | (int)A, // BAD + C = 1 | (int)A, // $ Alert // BAD D = 9 | (32 << A), - E = 9 | (32 << (int)A) // BAD + E = 9 | (32 << (int)A) // $ Alert // BAD } private Func func; diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.qlref b/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.qlref index 7a137fff087..6e56b5c55af 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.qlref @@ -1 +1,2 @@ -Language Abuse/UselessCastToSelf.ql \ No newline at end of file +query: Language Abuse/UselessCastToSelf.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.cs b/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.cs index af7d26c98f5..981fda177fa 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.cs +++ b/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.cs @@ -5,7 +5,7 @@ class UselessIsBeforeAs if (x is string) { M(x as string); // GOOD - return (x as string) + " "; // BAD + return (x as string) + " "; // $ Alert // BAD } else { diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.qlref b/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.qlref index 9a5a7fd703c..3c499bb7802 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/UselessIsBeforeAs/UselessIsBeforeAs.qlref @@ -1 +1,2 @@ -Language Abuse/UselessIsBeforeAs.ql +query: Language Abuse/UselessIsBeforeAs.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.cs b/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.cs index f05782416fd..63f29437a9b 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.cs +++ b/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.cs @@ -6,14 +6,14 @@ class Tests { int? a = 5, b; - a = a ?? a; // BAD - a = a ?? (b = a); // BAD - a = Prop ?? Prop; // BAD - a = param ?? param; // BAD - a = a ?? use(a); // BAD - a = Field ?? this.Field; // BAD - a ??= a; // BAD - a ??= b = a; // BAD + a = a ?? a; // $ Alert // BAD + a = a ?? (b = a); // $ Alert // BAD + a = Prop ?? Prop; // $ Alert // BAD + a = param ?? param; // $ Alert // BAD + a = a ?? use(a); // $ Alert // BAD + a = Field ?? this.Field; // $ Alert // BAD + a ??= a; // $ Alert // BAD + a ??= b = a; // $ Alert // BAD a = a ?? cache(ref a); // GOOD a = a ?? store(out a); // GOOD diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.qlref b/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.qlref index 1eb957001c9..1145cc6ae81 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/UselessNullCoalescingExpression/UselessNullCoalescingExpression.qlref @@ -1 +1,2 @@ -Language Abuse/UselessNullCoalescingExpression.ql \ No newline at end of file +query: Language Abuse/UselessNullCoalescingExpression.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.cs b/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.cs index 0ec950e836d..2a3f6994631 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.cs +++ b/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.cs @@ -49,13 +49,13 @@ class Tests B b = new B(); object o; - o = (A)b; // BAD + o = (A)b; // $ Alert // BAD o = (B)b; // GOOD: Not an upcast b.M((A)b); // GOOD: Disambiguating method call - a.M1((A)b); // BAD + a.M1((A)b); // $ Alert // BAD a.M2((A)b); // GOOD: Disambiguating method call o = true ? (A)a : b; // GOOD: Needed for ternary @@ -64,7 +64,7 @@ class Tests Fn((A)b); // GOOD: Disambiguating method call - Fn2((A)b); // BAD + Fn2((A)b); // $ Alert // BAD ((I2)a).Foo(); // GOOD: Cast to an interface @@ -80,7 +80,7 @@ class Tests StaticMethods.M1((A)b); // GOOD: disambiguate targets from `StaticMethods` void M2(A _) { } - M2((A)b); // BAD: local functions cannot be overloaded + M2((A)b); // $ Alert // BAD: local functions cannot be overloaded } static void M2(A _) { } @@ -89,7 +89,7 @@ class Tests { // BAD: even though `StaticMethods` has an `M2`, only overloads in // `Tests` are taken into account - M2((A)b); + M2((A)b); // $ Alert } class Nested @@ -100,7 +100,7 @@ class Tests { // BAD: even though `StaticMethods` and `Tests` have `M2`s, only // overloads in `Nested` are taken into account - M2((B)c); + M2((B)c); // $ Alert } } } @@ -155,11 +155,11 @@ class Constructors : I2 class SubSub : Sub { - SubSub(SubSub ss) : base((Sub)ss) { } // BAD + SubSub(SubSub ss) : base((Sub)ss) { } // $ Alert // BAD void M(SubSub ss) { - new Sub((Sub)ss); // BAD + new Sub((Sub)ss); // $ Alert // BAD } } diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.qlref b/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.qlref index f0a49b78b14..d48a3f98942 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.qlref +++ b/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcast.qlref @@ -1 +1,2 @@ -Language Abuse/UselessUpcast.ql \ No newline at end of file +query: Language Abuse/UselessUpcast.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcastBad.cs b/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcastBad.cs index c69db3104fb..f3c20dc5d57 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcastBad.cs +++ b/csharp/ql/test/query-tests/Language Abuse/UselessUpcast/UselessUpcastBad.cs @@ -6,6 +6,6 @@ class Bad void M() { var sub = new Sub(); - Super super = (Super)sub; + Super super = (Super)sub; // $ Alert } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.cs b/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.cs index c5e87a4ed1e..5bdfc4d6b51 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.cs @@ -14,13 +14,13 @@ namespace ConsoleApplication2 int a = 2; // BAD - if (a % 2 == 1) + if (a % 2 == 1) // $ Alert Console.Out.WriteLine("a is odd"); - if (a % 2 != 1) + if (a % 2 != 1) // $ Alert Console.Out.WriteLine("a is even"); - if (a % 2 > 0) + if (a % 2 > 0) // $ Alert Console.Out.WriteLine("a is odd"); - if ((a % 2) > 0) + if ((a % 2) > 0) // $ Alert Console.Out.WriteLine("a is odd"); // GOOD diff --git a/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.qlref b/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.qlref index 759b3f4ab23..b65ba073c35 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/BadCheckOdd/BadCheckOdd.qlref @@ -1 +1,2 @@ -Likely Bugs/BadCheckOdd.ql \ No newline at end of file +query: Likely Bugs/BadCheckOdd.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.cs b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.cs index d68bbfc274e..a3266b494e8 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.cs @@ -5,13 +5,13 @@ class Test void Test1(string[] args) { // BAD: Loop upper bound is off-by-one - for (int i = 0; i <= args.Length; i++) + for (int i = 0; i <= args.Length; i++) // $ Alert { Console.WriteLine(args[i]); } // BAD: Loop upper bound is off-by-one - for (int i = 0; args.Length >= i; i++) + for (int i = 0; args.Length >= i; i++) // $ Alert { Console.WriteLine(args[i]); } @@ -24,13 +24,13 @@ class Test int j = 0; // BAD: Off-by-one on index validity check - if (j <= args.Length) + if (j <= args.Length) // $ Alert { Console.WriteLine(args[j]); } // BAD: Off-by-one on index validity check - if (args.Length >= j) + if (args.Length >= j) // $ Alert { Console.WriteLine(args[j]); } diff --git a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.qlref b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.qlref index 637dac3c9b8..ce56c59063f 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerLengthCmpOffByOne/ContainerLengthCmpOffByOne.qlref @@ -1 +1,2 @@ -Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql \ No newline at end of file +query: Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.cs b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.cs index 1fb70bd8dff..3418b184d5f 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.cs @@ -29,16 +29,16 @@ class Test // Arrays // NOT OK: always true - b = args.Length >= 0; + b = args.Length >= 0; // $ Alert // NOT OK: always true - b = 0 <= args.Length; + b = 0 <= args.Length; // $ Alert // NOT OK: always false - b = args.Length < 0; + b = args.Length < 0; // $ Alert // NOT OK: always false - b = 0 > args.Length; + b = 0 > args.Length; // $ Alert // OK: sometimes could be false b = args.Length > 0; @@ -58,12 +58,12 @@ class Test var ys = new Stack(); // NOT OK - b = xs.Count >= 0; - b = 0 <= xs.Count; - b = 0 <= ys.Count; + b = xs.Count >= 0; // $ Alert + b = 0 <= xs.Count; // $ Alert + b = 0 <= ys.Count; // $ Alert - b = xs.Count < 0; - b = 0 > ys.Count; + b = xs.Count < 0; // $ Alert + b = 0 > ys.Count; // $ Alert // OK b = xs.Count >= -1; @@ -74,15 +74,15 @@ class Test ///////// // missed in java, but not here - b = xs.Count >= (short)0; - b = xs.Count >= (byte)0; + b = xs.Count >= (short)0; // $ Alert + b = xs.Count >= (byte)0; // $ Alert ///////// // missed cases // NOT OK - b = xs.Count >= 0 + 0; - b = xs.Count >= 0 - 0; + b = xs.Count >= 0 + 0; // $ Alert + b = xs.Count >= 0 - 0; // $ Alert b = args.LongLength >= 0L; @@ -91,24 +91,24 @@ class Test var zs = new MyList>(); // NOT OK - b = zs.Count >= 0; - b = zs.Count < 0; + b = zs.Count >= 0; // $ Alert + b = zs.Count < 0; // $ Alert // NOT OK - b = zs[0].Count >= 0; + b = zs[0].Count >= 0; // $ Alert // NOT OK - b = zs[0][0].Length >= 0; + b = zs[0][0].Length >= 0; // $ Alert ///////// // Dictionaries var ws = new Dictionary(); // NOT OK: Always true - b = ws.Count >= 0; + b = ws.Count >= 0; // $ Alert // NOT OK: Always true - b = 0 <= ws.Count; + b = 0 <= ws.Count; // $ Alert // OK: can be false b = ws.Count >= -1; @@ -123,12 +123,12 @@ class Test var vs = new System.Collections.BitArray(1); // NOT OK: Always true - b = us.Count >= 0; - b = 0 > vs.Count; + b = us.Count >= 0; // $ Alert + b = 0 > vs.Count; // $ Alert // NOT OK: Always true - b = 0 <= us.Count; - b = vs.Count < 0; + b = 0 <= us.Count; // $ Alert + b = vs.Count < 0; // $ Alert // OK: can be false b = us.Count >= -1; @@ -144,13 +144,13 @@ class Test bool b; // NOT OK - b = xs.Count >= 0; - b = 0 <= xs.Count; - b = 0 <= ys.Count; + b = xs.Count >= 0; // $ Alert + b = 0 <= xs.Count; // $ Alert + b = 0 <= ys.Count; // $ Alert - b = xs.Count < 0; - b = ys.Count < 0; - b = 0 > xs.Count; + b = xs.Count < 0; // $ Alert + b = ys.Count < 0; // $ Alert + b = 0 > xs.Count; // $ Alert return b; } @@ -158,6 +158,6 @@ class Test static bool DebugAssert(ICollection c) { Debug.Assert(c.Count >= 0); // OK - return c.Count >= 0; // NOT OK + return c.Count >= 0; // $ Alert // NOT OK } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.qlref b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.qlref index 17c0434a3a8..92952b25bdb 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/Collections/ContainerSizeCmpZero/ContainerSizeCmpZero.qlref @@ -1 +1,2 @@ -Likely Bugs/Collections/ContainerSizeCmpZero.ql \ No newline at end of file +query: Likely Bugs/Collections/ContainerSizeCmpZero.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.cs b/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.cs index 0d10e11b7f6..976f18c7e15 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.cs @@ -12,10 +12,10 @@ class Test if (c != null ^ this.Field > 0) ; // GOOD if (c != null && c.Field > 0) ; // GOOD - if (c != null & c.Field > 0) ; // BAD - if (c == null | c.Property == "") ; // BAD - if (c == null | c[0]) ; // BAD - if (c == null | c.Method()) ; // BAD + if (c != null & c.Field > 0) ; // $ Alert // BAD + if (c == null | c.Property == "") ; // $ Alert // BAD + if (c == null | c[0]) ; // $ Alert // BAD + if (c == null | c.Method()) ; // $ Alert // BAD var b = true; b &= c.Method(); // GOOD @@ -34,4 +34,3 @@ class Test public bool Method(out int x) { x = 0; return false; } } } - diff --git a/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.qlref b/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.qlref index 6e192b5b73f..c150d5b2bd6 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/DangerousNonShortCircuitLogic/DangerousNonShortCircuitLogic.qlref @@ -1 +1,2 @@ -Likely Bugs/DangerousNonShortCircuitLogic.ql \ No newline at end of file +query: Likely Bugs/DangerousNonShortCircuitLogic.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/Dynamic/BadDynamicCall.qlref b/csharp/ql/test/query-tests/Likely Bugs/Dynamic/BadDynamicCall.qlref index e9490e9041a..60268eb9d75 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/Dynamic/BadDynamicCall.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/Dynamic/BadDynamicCall.qlref @@ -1 +1,2 @@ -Likely Bugs/Dynamic/BadDynamicCall.ql \ No newline at end of file +query: Likely Bugs/Dynamic/BadDynamicCall.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/Dynamic/dynamic.cs b/csharp/ql/test/query-tests/Likely Bugs/Dynamic/dynamic.cs index 66626400b90..06f18e05320 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/Dynamic/dynamic.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/Dynamic/dynamic.cs @@ -43,17 +43,17 @@ class Class1 x.M5(1, new string[1]); // These are BAD: - x.M1(1); - x.M2(); - x.M2("", 1); - x.M2(1, "", 2.0); - x.M3(); - x.M3(1, 2, 3, 4); - x.M4(); - x.M4(1, 2); - x.M4(""); - x.M4(1, new object[1]); - x.M6(); + x.M1(1); // $ Alert + x.M2(); // $ Alert + x.M2("", 1); // $ Alert + x.M2(1, "", 2.0); // $ Alert + x.M3(); // $ Alert + x.M3(1, 2, 3, 4); // $ Alert + x.M4(); // $ Alert + x.M4(1, 2); // $ Alert + x.M4(""); // $ Alert + x.M4(1, new object[1]); // $ Alert + x.M6(); // $ Alert // These are GOOD: x.M7(2); @@ -61,8 +61,8 @@ class Class1 x.M5(1, new string[] { "abc" }, new string[] { "def" }); // These are BAD: - x.M7(2, "abc"); - x.M8(1, new string[] { "abc" }, new string[] { "def" }); + x.M7(2, "abc"); // $ Alert + x.M8(1, new string[] { "abc" }, new string[] { "def" }); // $ Alert // These are GOOD: if ("" + "" == "") ; @@ -73,7 +73,7 @@ class Class1 d -= 10; // These are BAD: - x = x + x; + x = x + x; // $ Alert // These are GOOD: dynamic d2 = GetI(); @@ -81,7 +81,7 @@ class Class1 // These are BAD: dynamic d3 = GetI(); - d3.M(); + d3.M(); // $ Alert // These are GOOD dynamic d4 = ""; diff --git a/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.cs b/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.cs index dba87ee0450..1639ee8f844 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.cs @@ -8,7 +8,7 @@ public class Test // NOT OK public bool AreTheseMyNumbers(int[] numbers) { - return this.numbers.Equals(numbers); + return this.numbers.Equals(numbers); // $ Alert } // OK @@ -20,13 +20,13 @@ public class Test // NOT OK (string is also IEnumerable) public bool Incomparable(string s) { - return numbers.Equals(s); + return numbers.Equals(s); // $ Alert } // NOT OK public bool CollectionEquals(IEnumerable c1) { - return c1.Equals(c1); + return c1.Equals(c1); // $ Alert } class CollectionImplementingIEnumerable1 : IEnumerable @@ -84,7 +84,7 @@ public class Test // NOT OK: Nothing overrides Equals() bool OverriddenEquals(CollectionImplementingIEnumerable1 c) { - return c.Equals(c); + return c.Equals(c); // $ Alert } // OK: ImplementEquals overrides Equals() diff --git a/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.qlref b/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.qlref index d96256b3b97..8e560893a1d 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/EqualsArray/EqualsArray.qlref @@ -1 +1,2 @@ -Likely Bugs/EqualsArray.ql \ No newline at end of file +query: Likely Bugs/EqualsArray.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.cs b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.cs index f50ada45a41..a83e94bd23d 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.cs @@ -2,7 +2,7 @@ public class Test1 { public override bool Equals(object other) { - var otherTest = other as Test1; // BAD + var otherTest = other as Test1; // $ Alert // BAD return otherTest != null; } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.qlref b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.qlref index e3ec94efc2c..269ea2e6e51 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesAs/EqualsUsesAs.qlref @@ -1 +1,2 @@ -Likely Bugs/EqualsUsesAs.ql \ No newline at end of file +query: Likely Bugs/EqualsUsesAs.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.cs b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.cs index 6e1db1bd05a..ab8c3da664a 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.cs @@ -2,7 +2,7 @@ public class Test1 { public override bool Equals(object other) { - return other is Test1; // BAD + return other is Test1; // $ Alert // BAD } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.qlref b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.qlref index 04003a637c0..cbff9b573dd 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/EqualsUsesIs/EqualsUsesIs.qlref @@ -1 +1,2 @@ -Likely Bugs/EqualsUsesIs.ql \ No newline at end of file +query: Likely Bugs/EqualsUsesIs.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.cs b/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.cs index cb9c97e8aa9..52043bfd4f4 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.cs @@ -3,7 +3,7 @@ public class Test public bool M() { var x = new Test2(); - return this.Equals(x); // BAD + return this.Equals(x); // $ Alert // BAD } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref b/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref index 96eae4e2eac..91b47c6ddd9 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref @@ -1 +1,2 @@ -Likely Bugs/IncomparableEquals.ql \ No newline at end of file +query: Likely Bugs/IncomparableEquals.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.cs b/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.cs index b405dc09e1f..78a9749afeb 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.cs @@ -31,25 +31,25 @@ abstract class GoodComparableAbstract : IComparable public abstract int CompareTo(object other); } -class BadComparable : IComparable +class BadComparable : IComparable // $ Alert { public int CompareTo(object other) { return 0; } public override int GetHashCode() { return 0; } } -class BadComparableInt : IComparable +class BadComparableInt : IComparable // $ Alert { public int CompareTo(int x) { return 0; } public override int GetHashCode() { return 0; } } -class BadComparableT : IComparable +class BadComparableT : IComparable // $ Alert { public int CompareTo(T t) { return 0; } public override int GetHashCode() { return 0; } } -class BadComparableNewEquals : IComparable +class BadComparableNewEquals : IComparable // $ Alert { public int CompareTo(object other) { return 0; } public new bool Equals(object other) { return false; } diff --git a/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.qlref b/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.qlref index 5663237f672..03552e829c8 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/InconsistentCompareTo/InconsistentCompareTo.qlref @@ -1 +1,2 @@ -Likely Bugs/InconsistentCompareTo.ql \ No newline at end of file +query: Likely Bugs/InconsistentCompareTo.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/MishandlingJapaneseEra.qlref b/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/MishandlingJapaneseEra.qlref index cf11ec92545..791b603a2e9 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/MishandlingJapaneseEra.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/MishandlingJapaneseEra.qlref @@ -1 +1,2 @@ -Likely Bugs/MishandlingJapaneseEra.ql \ No newline at end of file +query: Likely Bugs/MishandlingJapaneseEra.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/Program.cs b/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/Program.cs index 561b093f230..9412593929a 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/Program.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/MishandlingJapaneseEra/Program.cs @@ -9,28 +9,28 @@ namespace JapaneseDates static void Main(string[] args) { // BAD: hard-coded era start date - var henseiStart = new DateTime(1989, 1, 8); + var henseiStart = new DateTime(1989, 1, 8); // $ Alert // BAD: hard-coded era start dates, list - List listOfEraStart = new List { new DateTime(1989, 1, 8) }; + List listOfEraStart = new List { new DateTime(1989, 1, 8) }; // $ Alert // BAD: hardcoded era name string currentEra = "Heisei"; DateTimeOffset dateNow = DateTimeOffset.Now; - DateTimeOffset dateThisEra = new DateTimeOffset(1989, 1, 8, 0, 0, 0, 0, TimeSpan.Zero); + DateTimeOffset dateThisEra = new DateTimeOffset(1989, 1, 8, 0, 0, 0, 0, TimeSpan.Zero); // $ Alert CultureInfo japaneseCulture = CultureInfo.GetCultureInfo("ja-JP"); JapaneseCalendar jk = new JapaneseCalendar(); // BAD: datetime is created from constant year in the current era, and the result will change with era change - var datejkCurrentEra = jk.ToDateTime(32, 2, 1, 9, 9, 9, 9); + var datejkCurrentEra = jk.ToDateTime(32, 2, 1, 9, 9, 9, 9); // $ Alert Console.WriteLine("Date for datejkCurrentEra {0} and year {1}", datejkCurrentEra.ToString(japaneseCulture), jk.GetYear (datejkCurrentEra)); // BAD: datetime is created from constant year in the current era, and the result will change with era change - var datejk = jk.ToDateTime(32, 2, 1, 9, 9, 9, 9, 0); + var datejk = jk.ToDateTime(32, 2, 1, 9, 9, 9, 9, 0); // $ Alert Console.WriteLine("Date for jk {0} and year {1}", datejk.ToString(japaneseCulture), jk.GetYear (datejk)); // OK: datetime is created from constant year in the specific era, and the result will not change with era change @@ -46,7 +46,7 @@ namespace JapaneseDates Console.WriteLine("Which converts to year {0}", realYear); // BAD: creating DateTime using specified Japanese era date. This may yield a different date when era changes - DateTime val = new DateTime(32, 2, 1, new JapaneseCalendar()); + DateTime val = new DateTime(32, 2, 1, new JapaneseCalendar()); // $ Alert Console.WriteLine("DateTime from constructor {0}", val); // OK: variable data for Year, not necessarily hard-coded and can come from adjusted source diff --git a/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.cs b/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.cs index cd01795f202..8dc1062d15b 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.cs @@ -6,7 +6,7 @@ class NestedLoopsSameVariable { for (int i = 0; i < 2; i++) { - for (int j = 0; j < 2; i++) + for (int j = 0; j < 2; i++) // $ Alert { Console.WriteLine(i + " " + j); } diff --git a/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.qlref b/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.qlref index c28b56d296d..1e447054392 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/NestedLoopsSameVariable.qlref @@ -1 +1,2 @@ -Likely Bugs/NestedLoopsSameVariable.ql \ No newline at end of file +query: Likely Bugs/NestedLoopsSameVariable.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/Test.cs b/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/Test.cs index 7b08cd2c914..671ffccb1d0 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/Test.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/NestedLoopsSameVariable/Test.cs @@ -19,7 +19,7 @@ class Test for (int i=0; i<10; ++i) { // BAD: considered to be a different condition - for (; 10>i; ++i) + for (; 10>i; ++i) // $ Alert { Console.WriteLine(i); } @@ -31,7 +31,7 @@ class Test for (int i=0; i<10; ++i) { // BAD: different condition - for (; i<9; ++i) + for (; i<9; ++i) // $ Alert { Console.WriteLine(i); } @@ -43,7 +43,7 @@ class Test for (int i=0; i<10; ++i) { // BAD: different condition - for (; i<=10; ++i) + for (; i<=10; ++i) // $ Alert { Console.WriteLine(i); } @@ -54,7 +54,7 @@ class Test { for (int i=0; i<10; ++i) { - for (; i<10; ++i) + for (; i<10; ++i) // $ Alert { } diff --git a/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.cs b/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.cs index 2774b9229fb..abaaf77ab44 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.cs @@ -13,10 +13,10 @@ class ObjectComparisonTest : I ObjectComparisonTest y = new ObjectComparisonTest(); var b = x == y; // GOOD: but still reference equality - b = (object)x == y; // BAD - b = x == (object)y; // BAD - b = (I)x == y; // BAD - b = x == (I)y; // BAD + b = (object)x == y; // $ Alert // BAD + b = x == (object)y; // $ Alert // BAD + b = (I)x == y; // $ Alert // BAD + b = x == (I)y; // $ Alert // BAD b = (object)x == Field1; // GOOD b = Field1 == (object)x; // GOOD diff --git a/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.qlref b/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.qlref index 6f834d6d654..e4722848720 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/ObjectComparison/ObjectComparison.qlref @@ -1 +1,2 @@ -Likely Bugs/ObjectComparison.ql \ No newline at end of file +query: Likely Bugs/ObjectComparison.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.cs b/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.cs index 9a5cdc7c490..639e914e479 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.cs @@ -11,18 +11,18 @@ class Program decimal dec; // These are BAD: - d = 1 / 2; - f = 1 / 2; - d = -1 / 2; - f = -2 / 3; - d = x / y; - f = x / y; - d = x / 2; - d = 4 / y; - d = 1.0 + 1 / 2; - d = 2.0 * (1 / 2); - d = 1 + 1 / 2 + 4 / 2; - d = 1 * (1 / 2); + d = 1 / 2; // $ Alert + f = 1 / 2; // $ Alert + d = -1 / 2; // $ Alert + f = -2 / 3; // $ Alert + d = x / y; // $ Alert + f = x / y; // $ Alert + d = x / 2; // $ Alert + d = 4 / y; // $ Alert + d = 1.0 + 1 / 2; // $ Alert + d = 2.0 * (1 / 2); // $ Alert + d = 1 + 1 / 2 + 4 / 2; // $ Alert + d = 1 * (1 / 2); // $ Alert // These are GOOD: d = 4 / 2; @@ -30,8 +30,8 @@ class Program i = 5 / 10; // These are BAD: - dec = 2 * i + 1; - dec = unchecked(int.MaxValue * int.MaxValue); + dec = 2 * i + 1; // $ Alert + dec = unchecked(int.MaxValue * int.MaxValue); // $ Alert // These are GOOD: dec = 2 * (uint)int.MaxValue - 1; diff --git a/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.qlref b/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.qlref index ecddf650e79..82a58e295a5 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/PossibleLossOfPrecision/PossibleLossOfPrecision.qlref @@ -1 +1,2 @@ -Likely Bugs/PossibleLossOfPrecision.ql \ No newline at end of file +query: Likely Bugs/PossibleLossOfPrecision.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.cs b/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.cs index fac7c9135af..f62866a6bc3 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.cs @@ -8,14 +8,14 @@ class RandomTest { void f() { - new Random().Next(); // BAD + new Random().Next(); // $ Alert // BAD byte[] buffer = new byte[10]; - new Random().NextBytes(buffer); // BAD + new Random().NextBytes(buffer); // $ Alert // BAD - new Random().NextDouble(); // BAD - new Random().Next(10); // BAD - new Random().Next(10, 20); // BAD + new Random().NextDouble(); // $ Alert // BAD + new Random().Next(10); // $ Alert // BAD + new Random().Next(10, 20); // $ Alert // BAD new Random().Equals(null); // GOOD } diff --git a/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.qlref b/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.qlref index bff45345114..f9bb6c3eeb5 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/RandomUsedOnce/RandomUsedOnce.qlref @@ -1 +1,2 @@ -Likely Bugs/RandomUsedOnce.ql \ No newline at end of file +query: Likely Bugs/RandomUsedOnce.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.cs b/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.cs index 3182dc8430c..f97b22ed224 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.cs @@ -6,7 +6,7 @@ class RecursiveEquals public override bool Equals(object rhs) { if (rhs.GetType() != this.GetType()) return false; - return Equals(rhs); + return Equals(rhs); // $ Alert } public bool Equals(Bad rhs) diff --git a/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.qlref b/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.qlref index d78738e7f9d..68a07bb347d 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/RecursiveEquals/RecursiveEquals.qlref @@ -1 +1,2 @@ -Likely Bugs/RecursiveEquals.ql \ No newline at end of file +query: Likely Bugs/RecursiveEquals.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/SelfAssignment.qlref b/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/SelfAssignment.qlref index 28778bdd1c8..82f6d5d9682 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/SelfAssignment.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/SelfAssignment.qlref @@ -1 +1,2 @@ -Likely Bugs/SelfAssignment.ql +query: Likely Bugs/SelfAssignment.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/selfassigns.cs b/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/selfassigns.cs index 6d1387a5e1d..c65c39349b3 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/selfassigns.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/SelfAssignment/selfassigns.cs @@ -70,17 +70,17 @@ class SelfAssigns : Super public void NotOK(SelfAssigns obj, int y) { - this[4] = this[4]; - y = y; - obj.y = obj.y; - z = this.z; - this.z = z; - obj.Normal1 = obj.Normal1; - obj.Normal2 = obj.Normal2; - base.IntField = IntField; - this.BoolProp = base.BoolProp; - this.Self.Self.Self.StringProp = Self.Self.Self.StringProp; - intArray[1] = this.intArray[1 + 0]; + this[4] = this[4]; // $ Alert + y = y; // $ Alert + obj.y = obj.y; // $ Alert + z = this.z; // $ Alert + this.z = z; // $ Alert + obj.Normal1 = obj.Normal1; // $ Alert + obj.Normal2 = obj.Normal2; // $ Alert + base.IntField = IntField; // $ Alert + this.BoolProp = base.BoolProp; // $ Alert + this.Self.Self.Self.StringProp = Self.Self.Self.StringProp; // $ Alert + intArray[1] = this.intArray[1 + 0]; // $ Alert } enum Enum diff --git a/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.cs b/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.cs index 244a6b2fd15..ad95d66798d 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.cs @@ -12,7 +12,7 @@ class StaticFields StaticFields() { - staticField = 0; // BAD + staticField = 0; // $ Alert // BAD instanceField = 0; // OK } @@ -23,7 +23,7 @@ class StaticFields void InstanceTest() { - staticField = 0; // BAD + staticField = 0; // $ Alert // BAD instanceField = 0; // OK } @@ -40,7 +40,7 @@ class StaticFields { get { - return backingField ?? (backingField = new object()); // BAD + return backingField ?? (backingField = new object()); // $ Alert // BAD } } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.qlref b/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.qlref index 6c3a7cc4824..62a3ba9ac28 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/StaticFieldWrittenByInstance/StaticFieldWrittenByInstance.qlref @@ -1 +1,2 @@ -Likely Bugs/StaticFieldWrittenByInstance.ql +query: Likely Bugs/StaticFieldWrittenByInstance.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBufferCharInit.qlref b/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBufferCharInit.qlref index 8d6feb01896..10a4fb9ee8e 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBufferCharInit.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBufferCharInit.qlref @@ -1 +1,2 @@ -Likely Bugs/StringBuilderCharInit.ql \ No newline at end of file +query: Likely Bugs/StringBuilderCharInit.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBuilderCharInit.cs b/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBuilderCharInit.cs index 256199df177..a6d15816aeb 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBuilderCharInit.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/StringBuilderCharInit/StringBuilderCharInit.cs @@ -6,14 +6,14 @@ class Test { new StringBuilder(); new StringBuilder(12); - new StringBuilder('a'); // BAD + new StringBuilder('a'); // $ Alert // BAD new StringBuilder(3, 4); - new StringBuilder(3, 'a'); // BAD - new StringBuilder('a', 'b'); // BAD + new StringBuilder(3, 'a'); // $ Alert // BAD + new StringBuilder('a', 'b'); // $ Alert // BAD new StringBuilder(""); new StringBuilder("", 12); - new StringBuilder("", 'a'); // BAD + new StringBuilder("", 'a'); // $ Alert // BAD new StringBuilder("abc", 1, 1, 12); - new StringBuilder("abc", 1, 1, 'a'); // BAD + new StringBuilder("abc", 1, 1, 'a'); // $ Alert // BAD } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.cs b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.cs index e886518dcdf..9cf42b90263 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.cs @@ -37,12 +37,12 @@ public class ListNonStatic /// public class Nest03 { - private static readonly Nest01 _n = new Nest01(); + private static readonly Nest01 _n = new Nest01(); // $ Alert } public class Nest04 { - static ListNonStatic _list = new ListNonStatic(); + static ListNonStatic _list = new ListNonStatic(); // $ Alert } public static class StaticMemberChildUsage @@ -53,7 +53,7 @@ public static class StaticMemberChildUsage SHA256, } - private static readonly IDictionary HashMap = new Dictionary + private static readonly IDictionary HashMap = new Dictionary // $ Alert { { DigestAlgorithm.SHA1, SHA1.Create() }, { DigestAlgorithm.SHA256, SHA256.Create() }, @@ -62,12 +62,12 @@ public static class StaticMemberChildUsage public class StaticMember { - private static SHA1 _sha1 = SHA1.Create(); + private static SHA1 _sha1 = SHA1.Create(); // $ Alert } public class IndirectStatic2 { - static Nest02 _n = new Nest02(); + static Nest02 _n = new Nest02(); // $ Alert } /// diff --git a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.qlref b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.qlref index e247961a538..7a9c7023757 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransform/ThreadUnsafeICryptoTransform.qlref @@ -1 +1,2 @@ -Likely Bugs/ThreadUnsafeICryptoTransform.ql \ No newline at end of file +query: Likely Bugs/ThreadUnsafeICryptoTransform.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.cs b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.cs index f62c25025fc..83018409f5c 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.cs @@ -23,7 +23,7 @@ class DirectUsagePositiveCase // BUG expected var threads = Enumerable.Range(0, threadCount) - .Select(_ => new ThreadStart(start)) + .Select(_ => new ThreadStart(start)) // $ Alert .Select(x => new Thread(x)) .ToList(); foreach (var t in threads) t.Start(); @@ -85,7 +85,7 @@ class IndirectUsagePositiveCase } }; var threads = Enumerable.Range(0, threadCount) - .Select(_ => new ThreadStart(start)) + .Select(_ => new ThreadStart(start)) // $ Alert .Select(x => new Thread(x)) .ToList(); foreach (var t in threads) t.Start(); @@ -143,12 +143,12 @@ class ParallelInvoke { var bytes = new byte[4]; Convert.ToBase64String(sha1.ComputeHash(bytes)); - }, + }, // $ Alert () => { var bytes = new byte[4]; Convert.ToBase64String(sha1.ComputeHash(bytes)); - } + } // $ Alert ); } diff --git a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.qlref b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.qlref index 0a869270c9b..f206d84cd77 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.qlref @@ -1 +1,2 @@ -Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql \ No newline at end of file +query: Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.cs b/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.cs index 31e2336d0ca..346dcc94c07 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.cs @@ -4,6 +4,6 @@ public class Test public override bool Equals(object other) { - return ((Test)other).Field == this.Field; + return ((Test)other).Field == this.Field; // $ Alert } } diff --git a/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.qlref b/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.qlref index 4fc0cc8938f..fa38710c751 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/UncheckedCastInEquals/UncheckedCastInEquals.qlref @@ -1 +1,2 @@ -Likely Bugs/UncheckedCastInEquals.ql \ No newline at end of file +query: Likely Bugs/UncheckedCastInEquals.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/Program.cs b/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/Program.cs index b7b6b4d4e3a..83c18ca5276 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/Program.cs +++ b/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/Program.cs @@ -10,11 +10,11 @@ namespace LeapYear { var now = DateTime.UtcNow; // BAD - this.Start = new DateTime(now.Year - 1, now.Month, now.Day, 0, 0, 0, DateTimeKind.Utc); + this.Start = new DateTime(now.Year - 1, now.Month, now.Day, 0, 0, 0, DateTimeKind.Utc); // $ Alert - var endYear = now.Year + 1; + var endYear = now.Year + 1; // $ Source // BAD - this.End = new DateTime(endYear, now.Month, now.Day, 0, 0, 1, DateTimeKind.Utc); + this.End = new DateTime(endYear, now.Month, now.Day, 0, 0, 1, DateTimeKind.Utc); // $ Alert // GOOD this.Start = now.AddYears(-1).Date; @@ -23,14 +23,14 @@ namespace LeapYear private void Test(int year, int month, int day) { // BAD (arithmetic operation from StartTest) - this.Start = new DateTime(year, month, day); + this.Start = new DateTime(year, month, day); // $ Alert } public void StartTest() { var now = DateTime.UtcNow; // flows into Test (source for bug) - Test(now.Year - 1, now.Month, now.Day); + Test(now.Year - 1, now.Month, now.Day); // $ Source } public void StartTestFP() diff --git a/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/UnsafeYearConstruction.qlref b/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/UnsafeYearConstruction.qlref index 37fd40fb036..8eebe63939d 100644 --- a/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/UnsafeYearConstruction.qlref +++ b/csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/UnsafeYearConstruction.qlref @@ -1 +1,2 @@ -Likely Bugs/LeapYear/UnsafeYearConstruction.ql \ No newline at end of file +query: Likely Bugs/LeapYear/UnsafeYearConstruction.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.cs b/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.cs index fe5617c228a..5bd7f5dcec0 100644 --- a/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.cs +++ b/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.cs @@ -11,7 +11,7 @@ class MissedCastOpportunity { Dog d = (Dog)a; d.Woof(); - } + } // $ Alert } public void M2(NonEnumerableClass nec) @@ -31,7 +31,7 @@ class MissedCastOpportunity { Dog d = (Dog)animal; d.Woof(); - } + } // $ Alert } public void M4(Array animals) @@ -41,7 +41,7 @@ class MissedCastOpportunity { Dog d = (Dog)animal; d.Woof(); - } + } // $ Alert } public void M5(IEnumerable animals) @@ -51,7 +51,7 @@ class MissedCastOpportunity { Dog d = (Dog)animal; d.Woof(); - } + } // $ Alert } public class NonEnumerableClass diff --git a/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.qlref b/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.qlref index 8d70f999503..3731b64605f 100644 --- a/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.qlref +++ b/csharp/ql/test/query-tests/Linq/MissedCastOpportunity/MissedCastOpportunity.qlref @@ -1 +1,2 @@ -Linq/MissedCastOpportunity.ql +query: Linq/MissedCastOpportunity.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.cs b/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.cs index d1326c70ee2..0fee1e9c48f 100644 --- a/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.cs +++ b/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.cs @@ -13,7 +13,7 @@ class MissedWhereOpportunity continue; Console.WriteLine(i); Console.WriteLine((i / 2)); - } + } // $ Alert // BAD: Can be replaced with lst.Where(e => e % 2 == 0) foreach (int i in lst) @@ -23,7 +23,7 @@ class MissedWhereOpportunity Console.WriteLine(i); Console.WriteLine((i / 2)); } - } + } // $ Alert } public void M2(NonEnumerableClass nec) @@ -49,7 +49,7 @@ class MissedWhereOpportunity Console.WriteLine(n); Console.WriteLine((n / 2)); } - } + } // $ Alert } public void M4(Array arr) @@ -73,7 +73,7 @@ class MissedWhereOpportunity { Console.WriteLine(element); } - } + } // $ Alert } public class NonEnumerableClass diff --git a/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.qlref b/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.qlref index 4a08b459a6c..815371aba99 100644 --- a/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.qlref +++ b/csharp/ql/test/query-tests/Linq/MissedWhereOpportunity/MissedWhereOpportunity.qlref @@ -1 +1,2 @@ -Linq/MissedWhereOpportunity.ql +query: Linq/MissedWhereOpportunity.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/MagicConstants/AttributeInts.cs b/csharp/ql/test/query-tests/MagicConstants/AttributeInts.cs index 370dc0a948f..441525751b8 100644 --- a/csharp/ql/test/query-tests/MagicConstants/AttributeInts.cs +++ b/csharp/ql/test/query-tests/MagicConstants/AttributeInts.cs @@ -20,7 +20,7 @@ class IntAttributes void f2() { // BAD - var x = 555 + + var x = 555 + // $ Alert[cs/magic-number] 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555 + 555; } diff --git a/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.cs b/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.cs index 5dd81b335f7..4100d12f93f 100644 --- a/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.cs +++ b/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.cs @@ -3,7 +3,7 @@ class MyClass { public static void Main() { - System.Console.WriteLine("Hello, World!"); + System.Console.WriteLine("Hello, World!"); // $ Alert[cs/magic-string] System.Console.WriteLine("Hello, World!"); System.Console.WriteLine("Hello, World!"); System.Console.WriteLine("Hello, World!"); diff --git a/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.qlref b/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.qlref index c471ffedda8..7b0fd125d42 100644 --- a/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.qlref +++ b/csharp/ql/test/query-tests/MagicConstants/AttributeStrings.qlref @@ -1 +1,2 @@ -Bad Practices/Magic Constants/MagicConstantsString.ql \ No newline at end of file +query: Bad Practices/Magic Constants/MagicConstantsString.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/MagicConstants/HashCode.cs b/csharp/ql/test/query-tests/MagicConstants/HashCode.cs index 71308f8fb6c..7767fa6499d 100644 --- a/csharp/ql/test/query-tests/MagicConstants/HashCode.cs +++ b/csharp/ql/test/query-tests/MagicConstants/HashCode.cs @@ -13,7 +13,7 @@ class MyHashCode { // BAD: Number 391 is repeated. return - 391 + + 391 + // $ Alert[cs/magic-number] 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 391 + 397; } diff --git a/csharp/ql/test/query-tests/MagicConstants/MagicConstantsNumbers.qlref b/csharp/ql/test/query-tests/MagicConstants/MagicConstantsNumbers.qlref index 8047296eeeb..514381dce91 100644 --- a/csharp/ql/test/query-tests/MagicConstants/MagicConstantsNumbers.qlref +++ b/csharp/ql/test/query-tests/MagicConstants/MagicConstantsNumbers.qlref @@ -1 +1,2 @@ -Bad Practices/Magic Constants/MagicConstantsNumbers.ql \ No newline at end of file +query: Bad Practices/Magic Constants/MagicConstantsNumbers.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.cs b/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.cs index 35f1bbb1435..039ac137dda 100644 --- a/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.cs +++ b/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.cs @@ -16,12 +16,12 @@ class UseConstantNumber byte[] values2 = { 241 }; // BAD: Use constant - int values3 = 241; + int values3 = 241; // $ Alert[cs/use-number-constant] void Test() { // BAD: Use constant - var v1 = 241; + var v1 = 241; // $ Alert[cs/use-number-constant] // GOOD: Constant used var v2 = IntConstants.PUBLIC_CONST; diff --git a/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.qlref b/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.qlref index 65c1a785c6c..75437932f58 100644 --- a/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.qlref +++ b/csharp/ql/test/query-tests/MagicConstants/MagicNumbersUseConstant.qlref @@ -1 +1,2 @@ -Bad Practices/Magic Constants/MagicNumbersUseConstant.ql \ No newline at end of file +query: Bad Practices/Magic Constants/MagicNumbersUseConstant.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.cs b/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.cs index c0b0fc8189c..a09bf27c8d9 100644 --- a/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.cs +++ b/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.cs @@ -14,12 +14,12 @@ class UseConstantString string[] values1 = { "abcdefgh" }; // BAD: Use constant - string values2 = "abcdefgh"; + string values2 = "abcdefgh"; // $ Alert[cs/use-string-constant] void Test() { // BAD: Use constant - var v1 = "abcdefgh"; + var v1 = "abcdefgh"; // $ Alert[cs/use-string-constant] // GOOD: Constant used. var v2 = StringConstants.PUBLIC_CONSTANT; diff --git a/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.qlref b/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.qlref index 72b6dcbab7d..7ded4ffe161 100644 --- a/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.qlref +++ b/csharp/ql/test/query-tests/MagicConstants/MagicStringsUseConstant.qlref @@ -1 +1,2 @@ -Bad Practices/Magic Constants/MagicStringsUseConstant.ql \ No newline at end of file +query: Bad Practices/Magic Constants/MagicStringsUseConstant.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Metrics/Files/FLinesOfCommentedCode/flinesofcommentedcode.qlref b/csharp/ql/test/query-tests/Metrics/Files/FLinesOfCommentedCode/flinesofcommentedcode.qlref index 85a80a9627e..95218350069 100644 --- a/csharp/ql/test/query-tests/Metrics/Files/FLinesOfCommentedCode/flinesofcommentedcode.qlref +++ b/csharp/ql/test/query-tests/Metrics/Files/FLinesOfCommentedCode/flinesofcommentedcode.qlref @@ -1 +1 @@ -Metrics/Files/FLinesOfCommentedCode.ql \ No newline at end of file +query: Metrics/Files/FLinesOfCommentedCode.ql diff --git a/csharp/ql/test/query-tests/Metrics/RefTypes/TNumberOfFields/EnumSize.qlref b/csharp/ql/test/query-tests/Metrics/RefTypes/TNumberOfFields/EnumSize.qlref index c20a0d3886c..67b897b1f5d 100644 --- a/csharp/ql/test/query-tests/Metrics/RefTypes/TNumberOfFields/EnumSize.qlref +++ b/csharp/ql/test/query-tests/Metrics/RefTypes/TNumberOfFields/EnumSize.qlref @@ -1 +1 @@ -Metrics/RefTypes/TNumberOfFields.ql \ No newline at end of file +query: Metrics/RefTypes/TNumberOfFields.ql diff --git a/csharp/ql/test/query-tests/Metrics/Summaries/LinesOfCode.qlref b/csharp/ql/test/query-tests/Metrics/Summaries/LinesOfCode.qlref index 8c18065043f..7510037b810 100644 --- a/csharp/ql/test/query-tests/Metrics/Summaries/LinesOfCode.qlref +++ b/csharp/ql/test/query-tests/Metrics/Summaries/LinesOfCode.qlref @@ -1 +1 @@ -Metrics/Summaries/LinesOfCode.ql \ No newline at end of file +query: Metrics/Summaries/LinesOfCode.ql diff --git a/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.cs b/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.cs index 63b8d5b386e..dc1c24e3d3e 100644 --- a/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.cs +++ b/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.cs @@ -7,7 +7,7 @@ class Program { foreach (var arg in args) { - var sb = new StringBuilder(); // BAD: Creation in loop + var sb = new StringBuilder(); // $ Alert // BAD: Creation in loop sb.Append("Hello ").Append(arg); Console.WriteLine(sb); } @@ -33,7 +33,7 @@ class Program sb = new StringBuilder(); // GOOD: Not in all control paths else sb.Clear(); - lock (sb) sb = new StringBuilder(); // BAD: In all control paths + lock (sb) sb = new StringBuilder(); // $ Alert // BAD: In all control paths sb.Append("Hello ").Append(arg); Console.WriteLine(sb); } diff --git a/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.qlref b/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.qlref index 3b5d707f51e..8b8d7b8e147 100644 --- a/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.qlref +++ b/csharp/ql/test/query-tests/Performance/StringBuilderInLoop/StringBuilderInLoop.qlref @@ -1 +1,2 @@ -Performance/StringBuilderInLoop.ql \ No newline at end of file +query: Performance/StringBuilderInLoop.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.cs b/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.cs index 4947363a083..80dde40d553 100644 --- a/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.cs +++ b/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.cs @@ -10,8 +10,8 @@ class Program var x1 = ""; for (var i = 0; i < 1000; i++) { - x0 += "" + i; // BAD - x1 = x1 + i; // BAD + x0 += "" + i; // $ Alert // BAD + x1 = x1 + i; // $ Alert // BAD var x2 = ""; x2 += x1; // GOOD } diff --git a/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.qlref b/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.qlref index edd774f1e60..302e7fefd8a 100644 --- a/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.qlref +++ b/csharp/ql/test/query-tests/Performance/StringConcatenationInLoop/StringConcatenationInLoop.qlref @@ -1 +1,2 @@ -Performance/StringConcatenationInLoop.ql \ No newline at end of file +query: Performance/StringConcatenationInLoop.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.cs b/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.cs index 296ffaa82f2..9f39c43926e 100644 --- a/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.cs +++ b/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.cs @@ -16,24 +16,24 @@ class Test dict.TryGetValue(2, out x); // These are BAD - if (dict.ContainsKey(1)) x = dict[1]; - if (dict.ContainsKey(1) && dict[1] == 2) ; - if (!dict.ContainsKey(1) && dict[1] == 2) ; - if (!dict.ContainsKey(1) || dict[1] == 2) ; - if (dict.ContainsKey(1) || dict[1] == 2) ; + if (dict.ContainsKey(1)) x = dict[1]; // $ Alert + if (dict.ContainsKey(1) && dict[1] == 2) ; // $ Alert + if (!dict.ContainsKey(1) && dict[1] == 2) ; // $ Alert + if (!dict.ContainsKey(1) || dict[1] == 2) ; // $ Alert + if (dict.ContainsKey(1) || dict[1] == 2) ; // $ Alert - if (dict.ContainsKey(1)) + if (dict.ContainsKey(1)) // $ Alert x = dict[1]; else x = dict[1]; - if (!dict.ContainsKey(1)) + if (!dict.ContainsKey(1)) // $ Alert x = dict[1]; else x = dict[1]; - x = dict.ContainsKey(1) ? dict[1] : dict[1]; - x = !dict.ContainsKey(1) ? dict[1] : dict[1]; - x = true && !dict.ContainsKey(1) ? dict[1] : dict[1]; + x = dict.ContainsKey(1) ? dict[1] : dict[1]; // $ Alert + x = !dict.ContainsKey(1) ? dict[1] : dict[1]; // $ Alert + x = true && !dict.ContainsKey(1) ? dict[1] : dict[1]; // $ Alert // GOOD: Different index if (dict.ContainsKey(0)) x = dict[1]; diff --git a/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.qlref b/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.qlref index 13889c6245f..5ca355f7824 100644 --- a/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.qlref +++ b/csharp/ql/test/query-tests/Performance/UseTryGetValue/UseTryGetValue.qlref @@ -1 +1,2 @@ -Performance/UseTryGetValue.ql \ No newline at end of file +query: Performance/UseTryGetValue.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.cs b/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.cs index f9914566bb9..b627b6e65b3 100644 --- a/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.cs +++ b/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.cs @@ -6,11 +6,11 @@ class Test { // Test variable scope - IList v1 = new List(); // BAD: private scope + IList v1 = new List(); // $ Alert // BAD: private scope void f() { - var v2 = new List(); // BAD: local scope + var v2 = new List(); // $ Alert // BAD: local scope var x = v1.Contains(1); var y = v2.Contains(2); } @@ -27,7 +27,7 @@ class Test // Test initializer IList n3 = new List { 1, 2, 3 }; // GOOD: initialized - IList v3; // BAD: unassigned + IList v3; // $ Alert // BAD: unassigned void h() { @@ -52,7 +52,7 @@ class Test n5 = new List { 1, 2, 3 }; n5.Contains(1); - var v4 = new List(); // BAD: assigned only from empty list + var v4 = new List(); // $ Alert // BAD: assigned only from empty list v4 = new List(); v4.Contains(1); @@ -73,30 +73,30 @@ class Test void f4() { - var v5 = new Dictionary(); // BAD + var v5 = new Dictionary(); // $ Alert // BAD v5.ContainsKey(1); v5.ContainsValue(1); v5.GetEnumerator(); var tmp = new HashSet(); - var v6 = new HashSet(); // BAD + var v6 = new HashSet(); // $ Alert // BAD v6.IsSubsetOf(tmp); v6.IsProperSubsetOf(tmp); v6.IsSupersetOf(tmp); v6.IsProperSupersetOf(tmp); - var v7 = new LinkedList(); // BAD + var v7 = new LinkedList(); // $ Alert // BAD v7.Contains(1); - var v8 = new Queue(); // BAD + var v8 = new Queue(); // $ Alert // BAD v8.Dequeue(); v8.Peek(); v8.ToArray(); - var v9 = new Stack(); // BAD + var v9 = new Stack(); // $ Alert // BAD v9.Pop(); - var v10 = new List(); // BAD: property access + var v10 = new List(); // $ Alert // BAD: property access var x = v10.Count; } @@ -118,7 +118,7 @@ class Test void f6() { - var v11 = new Dictionary(); // BAD: read by Index + var v11 = new Dictionary(); // $ Alert // BAD: read by Index var x = v11[1]; var n12 = new Dictionary(); // GOOD: written by Index @@ -155,7 +155,7 @@ class Test void f9() { - var l1 = new MyList(); // BAD + var l1 = new MyList(); // $ Alert // BAD var x1 = l1[0]; var l2 = new MyList(); // GOOD diff --git a/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.qlref b/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.qlref index 2f4f5248a6b..623d63c7505 100644 --- a/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.qlref +++ b/csharp/ql/test/query-tests/ReadOnlyContainer/ReadOnlyContainer.qlref @@ -1 +1,2 @@ -Likely Bugs/Collections/ReadOnlyContainer.ql \ No newline at end of file +query: Likely Bugs/Collections/ReadOnlyContainer.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-011/ASPNetDebug.qlref b/csharp/ql/test/query-tests/Security Features/CWE-011/ASPNetDebug.qlref index da2dbc17be0..f197b183e75 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-011/ASPNetDebug.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-011/ASPNetDebug.qlref @@ -1 +1,2 @@ -Security Features/CWE-011/ASPNetDebug.ql \ No newline at end of file +query: Security Features/CWE-011/ASPNetDebug.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-011/bad1/Web.config b/csharp/ql/test/query-tests/Security Features/CWE-011/bad1/Web.config index ffc04c240fa..c79a46e2c88 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-011/bad1/Web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-011/bad1/Web.config @@ -4,6 +4,6 @@ + /> diff --git a/csharp/ql/test/query-tests/Security Features/CWE-011/bad2/Web.config b/csharp/ql/test/query-tests/Security Features/CWE-011/bad2/Web.config index ffc04c240fa..c79a46e2c88 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-011/bad2/Web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-011/bad2/Web.config @@ -4,6 +4,6 @@ + /> diff --git a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/ASPNetMaxRequestLength.qlref b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/ASPNetMaxRequestLength.qlref index 7469d5d2e98..5c2fc1ad4f6 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/ASPNetMaxRequestLength.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/ASPNetMaxRequestLength.qlref @@ -1 +1,2 @@ -Security Features/CWE-016/ASPNetMaxRequestLength.ql \ No newline at end of file +query: Security Features/CWE-016/ASPNetMaxRequestLength.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/bad/Web.config b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/bad/Web.config index ea52bd2505b..a9e98986c4c 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/bad/Web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetMaxRequestLength/bad/Web.config @@ -1,6 +1,6 @@ - + - \ No newline at end of file + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequest.qlref b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequest.qlref index 2116949f754..5eaf78b95be 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequest.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequest.qlref @@ -1 +1,2 @@ -Security Features/CWE-016/ASPNetPagesValidateRequest.ql \ No newline at end of file +query: Security Features/CWE-016/ASPNetPagesValidateRequest.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequestBad.config b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequestBad.config index e8fbc48cb6e..927a73b39d0 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequestBad.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetPagesValidateRequest/ASPNetPagesValidateRequestBad.config @@ -1,5 +1,5 @@ - + - \ No newline at end of file + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationMode.qlref b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationMode.qlref index 86ac5072842..c057ae5aa6c 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationMode.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationMode.qlref @@ -1 +1,2 @@ -Security Features/CWE-016/ASPNetRequestValidationMode.ql \ No newline at end of file +query: Security Features/CWE-016/ASPNetRequestValidationMode.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationModeBad.config b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationModeBad.config index e2c8b8dc903..2a9be99dc51 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationModeBad.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-016/ASPNetRequestValidationMode/ASPNetRequestValidationModeBad.config @@ -1,5 +1,5 @@ - + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-020/ExternalAPIsUsedWithUntrustedData.qlref b/csharp/ql/test/query-tests/Security Features/CWE-020/ExternalAPIsUsedWithUntrustedData.qlref index 68f234e9d37..44a26f7eb0f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-020/ExternalAPIsUsedWithUntrustedData.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-020/ExternalAPIsUsedWithUntrustedData.qlref @@ -1 +1 @@ -Security Features/CWE-020/ExternalAPIsUsedWithUntrustedData.ql \ No newline at end of file +query: Security Features/CWE-020/ExternalAPIsUsedWithUntrustedData.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypass.cs b/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypass.cs index aea3c4e244f..4be65381f5a 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypass.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypass.cs @@ -17,7 +17,7 @@ public class Test1 [OnDeserializing] public void Deserialize() { - f = GetString(); // BAD, non-constant and non-object creation expr + f = GetString(); // $ Alert[cs/serialization-check-bypass] // BAD, non-constant and non-object creation expr } string GetString() { throw null; } @@ -123,7 +123,7 @@ public class Test5 : ISerializable [OnDeserializing] void ISerializable.GetObjectData(SerializationInfo info, StreamingContext context) { - Age = info.GetInt32("age"); // BAD + Age = info.GetInt32("age"); // $ Alert[cs/serialization-check-bypass] // BAD } } @@ -167,7 +167,7 @@ public class Test7 : ISerializable int age = info.GetInt32("age"); if (false) throw new SerializationException("age"); - Age = age; // BAD + Age = age; // $ Alert[cs/serialization-check-bypass] // BAD } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypassBad.cs b/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypassBad.cs index 5d89942f9fe..c41bbf776b1 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypassBad.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksBypassBad.cs @@ -16,6 +16,6 @@ public class PersonBad : ISerializable [OnDeserializing] void ISerializable.GetObjectData(SerializationInfo info, StreamingContext context) { - Age = info.GetInt32("age"); // BAD - write is unsafe + Age = info.GetInt32("age"); // $ Alert[cs/serialization-check-bypass] // BAD - write is unsafe } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksbypass.qlref b/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksbypass.qlref index c5615a7415c..375a7f00e55 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksbypass.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-020/RuntimeChecksbypass.qlref @@ -1 +1,2 @@ -Security Features/CWE-020/RuntimeChecksBypass.ql \ No newline at end of file +query: Security Features/CWE-020/RuntimeChecksBypass.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedData.cs b/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedData.cs index 7b0f789c2ae..997ecc4f5cd 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedData.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedData.cs @@ -6,11 +6,11 @@ public class UntrustedData : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - var name = ctx.Request.QueryString["name"]; + var name = ctx.Request.QueryString["name"]; // $ Alert[cs/untrusted-data-to-external-api]=r1 $ Alert[cs/untrusted-data-to-external-api]=r1 $ Source[cs/untrusted-data-to-external-api]=r2 var len = name.Length; var myEncodedString = HttpUtility.HtmlEncode(name); - ctx.Response.Write(name); + ctx.Response.Write(name); // $ Alert[cs/untrusted-data-to-external-api]=r2 } public bool IsReusable => true; diff --git a/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedDataToExternalAPI.qlref b/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedDataToExternalAPI.qlref index 22d3fe2ef63..65b60310508 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedDataToExternalAPI.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedDataToExternalAPI.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-020/UntrustedDataToExternalAPI.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.cs b/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.cs index 3ea90facfd3..3881cc9179b 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.cs @@ -7,14 +7,14 @@ public class TaintedPathHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { - String path = ctx.Request.QueryString["page"]; + String path = ctx.Request.QueryString["page"]; // $ Source=r1 Source=r2 Source=r3 Source=r4 Source=r5 Source=r6 Source=r7 // BAD: Used via a File.Create... call. - using (StreamWriter sw = File.CreateText(path)) + using (StreamWriter sw = File.CreateText(path)) // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 { sw.WriteLine("Hello"); } // BAD: Used via StreamWriter constructor - using (StreamWriter sw = new StreamWriter(path)) + using (StreamWriter sw = new StreamWriter(path)) // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 { sw.WriteLine("Hello"); } @@ -22,20 +22,20 @@ public class TaintedPathHandler : IHttpHandler // BAD: Check is insufficient, text is read. if (!path.StartsWith("../")) { - File.ReadAllText(path); + File.ReadAllText(path); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 } // BAD: Check is insufficient, text is read. if (!string.IsNullOrEmpty(path)) { - File.ReadAllText(path); + File.ReadAllText(path); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 } // BAD: Check is insufficient, text is read. string badPath = "/home/user/" + path; - if (File.Exists(badPath)) + if (File.Exists(badPath)) // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 { - ctx.Response.Write(File.ReadAllText(badPath)); + ctx.Response.Write(File.ReadAllText(badPath)); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 } // GOOD: Tainted path is passed through MapPath @@ -48,7 +48,7 @@ public class TaintedPathHandler : IHttpHandler File.ReadAllText(path); } - Directory.Exists(path); + Directory.Exists(path); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 // GOOD: A Guid. File.ReadAllText(new Guid(path).ToString()); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.qlref b/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.qlref index 10abc41286c..9ab7666c8f1 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.qlref @@ -1,3 +1,5 @@ query: Security Features/CWE-022/TaintedPath.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.cs b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.cs index 1ec93bba3ed..977765b2f16 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.cs @@ -12,15 +12,15 @@ namespace ZipSlip { foreach (var entry in archive.Entries) { - string fullPath = Path.GetFullPath(entry.FullName); + string fullPath = Path.GetFullPath(entry.FullName); // $ Alert=r1 Alert=r2 Alert=r3 string fileName = Path.GetFileName(entry.FullName); string filename = entry.Name; - string file = entry.FullName; + string file = entry.FullName; // $ Alert=r4 if (!string.IsNullOrEmpty(file)) { // BAD string destFileName = Path.Combine(destDirectory, file); - entry.ExtractToFile(destFileName, true); + entry.ExtractToFile(destFileName, true); // $ Sink=r4 // GOOD string sanitizedFileName = Path.Combine(destDirectory, fileName); @@ -28,15 +28,15 @@ namespace ZipSlip // BAD string destFilePath = Path.Combine(destDirectory, fullPath); - entry.ExtractToFile(destFilePath, true); + entry.ExtractToFile(destFilePath, true); // $ Sink=r1 Sink=r2 Sink=r3 // BAD: destFilePath isn't fully resolved, so may still contain .. if (destFilePath.StartsWith(destDirectory)) - entry.ExtractToFile(destFilePath, true); + entry.ExtractToFile(destFilePath, true); // $ Sink=r2 Sink=r1 Sink=r3 // BAD destFilePath = Path.GetFullPath(Path.Combine(destDirectory, fullPath)); - entry.ExtractToFile(destFilePath, true); + entry.ExtractToFile(destFilePath, true); // $ Sink=r3 Sink=r1 Sink=r2 // GOOD: a check for StartsWith against a fully resolved path if (destFilePath.StartsWith(destDirectory)) @@ -58,28 +58,28 @@ namespace ZipSlip foreach (ZipArchiveEntry entry in archive.Entries) { // figure out where we are putting the file - String destFilePath = Path.Combine(InstallDir, entry.FullName); + String destFilePath = Path.Combine(InstallDir, entry.FullName); // $ Alert=r5 Alert=r6 Alert=r7 Alert=r8 Directory.CreateDirectory(Path.GetDirectoryName(destFilePath)); using (Stream archiveFileStream = entry.Open()) { // BAD: writing to file stream - using (Stream tfsFileStream = new FileStream(destFilePath, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.None)) + using (Stream tfsFileStream = new FileStream(destFilePath, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.None)) // $ Sink=r5 Sink=r6 Sink=r7 Sink=r8 { Console.WriteLine(@"Writing ""{0}""", destFilePath); archiveFileStream.CopyTo(tfsFileStream); } // BAD: can do it this way too - using (Stream tfsFileStream = File.Create(destFilePath)) + using (Stream tfsFileStream = File.Create(destFilePath)) // $ Sink=r6 Sink=r5 Sink=r7 Sink=r8 { Console.WriteLine(@"Writing ""{0}""", destFilePath); archiveFileStream.CopyTo(tfsFileStream); } // BAD: creating stream using fileInfo - var fileInfo = new FileInfo(destFilePath); + var fileInfo = new FileInfo(destFilePath); // $ Sink=r7 Sink=r5 Sink=r6 Sink=r8 using (FileStream fs = fileInfo.OpenWrite()) { Console.WriteLine(@"Writing ""{0}""", destFilePath); @@ -87,7 +87,7 @@ namespace ZipSlip } // BAD: creating stream using fileInfo - var fileInfo1 = new FileInfo(destFilePath); + var fileInfo1 = new FileInfo(destFilePath); // $ Sink=r8 Sink=r5 Sink=r6 Sink=r7 using (FileStream fs = fileInfo1.Open(FileMode.Create)) { Console.WriteLine(@"Writing ""{0}""", destFilePath); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.qlref b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.qlref index f8a7ab34e88..9d8f3ad5a64 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-022/ZipSlip.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlipBad.cs b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlipBad.cs index fb6bce23b72..eb5e84fd291 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlipBad.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlipBad.cs @@ -6,7 +6,7 @@ class Bad public static void WriteToDirectory(ZipArchiveEntry entry, string destDirectory) { - string destFileName = Path.Combine(destDirectory, entry.FullName); - entry.ExtractToFile(destFileName); + string destFileName = Path.Combine(destDirectory, entry.FullName); // $ Alert=r9 + entry.ExtractToFile(destFileName); // $ Sink=r9 } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.cs index df3db94b433..9a1e0ce5548 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.cs @@ -24,16 +24,16 @@ namespace Test public void WebCommandInjection() { // BAD: Reading from textbox, then using that in the arguments and file name - string userInput = categoryTextBox.Text; - Process.Start("foo.exe" + userInput, "/c " + userInput); + string userInput = categoryTextBox.Text; // $ Source=r1 Source=r2 Source=r3 Source=r4 Source=r5 Source=r6 Source=r7 + Process.Start("foo.exe" + userInput, "/c " + userInput); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 - ProcessStartInfo startInfo = new ProcessStartInfo(userInput, userInput); + ProcessStartInfo startInfo = new ProcessStartInfo(userInput, userInput); // $ Alert=r3 Alert=r4 Alert=r1 Alert=r2 Alert=r5 Alert=r6 Alert=r7 Process.Start(startInfo); ProcessStartInfo startInfoProps = new ProcessStartInfo(); - startInfoProps.FileName = userInput; - startInfoProps.Arguments = userInput; - startInfoProps.WorkingDirectory = userInput; + startInfoProps.FileName = userInput; // $ Alert=r5 Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r6 Alert=r7 + startInfoProps.Arguments = userInput; // $ Alert=r6 Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r7 + startInfoProps.WorkingDirectory = userInput; // $ Alert=r7 Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Process.Start(startInfoProps); } @@ -43,12 +43,12 @@ namespace Test { connection.Open(); SqlCommand customerCommand = new SqlCommand("SELECT * FROM customers", connection); - SqlDataReader customerReader = customerCommand.ExecuteReader(); + SqlDataReader customerReader = customerCommand.ExecuteReader(); // $ Source=r8 while (customerReader.Read()) { // BAD: Read from database, and use it to directly execute a command - Process.Start("foo.exe", "/c " + customerReader.GetString(1)); + Process.Start("foo.exe", "/c " + customerReader.GetString(1)); // $ Alert=r8 } customerReader.Close(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.qlref index 366f5105393..60798337039 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-078/CommandInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.cs index 1096634b690..65c6d44ee67 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.cs @@ -14,12 +14,12 @@ namespace Test { connection.Open(); SqlCommand customerCommand = new SqlCommand("SELECT * FROM customers", connection); - SqlDataReader customerReader = customerCommand.ExecuteReader(); + SqlDataReader customerReader = customerCommand.ExecuteReader(); // $ Source=r1 while (customerReader.Read()) { // BAD: Read from database, write it straight to a response - context.Response.Write("Orders for " + customerReader.GetString(1)); + context.Response.Write("Orders for " + customerReader.GetString(1)); // $ Alert=r1 } customerReader.Close(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.qlref b/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.qlref index 89b5b951bdb..a71d4784670 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-079/XSS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.cs index eba40b891d5..7c67ad8f965 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.cs @@ -23,10 +23,10 @@ namespace Test { // BAD: Reading from textbox, then writing an amended value to a control that does not HTML encode StringBuilder userInput = new StringBuilder(); - userInput.AppendFormat("{0} test", categoryTextBox.Text); - calendar.Caption = userInput.ToString(); - table.Caption = userInput.ToString(); - label.Text = userInput.ToString(); + userInput.AppendFormat("{0} test", categoryTextBox.Text); // $ Source=r1 $ Source=r2 $ Source=r3 + calendar.Caption = userInput.ToString(); // $ Alert=r1 $ Alert=r2 $ Alert=r3 + table.Caption = userInput.ToString(); // $ Alert=r2 $ Alert=r1 $ Alert=r3 + label.Text = userInput.ToString(); // $ Alert=r3 $ Alert=r1 $ Alert=r2 // GOOD: Reading from textbox, then writing an amended value to a control that does HTML encode categoryTextBox.Text = userInput.ToString(); @@ -35,8 +35,8 @@ namespace Test public void processRequest(HttpContext context) { // BAD: Read user input from a request, write it straight to a response - string name = context.Request.QueryString["name"]; - context.Response.Write(name); + string name = context.Request.QueryString["name"]; // $ Source=r4 + context.Response.Write(name); // $ Alert=r4 // GOOD: Read user input from a request, but encode it before writing to the response string name2 = context.Request.QueryString["name"]; @@ -55,9 +55,9 @@ namespace Test public void mvcProcess(HttpContext context) { // BAD: Mimic what happens in cshtml pages - string name = context.Request.Unvalidated.QueryString["name"]; + string name = context.Request.Unvalidated.QueryString["name"]; // $ Source=r5 HtmlHelper html = new HtmlHelper(null, null); - html.Raw(name); + html.Raw(name); // $ Alert=r5 } public void listener(HttpContext context) @@ -73,27 +73,27 @@ namespace Test public void contextBase(HttpContextBase context) { // BAD: Writing user input directly to a HttpListenerResponse - string name = context.Request.QueryString["name"]; - context.Response.Write(name); + string name = context.Request.QueryString["name"]; // $ Source=r6 + context.Response.Write(name); // $ Alert=r6 // BAD: Writing user input directly to a HttpListenerResponse - string name2 = context.Request["name"]; - context.Response.Write(name2); + string name2 = context.Request["name"]; // $ Source=r7 + context.Response.Write(name2); // $ Alert=r7 } public void htmlStrings(HttpContextBase context) { // BAD: Writing user input into a HtmlString without encoding - string name = context.Request.QueryString["name"]; - new HtmlString(name); - new MvcHtmlString(name); + string name = context.Request.QueryString["name"]; // $ Source=r8 $ Source=r9 + new HtmlString(name); // $ Alert=r8 $ Alert=r9 + new MvcHtmlString(name); // $ Alert=r9 $ Alert=r8 new MyHtmlString(context.Request); } public void WebContent(HttpContextBase context) { // BAD: Writing user input into a StringContent without encoding - string name = context.Request.QueryString["name"]; - new StringContent(name); + string name = context.Request.QueryString["name"]; // $ Source=r10 + new StringContent(name); // $ Alert=r10 } public void HtmlEncoded(HttpContextBase context) @@ -137,7 +137,7 @@ namespace Test public string ToHtmlString() { - return Request.RawUrl; + return Request.RawUrl; // $ Alert=r11 $ Alert=r11 } } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.qlref b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.qlref index 89b5b951bdb..a71d4784670 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-079/XSS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/script.aspx b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/script.aspx index 5dd4830d756..7581e301c02 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/script.aspx +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/script.aspx @@ -9,13 +9,13 @@ diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Shared/Test18.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Shared/Test18.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Shared/Test18.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Shared/Test18.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Test4/Test17.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Test4/Test17.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Test4/Test17.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Areas/TestArea/Views/Test4/Test17.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Controllers/TestController.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Controllers/TestController.cs index 001c83b9f34..104a4671b2a 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Controllers/TestController.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Controllers/TestController.cs @@ -10,59 +10,59 @@ public class UserData } public class TestController : Controller { - public IActionResult test1(UserData tainted1) { + public IActionResult test1(UserData tainted1) { // $ Source[cs/web/xss] // Expected to find file /Views/Test/Test1.cshtml return View("Test1", tainted1); } - public IActionResult test2(UserData tainted2) { + public IActionResult test2(UserData tainted2) { // $ Source[cs/web/xss] // Expected to find file /Views/Shared/Test2.cshtml return View("Test2", tainted2); } - public IActionResult test3(UserData tainted3) { + public IActionResult test3(UserData tainted3) { // $ Source[cs/web/xss] // Expected to find file /Views/Test/Test3.cshtml and NOT /Views/Shared/Test3.cshtml return View("Test3", tainted3); } - public IActionResult test4(UserData tainted4) { + public IActionResult test4(UserData tainted4) { // $ Source[cs/web/xss] // Expected to find file /Views/Test/Test4.cshtml return View("./Test4", tainted4); } - public IActionResult test5(UserData tainted5) { + public IActionResult test5(UserData tainted5) { // $ Source[cs/web/xss] // Expected to find file /Views/Other/Test5.cshtml return View("../Other/Test5", tainted5); } - public IActionResult test6(UserData tainted6) { + public IActionResult test6(UserData tainted6) { // $ Source[cs/web/xss] // Expected to find file /Views/Other/Test6.cshtml return View("../../Views/.////Shared/../Other//Test6", tainted6); } - public IActionResult Test7(UserData tainted7) { + public IActionResult Test7(UserData tainted7) { // $ Source[cs/web/xss] // Expected to find file /Views/Test/Test7.cshtml return View(tainted7); } - public IActionResult test8(UserData tainted8) { + public IActionResult test8(UserData tainted8) { // $ Source[cs/web/xss] // Expected to find file /Views/Other/Test8.cshtml return View("/Views/Other/Test8.cshtml", tainted8); } - public IActionResult test9(UserData tainted9) { + public IActionResult test9(UserData tainted9) { // $ Source[cs/web/xss] // Expected to find file /Views/Test/Test9.cshtml return View("~/Views/Other/Test9.cshtml", tainted9); } } -public class Test2Controller : Controller { - public IActionResult test10(UserData tainted10) { +public class Test2Controller : Controller { + public IActionResult test10(UserData tainted10) { // $ Source[cs/web/xss] // Expected to find file /Views/Test2/Test10.cshtml return View("Test10", tainted10); } - public IActionResult test11(UserData tainted11) { + public IActionResult test11(UserData tainted11) { // $ Source[cs/web/xss] // Expected to find file /Views/Test2/Test10.cshtml return helper(tainted11); } @@ -76,14 +76,14 @@ public class Test2Controller : Controller { private IActionResult helper2(UserData x) { return View(x); - } + } - public IActionResult test13(UserData tainted13) { - // Expected to find file /Views/Other/Test13.cshtml. + public IActionResult test13(UserData tainted13) { // $ Source[cs/web/xss] + // Expected to find file /Views/Other/Test13.cshtml. return Helper.helper3(this, tainted13); } - public IActionResult test14(UserData tainted14) { + public IActionResult test14(UserData tainted14) { // $ Source[cs/web/xss] // Expected to find file /Views/Shared/Test14.cshtml and NOT /Views/Test2/Test14.cshtml return Helper.helper4(this, tainted14); } @@ -103,12 +103,12 @@ public class Test3Controller : Controller { o.AreaViewLocationFormats.Add("/MyAreas/{2}/{1}/{0}.cshtml"); } - public IActionResult Test15(UserData tainted15) { + public IActionResult Test15(UserData tainted15) { // $ Source[cs/web/xss] // Expected to find file /Views/Custom/Test3/Test15.cshtml return View(tainted15); } - public IActionResult test16(UserData tainted16) { + public IActionResult test16(UserData tainted16) { // $ Source[cs/web/xss] // Expected to find file /Views/Custom2/Test16.cshtml return View("Test16", tainted16); } @@ -116,17 +116,17 @@ public class Test3Controller : Controller { [Area("TestArea")] public class Test4Controller : Controller { - public IActionResult test17(UserData tainted17) { + public IActionResult test17(UserData tainted17) { // $ Source[cs/web/xss] // Expected to find file /Areas/TestArea/Views/Test4/Test17.cshtml return View("Test17", tainted17); } - public IActionResult test18(UserData tainted18) { + public IActionResult test18(UserData tainted18) { // $ Source[cs/web/xss] // Expected to find file /Areas/TestArea/Views/Shared/Test17.cshtml return View("Test18", tainted18); } - public IActionResult test19(UserData tainted19) { + public IActionResult test19(UserData tainted19) { // $ Source[cs/web/xss] // Expected to find file /Views/Shared/Test19.cshtml return View("Test19", tainted19); } @@ -136,7 +136,7 @@ public class Test4Controller : Controller { return View("Test20", tainted20); } - public IActionResult test21(UserData tainted21) { + public IActionResult test21(UserData tainted21) { // $ Source[cs/web/xss] // Expected to find file /Pages/Shared/Test21.cshtml return View("Test21", tainted21); } @@ -146,10 +146,10 @@ public class Test4Controller : Controller { return View("Test22", tainted22); } - public IActionResult test23(string tainted23) { + public IActionResult test23(string tainted23) { // $ Source[cs/web/xss] // Expected to find file /Views/Shared/Test23.cshtml UserData x = new UserData(); x.Name = tainted23; return View("Test23", x); } -} \ No newline at end of file +} diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Shared_Test18.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Shared_Test18.cshtml.g.cs index 52b0510994e..a167f928b9d 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Shared_Test18.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Shared_Test18.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Areas/TestArea/Views/Shared/Test18.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Test4_Test17.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Test4_Test17.cshtml.g.cs index 5d33dbbed54..09db41110ec 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Test4_Test17.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Test4_Test17.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Areas/TestArea/Views/Test4/Test17.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Pages_Shared_Test21.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Pages_Shared_Test21.cshtml.g.cs index c75acc2aaa9..d48b61162d4 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Pages_Shared_Test21.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Pages_Shared_Test21.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Pages/Shared/Test21.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Template.g b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Template.g index 0fa1767db71..39f32de2385 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Template.g +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Template.g @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../$PATHSLASH" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom2_Test16.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom2_Test16.cshtml.g.cs index 82ed6254956..7046d354ca1 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom2_Test16.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom2_Test16.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Custom2/Test16.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom_Test3_Test15.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom_Test3_Test15.cshtml.g.cs index eb366a727b6..02299c594ab 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom_Test3_Test15.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom_Test3_Test15.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Custom/Test3/Test15.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test13.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test13.cshtml.g.cs index 240733439bc..b14feb49a9e 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test13.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test13.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Other/Test13.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test5.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test5.cshtml.g.cs index f51631b536a..9a52fc9a2b3 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test5.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test5.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Other/Test5.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test6.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test6.cshtml.g.cs index fbbd4e99798..c90a27f3839 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test6.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test6.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Other/Test6.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test8.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test8.cshtml.g.cs index c3643f4dd2f..4dc0609afda 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test8.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test8.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Other/Test8.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test9.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test9.cshtml.g.cs index 0a839142450..6d01891394e 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test9.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test9.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Other/Test9.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test14.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test14.cshtml.g.cs index d42efb18be2..7576b670048 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test14.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test14.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Shared/Test14.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test19.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test19.cshtml.g.cs index cd20980fb4d..dbd85b4efca 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test19.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test19.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Shared/Test19.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test2.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test2.cshtml.g.cs index 0fbdbfd2f0f..d82ceef1adf 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test2.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test2.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Shared/Test2.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test23.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test23.cshtml.g.cs index 218968593b9..6bed92ac075 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test23.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test23.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Shared/Test23.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test10.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test10.cshtml.g.cs index dbb7f68a284..2c5e00cb75e 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test10.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test10.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Test2/Test10.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test11.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test11.cshtml.g.cs index 069bbd688f9..3513fdc4f7b 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test11.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test11.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Test2/Test11.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test1.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test1.cshtml.g.cs index 30123d04467..87a7400dcb9 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test1.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test1.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Test/Test1.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test3.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test3.cshtml.g.cs index ade57ee3476..99381e47b12 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test3.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test3.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Test/Test3.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test4.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test4.cshtml.g.cs index 583c0a35b1a..a8871759326 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test4.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test4.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Test/Test4.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test7.cshtml.g.cs b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test7.cshtml.g.cs index 710cc34bd07..6a2379e80fe 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test7.cshtml.g.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test7.cshtml.g.cs @@ -34,7 +34,7 @@ using test; WriteLiteral("

Hello \""); #nullable restore #line 8 "../Views/Test/Test7.cshtml" -Write(Html.Raw(Model.Name)); +Write(Html.Raw(Model.Name)); // $ Alert[cs/web/xss] #line default #line hidden diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/MyAreas/Test4/Test22.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/MyAreas/Test4/Test22.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/MyAreas/Test4/Test22.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/MyAreas/Test4/Test22.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Pages/Shared/Test21.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Pages/Shared/Test21.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Pages/Shared/Test21.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Pages/Shared/Test21.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom/Test3/Test15.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom/Test3/Test15.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom/Test3/Test15.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom/Test3/Test15.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom2/Test16.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom2/Test16.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom2/Test16.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Custom2/Test16.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test13.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test13.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test13.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test13.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test5.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test5.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test5.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test5.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test6.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test6.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test6.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test6.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test8.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test8.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test8.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test8.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test9.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test9.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test9.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Other/Test9.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test12.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test12.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test12.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test12.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test14.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test14.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test14.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test14.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test19.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test19.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test19.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test19.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test2.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test2.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test2.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test2.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test23.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test23.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test23.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test23.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test3.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test3.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test3.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Shared/Test3.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test1.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test1.cshtml index 74a8eab1c71..ec7a4fd58ff 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test1.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test1.cshtml @@ -3,7 +3,8 @@ @{ } -@if (Model != null) +@if (Model \!= null) { -

Hello "@Html.Raw(Model.Name)"

-} \ No newline at end of file +

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} +} diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test3.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test3.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test3.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test3.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test4.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test4.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test4.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test4.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test7.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test7.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test7.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test/Test7.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test1.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test1.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test1.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test1.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test10.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test10.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test10.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test10.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test11.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test11.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test11.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test11.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test12.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test12.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test12.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test12.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test14.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test14.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test14.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test14.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test2.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test2.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test2.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test2.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test3.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test3.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test3.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test2/Test3.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test4/Test20.cshtml b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test4/Test20.cshtml index 74a8eab1c71..1cb5d2b6bfa 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test4/Test20.cshtml +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Views/Test4/Test20.cshtml @@ -5,5 +5,6 @@ @if (Model != null) { -

Hello "@Html.Raw(Model.Name)"

+

Hello "@Html.Raw(Model.Name)"

@{// $ Alert[cs/web/xss] +} } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.expected b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.expected index 70c8dcfbd11..4688d46192f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.expected +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.expected @@ -1,3 +1,24 @@ +#select +| Areas/TestArea/Views/Shared/Test18.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:124:42:124:50 | tainted18 : UserData | Areas/TestArea/Views/Shared/Test18.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:124:42:124:50 | tainted18 : UserData | User-provided value | +| Areas/TestArea/Views/Test4/Test17.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:119:42:119:50 | tainted17 : UserData | Areas/TestArea/Views/Test4/Test17.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:119:42:119:50 | tainted17 : UserData | User-provided value | +| Pages/Shared/Test21.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:139:42:139:50 | tainted21 : UserData | Pages/Shared/Test21.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:139:42:139:50 | tainted21 : UserData | User-provided value | +| Views/Custom2/Test16.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:111:42:111:50 | tainted16 : UserData | Views/Custom2/Test16.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:111:42:111:50 | tainted16 : UserData | User-provided value | +| Views/Custom/Test3/Test15.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:106:42:106:50 | tainted15 : UserData | Views/Custom/Test3/Test15.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:106:42:106:50 | tainted15 : UserData | User-provided value | +| Views/Other/Test5.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:33:41:33:48 | tainted5 : UserData | Views/Other/Test5.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:33:41:33:48 | tainted5 : UserData | User-provided value | +| Views/Other/Test6.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:38:41:38:48 | tainted6 : UserData | Views/Other/Test6.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:38:41:38:48 | tainted6 : UserData | User-provided value | +| Views/Other/Test8.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:48:41:48:48 | tainted8 : UserData | Views/Other/Test8.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:48:41:48:48 | tainted8 : UserData | User-provided value | +| Views/Other/Test9.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:53:41:53:48 | tainted9 : UserData | Views/Other/Test9.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:53:41:53:48 | tainted9 : UserData | User-provided value | +| Views/Other/Test13.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:81:42:81:50 | tainted13 : UserData | Views/Other/Test13.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:81:42:81:50 | tainted13 : UserData | User-provided value | +| Views/Shared/Test2.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:18:41:18:48 | tainted2 : UserData | Views/Shared/Test2.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:18:41:18:48 | tainted2 : UserData | User-provided value | +| Views/Shared/Test14.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:86:42:86:50 | tainted14 : UserData | Views/Shared/Test14.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:86:42:86:50 | tainted14 : UserData | User-provided value | +| Views/Shared/Test19.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:129:42:129:50 | tainted19 : UserData | Views/Shared/Test19.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:129:42:129:50 | tainted19 : UserData | User-provided value | +| Views/Shared/Test23.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:149:40:149:48 | tainted23 : String | Views/Shared/Test23.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:149:40:149:48 | tainted23 : String | User-provided value | +| Views/Test2/Test10.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:60:42:60:50 | tainted10 : UserData | Views/Test2/Test10.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:60:42:60:50 | tainted10 : UserData | User-provided value | +| Views/Test2/Test11.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:65:42:65:50 | tainted11 : UserData | Views/Test2/Test11.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:65:42:65:50 | tainted11 : UserData | User-provided value | +| Views/Test/Test1.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:13:41:13:48 | tainted1 : UserData | Views/Test/Test1.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:13:41:13:48 | tainted1 : UserData | User-provided value | +| Views/Test/Test3.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:23:41:23:48 | tainted3 : UserData | Views/Test/Test3.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:23:41:23:48 | tainted3 : UserData | User-provided value | +| Views/Test/Test4.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:28:41:28:48 | tainted4 : UserData | Views/Test/Test4.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:28:41:28:48 | tainted4 : UserData | User-provided value | +| Views/Test/Test7.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:43:41:43:48 | tainted7 : UserData | Views/Test/Test7.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:43:41:43:48 | tainted7 : UserData | User-provided value | edges | Areas/TestArea/Views/Shared/Test18.cshtml:8:16:8:20 | access to property Model : UserData | Areas/TestArea/Views/Shared/Test18.cshtml:8:16:8:25 | access to property Name | provenance | | | Areas/TestArea/Views/Test4/Test17.cshtml:8:16:8:20 | access to property Model : UserData | Areas/TestArea/Views/Test4/Test17.cshtml:8:16:8:25 | access to property Name | provenance | | @@ -157,24 +178,3 @@ nodes | Views/Test/Test7.cshtml:8:16:8:20 | access to property Model : UserData | semmle.label | access to property Model : UserData | | Views/Test/Test7.cshtml:8:16:8:25 | access to property Name | semmle.label | access to property Name | subpaths -#select -| Areas/TestArea/Views/Shared/Test18.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:124:42:124:50 | tainted18 : UserData | Areas/TestArea/Views/Shared/Test18.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:124:42:124:50 | tainted18 : UserData | User-provided value | -| Areas/TestArea/Views/Test4/Test17.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:119:42:119:50 | tainted17 : UserData | Areas/TestArea/Views/Test4/Test17.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:119:42:119:50 | tainted17 : UserData | User-provided value | -| Pages/Shared/Test21.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:139:42:139:50 | tainted21 : UserData | Pages/Shared/Test21.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:139:42:139:50 | tainted21 : UserData | User-provided value | -| Views/Custom2/Test16.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:111:42:111:50 | tainted16 : UserData | Views/Custom2/Test16.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:111:42:111:50 | tainted16 : UserData | User-provided value | -| Views/Custom/Test3/Test15.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:106:42:106:50 | tainted15 : UserData | Views/Custom/Test3/Test15.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:106:42:106:50 | tainted15 : UserData | User-provided value | -| Views/Other/Test5.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:33:41:33:48 | tainted5 : UserData | Views/Other/Test5.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:33:41:33:48 | tainted5 : UserData | User-provided value | -| Views/Other/Test6.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:38:41:38:48 | tainted6 : UserData | Views/Other/Test6.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:38:41:38:48 | tainted6 : UserData | User-provided value | -| Views/Other/Test8.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:48:41:48:48 | tainted8 : UserData | Views/Other/Test8.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:48:41:48:48 | tainted8 : UserData | User-provided value | -| Views/Other/Test9.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:53:41:53:48 | tainted9 : UserData | Views/Other/Test9.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:53:41:53:48 | tainted9 : UserData | User-provided value | -| Views/Other/Test13.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:81:42:81:50 | tainted13 : UserData | Views/Other/Test13.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:81:42:81:50 | tainted13 : UserData | User-provided value | -| Views/Shared/Test2.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:18:41:18:48 | tainted2 : UserData | Views/Shared/Test2.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:18:41:18:48 | tainted2 : UserData | User-provided value | -| Views/Shared/Test14.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:86:42:86:50 | tainted14 : UserData | Views/Shared/Test14.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:86:42:86:50 | tainted14 : UserData | User-provided value | -| Views/Shared/Test19.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:129:42:129:50 | tainted19 : UserData | Views/Shared/Test19.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:129:42:129:50 | tainted19 : UserData | User-provided value | -| Views/Shared/Test23.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:149:40:149:48 | tainted23 : String | Views/Shared/Test23.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:149:40:149:48 | tainted23 : String | User-provided value | -| Views/Test2/Test10.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:60:42:60:50 | tainted10 : UserData | Views/Test2/Test10.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:60:42:60:50 | tainted10 : UserData | User-provided value | -| Views/Test2/Test11.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:65:42:65:50 | tainted11 : UserData | Views/Test2/Test11.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:65:42:65:50 | tainted11 : UserData | User-provided value | -| Views/Test/Test1.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:13:41:13:48 | tainted1 : UserData | Views/Test/Test1.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:13:41:13:48 | tainted1 : UserData | User-provided value | -| Views/Test/Test3.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:23:41:23:48 | tainted3 : UserData | Views/Test/Test3.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:23:41:23:48 | tainted3 : UserData | User-provided value | -| Views/Test/Test4.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:28:41:28:48 | tainted4 : UserData | Views/Test/Test4.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:28:41:28:48 | tainted4 : UserData | User-provided value | -| Views/Test/Test7.cshtml:8:16:8:25 | access to property Name | Controllers/TestController.cs:43:41:43:48 | tainted7 : UserData | Views/Test/Test7.cshtml:8:16:8:25 | access to property Name | $@ flows to here and is written to HTML or JavaScript: Microsoft.AspNetCore.Mvc.ViewFeatures.HtmlHelper.Raw() method. | Controllers/TestController.cs:43:41:43:48 | tainted7 : UserData | User-provided value | diff --git a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.qlref b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.qlref index faad1d6403c..553ccc892d0 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.qlref @@ -1 +1,2 @@ -Security Features/CWE-079/XSS.ql \ No newline at end of file +query: Security Features/CWE-079/XSS.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.cs index ddd24e19729..d1f5b7e4ae8 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.cs @@ -9,36 +9,36 @@ public class LDAPInjectionHandler : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - string userName = ctx.Request.QueryString["username"]; + string userName = ctx.Request.QueryString["username"]; // $ Source=r1 Source=r2 Source=r3 Source=r4 Source=r5 Source=r6 // BAD: Filter includes user input without encoding - DirectorySearcher ds = new DirectorySearcher("accountname=" + userName); + DirectorySearcher ds = new DirectorySearcher("accountname=" + userName); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 DirectorySearcher ds2 = new DirectorySearcher(); - ds.Filter = "accountname=" + userName; + ds.Filter = "accountname=" + userName; // $ Alert=r2 Alert=r1 Alert=r3 Alert=r4 Alert=r5 Alert=r6 // GOOD: Filter includes user input with encoding DirectorySearcher ds3 = new DirectorySearcher("accountname=" + LDAPEncode(userName)); // BAD: SearchRequest Filter includes user input without encoding SearchRequest sr = new SearchRequest(); - sr.Filter = "accountname=" + userName; - SearchRequest sr2 = new SearchRequest(null, "accountname=" + userName, System.DirectoryServices.Protocols.SearchScope.Base, null); + sr.Filter = "accountname=" + userName; // $ Alert=r3 Alert=r1 Alert=r2 Alert=r4 Alert=r5 Alert=r6 + SearchRequest sr2 = new SearchRequest(null, "accountname=" + userName, System.DirectoryServices.Protocols.SearchScope.Base, null); // $ Alert=r4 Alert=r1 Alert=r2 Alert=r3 Alert=r5 Alert=r6 // BAD: Distinguished Name includes user input without encoding - DirectoryEntry de = new DirectoryEntry("LDAP://Cn=" + userName); + DirectoryEntry de = new DirectoryEntry("LDAP://Cn=" + userName); // $ Alert=r5 Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r6 DirectoryEntry de2 = new DirectoryEntry(); - de2.Path = "LDAP://Cn=" + userName; + de2.Path = "LDAP://Cn=" + userName; // $ Alert=r6 Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 using (SqlConnection connection = new SqlConnection("")) { connection.Open(); SqlCommand customerCommand = new SqlCommand("SELECT * FROM customers", connection); - SqlDataReader customerReader = customerCommand.ExecuteReader(); + SqlDataReader customerReader = customerCommand.ExecuteReader(); // $ Source=r7 while (customerReader.Read()) { // BAD: Read from database, write it straight to a response - DirectorySearcher ds4 = new DirectorySearcher("accountname=" + customerReader.GetString(1)); + DirectorySearcher ds4 = new DirectorySearcher("accountname=" + customerReader.GetString(1)); // $ Alert=r7 } customerReader.Close(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.qlref index 06bd1eedc4f..13eefd4645f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-090/LDAPInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/Test.cs b/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/Test.cs index f9dd6f3289e..cf39ad9d397 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/Test.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/Test.cs @@ -5,14 +5,14 @@ using System.Xml; public class XMLInjectionHandler : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - string employeeName = ctx.Request.QueryString["employeeName"]; + string employeeName = ctx.Request.QueryString["employeeName"]; // $ Source=r1 using (XmlWriter writer = XmlWriter.Create("employees.xml")) { writer.WriteStartDocument(); // BAD: Insert user input directly into XML - writer.WriteRaw("" + employeeName + ""); + writer.WriteRaw("" + employeeName + ""); // $ Alert=r1 // GOOD: Escape user input before inserting into string writer.WriteRaw("" + SecurityElement.Escape(employeeName) + ""); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/XMLInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/XMLInjection.qlref index e39297fce16..96779d60ccb 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/XMLInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/XMLInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-091/XMLInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.cs index e03bc9821f5..c0acbd2bb72 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.cs @@ -20,13 +20,13 @@ public class CommandInjectionHandler : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - string code = ctx.Request.QueryString["code"]; + string code = ctx.Request.QueryString["code"]; // $ Source=r1 Source=r2 CSharpCodeProvider c = new CSharpCodeProvider(); ICodeCompiler icc = c.CreateCompiler(); CompilerParameters cp = new CompilerParameters(); // BAD: Compiling unvalidated code from the user - CompilerResults cr = icc.CompileAssemblyFromSource(cp, code); + CompilerResults cr = icc.CompileAssemblyFromSource(cp, code); // $ Alert=r1 Alert=r2 System.Reflection.Assembly a = cr.CompiledAssembly; object o = a.CreateInstance("MyNamespace.MyClass"); @@ -37,7 +37,7 @@ public class CommandInjectionHandler : IHttpHandler object s = mi.Invoke(o, null); // BAD: Use the Roslyn APIs to dynamically evaluate C# - CSharpScript.EvaluateAsync(code); + CSharpScript.EvaluateAsync(code); // $ Alert=r1 Alert=r2 } public bool IsReusable @@ -53,6 +53,6 @@ public class CommandInjectionHandler : IHttpHandler void OnButtonClicked() { // BAD: Use the Roslyn APIs to dynamically evaluate C# - CSharpScript.EvaluateAsync(box1.Text); + CSharpScript.EvaluateAsync(box1.Text); // $ Alert=r3 Alert=r3 } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.qlref index 80eedc1b4c7..53389dffbe4 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-094/CodeInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.cs index aed9219090a..ad74e0f1413 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.cs @@ -5,12 +5,12 @@ public class ResourceInjectionHandler : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - string userName = ctx.Request.QueryString["userName"]; + string userName = ctx.Request.QueryString["userName"]; // $ Source=r1 Source=r2 string connectionString = "server=(local);user id=" + userName + ";password= pass;"; // BAD: Direct use of user input in a connection string for the constructor - SqlConnection sqlConnection = new SqlConnection(connectionString); + SqlConnection sqlConnection = new SqlConnection(connectionString); // $ Alert=r1 Alert=r2 // BAD: Direct use of user input assigned to a connection string property - sqlConnection.ConnectionString = connectionString; + sqlConnection.ConnectionString = connectionString; // $ Alert=r1 Alert=r2 // GOOD: Use SqlConnectionStringBuilder SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(); builder["Data Source"] = "(local)"; diff --git a/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.qlref index 5292de5ee84..e2e48763168 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-099/ResourceInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.cs b/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.cs index 4ca87924c68..c0615d90bf2 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.cs @@ -9,22 +9,22 @@ public class MissingXMLValidationHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { - String userProvidedXml = ctx.Request.QueryString["userProvidedXml"]; + String userProvidedXml = ctx.Request.QueryString["userProvidedXml"]; // $ Source=r1 Source=r2 Source=r3 Source=r4 Source=r5 // BAD: User provided XML is processed without any validation, // because there is no settings instance configured. - XmlReader.Create(new StringReader(userProvidedXml)); + XmlReader.Create(new StringReader(userProvidedXml)); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 // BAD: User provided XML is processed without any validation, // because the settings instance does not specify the ValidationType XmlReaderSettings badSettings1 = new XmlReaderSettings(); - XmlReader.Create(new StringReader(userProvidedXml), badSettings1); + XmlReader.Create(new StringReader(userProvidedXml), badSettings1); // $ Alert=r2 Alert=r1 Alert=r3 Alert=r4 Alert=r5 // BAD: User provided XML is processed without any validation, // because the settings instance specifies DTD as the ValidationType XmlReaderSettings badSettings2 = new XmlReaderSettings(); badSettings2.ValidationType = ValidationType.DTD; - XmlReader.Create(new StringReader(userProvidedXml), badSettings2); + XmlReader.Create(new StringReader(userProvidedXml), badSettings2); // $ Alert=r3 Alert=r1 Alert=r2 Alert=r4 Alert=r5 // GOOD: User provided XML is processed with validation XmlReaderSettings goodSettings = new XmlReaderSettings(); @@ -42,7 +42,7 @@ public class MissingXMLValidationHandler : IHttpHandler XmlSchemaSet sc2 = new XmlSchemaSet(); sc2.Add("urn:my-schema", "my.xsd"); goodSettings.Schemas = sc2; - XmlReader.Create(new StringReader(userProvidedXml), badSettings3); + XmlReader.Create(new StringReader(userProvidedXml), badSettings3); // $ Alert=r4 Alert=r5 Alert=r1 Alert=r2 Alert=r3 } public bool IsReusable diff --git a/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.qlref b/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.qlref index 6f71112a01c..3f8c9fe1687 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-112/MissingXMLValidation.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/AssemblyPathInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/AssemblyPathInjection.qlref index 5979609654f..f789023c52d 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/AssemblyPathInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/AssemblyPathInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-114/AssemblyPathInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/Test.cs b/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/Test.cs index e0217a6d486..a1c257cce63 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/Test.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/Test.cs @@ -4,10 +4,10 @@ using System.Reflection; public class DLLInjectionHandler : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - string libraryName = ctx.Request.QueryString["libraryName"]; + string libraryName = ctx.Request.QueryString["libraryName"]; // $ Source=r1 // BAD: Load DLL based on user input - var badDLL = Assembly.LoadFile(libraryName); + var badDLL = Assembly.LoadFile(libraryName); // $ Alert=r1 // GOOD: Load DLL using fixed string var goodDLL = Assembly.LoadFile(@"C:\visual studio 2012\Projects\ConsoleApplication1\ConsoleApplication1\DLL.dll"); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.cs b/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.cs index 4fc60b899e6..42cc1062c2d 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.cs @@ -14,7 +14,7 @@ public class PointerArithmetic fixed (char* charPointer = charArray) { // BAD: Unvalidate use in pointer arithmetic - char* newCharPointer = charPointer + possiblyOverridable.getNumber(); + char* newCharPointer = charPointer + possiblyOverridable.getNumber(); // $ Alert *newCharPointer = 'A'; // BAD: Unvalidate use in pointer arithmetic int number = possiblyOverridable.getNumber(); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.qlref b/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.qlref index c6b75e92795..13eea010dbe 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-119/LocalUnvalidatedArithmetic.qlref @@ -1 +1,2 @@ -Security Features/CWE-119/LocalUnvalidatedArithmetic.ql \ No newline at end of file +query: Security Features/CWE-119/LocalUnvalidatedArithmetic.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.cs b/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.cs index e993bc368ae..3170f3a7913 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.cs @@ -11,26 +11,26 @@ public class Handler : IHttpHandler try { var password = "123456"; - ctx.Response.Write(password); // BAD + ctx.Response.Write(password); // $ Alert=r1 Alert=r1 // BAD } catch (System.Data.SqlClient.SqlException ex) { - ctx.Response.Write(ex.ToString()); // BAD + ctx.Response.Write(ex.ToString()); // $ Alert=r2 Alert=r2 // BAD } catch (DbException ex) { - ctx.Response.Write(ex.Message); // BAD - ctx.Response.Write(ex.ToString()); // BAD - ctx.Response.Write(ex.Data["password"]); // BAD + ctx.Response.Write(ex.Message); // $ Alert=r3 Alert=r3 // BAD + ctx.Response.Write(ex.ToString()); // $ Alert=r4 Alert=r4 // BAD + ctx.Response.Write(ex.Data["password"]); // $ Alert=r5 Alert=r5 // BAD } } void SendPasswordToEmail() { - var p = GetField("password"); // p is now tainted - var message = new MailMessage("from", "to", p, p); // BAD - message.Body = "This is your password: " + p; // BAD - message.Subject = p; // BAD + var p = GetField("password"); // $ Source=r6 Source=r7 Source=r8 Source=r9 // p is now tainted + var message = new MailMessage("from", "to", p, p); // $ Alert=r6 Alert=r7 Alert=r8 Alert=r9 // BAD + message.Body = "This is your password: " + p; // $ Alert=r6 Alert=r7 Alert=r8 Alert=r9 // BAD + message.Subject = p; // $ Alert=r6 Alert=r7 Alert=r8 Alert=r9 // BAD } string GetField(string field) diff --git a/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.qlref b/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.qlref index 9ce9ee5643e..0c2eb8d2b2c 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-201/ExposureInTransmittedData.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.cs b/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.cs index 74b3fc4dd4d..e644fb9971a 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.cs @@ -16,11 +16,11 @@ public class StackTraceHandler : IHttpHandler catch (Exception ex) { // BAD: printing a stack trace back to the response - ctx.Response.Write(ex.ToString()); + ctx.Response.Write(ex.ToString()); // $ Alert=r1 $ Alert=r1 // BAD: implicitly printing a stack trace back to the response - ctx.Response.Write(ex); + ctx.Response.Write(ex); // $ Alert=r2 $ Alert=r2 // BAD: writing StackTrace property to response - ctx.Response.Write(ex.StackTrace); + ctx.Response.Write(ex.StackTrace); // $ Alert=r3 $ Alert=r3 // GOOD: writing Message property to response ctx.Response.Write(ex.Message); return; @@ -36,15 +36,15 @@ public class StackTraceHandler : IHttpHandler log("Exception occurred", ex); ctx.Response.Write("Exception occurred"); - textBox.Text = ex.InnerException.StackTrace; // BAD - textBox.Text = ex.StackTrace; // BAD - textBox.Text = ex.ToString(); // BAD + textBox.Text = ex.InnerException.StackTrace; // $ Alert=r4 $ Alert=r4 // BAD + textBox.Text = ex.StackTrace; // $ Alert=r5 $ Alert=r5 // BAD + textBox.Text = ex.ToString(); // $ Alert=r6 $ Alert=r6 // BAD textBox.Text = ex.Message; // GOOD return; } // BAD: printing a stack trace back to the response for a custom exception - ctx.Response.Write(new MyException().ToString()); + ctx.Response.Write(new MyException().ToString()); // $ Alert=r7 $ Alert=r7 } class MyException : Exception diff --git a/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.qlref b/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.qlref index e8813fef7a8..295c9e8cc57 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-209/ExceptionInformationExposure.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/MissingASPNETGlobalErrorHandler.qlref b/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/MissingASPNETGlobalErrorHandler.qlref index fa43c8d49be..521ec9079e0 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/MissingASPNETGlobalErrorHandler.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/MissingASPNETGlobalErrorHandler.qlref @@ -1 +1,2 @@ -Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql \ No newline at end of file +query: Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/Web.config b/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/Web.config index 768c965080c..d04829109d3 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/Web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOff/Web.config @@ -2,6 +2,6 @@ - + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOffButGlobal/MissingASPNETGlobalErrorHandler.qlref b/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOffButGlobal/MissingASPNETGlobalErrorHandler.qlref index fa43c8d49be..521ec9079e0 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOffButGlobal/MissingASPNETGlobalErrorHandler.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-248/MissingASPNETGlobalErrorHandler/WebConfigOffButGlobal/MissingASPNETGlobalErrorHandler.qlref @@ -1 +1,2 @@ -Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql \ No newline at end of file +query: Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/MissingAccessControl.qlref b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/MissingAccessControl.qlref index a4173778d9f..8bfd3b626d1 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/MissingAccessControl.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/MissingAccessControl.qlref @@ -1 +1,2 @@ -Security Features/CWE-285/MissingAccessControl.ql +query: Security Features/CWE-285/MissingAccessControl.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/EditProfile.aspx.cs b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/EditProfile.aspx.cs index b023dc11e80..cf1be0cfbfe 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/EditProfile.aspx.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/EditProfile.aspx.cs @@ -7,7 +7,7 @@ class EditProfile : System.Web.UI.Page { private bool isAuthorized() { return false; } // BAD: The class name indicates that this may be an Edit method, but there is no auth check - protected void btn1_Click(object sender, EventArgs e) { + protected void btn1_Click(object sender, EventArgs e) { // $ Alert doThings(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/ViewProfile.aspx.cs b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/ViewProfile.aspx.cs index f9d7316d50b..4ed7b777d2b 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/ViewProfile.aspx.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test1/ViewProfile.aspx.cs @@ -11,7 +11,7 @@ class ViewProfile : System.Web.UI.Page { } // BAD: The name indicates a Delete method, but no auth is present. - protected void btn_delete1_Click(object sender, EventArgs e) { + protected void btn_delete1_Click(object sender, EventArgs e) { // $ Alert doThings(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test3/B/EditProfile.aspx.cs b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test3/B/EditProfile.aspx.cs index 4b7697f0f88..13b9f4dd5b5 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test3/B/EditProfile.aspx.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-285/MissingAccessControl/WebFormsTests/Test3/B/EditProfile.aspx.cs @@ -5,7 +5,7 @@ class EditProfile4 : System.Web.UI.Page { private void doThings() { } // BAD: The Web.config file does not specify auth for this path. - protected void btn1_Click(object sender, EventArgs e) { + protected void btn1_Click(object sender, EventArgs e) { // $ Alert doThings(); } } \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.cs b/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.cs index 74a5568b668..c5a6c95cd46 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.cs @@ -12,10 +12,10 @@ public class ClearTextStorageHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { // BAD: Setting a cookie value or values with sensitive data. - ctx.Response.Cookies["MyCookie"].Value = accountKey; - ctx.Response.Cookies["MyOtherCookie"]["Sensitive"] = GetPassword(); - ctx.Response.Cookies["MyOtherCookie"].Values["Sensitive"] = GetPassword(); - ctx.Response.Cookies["MyCookie"].Value = GetAccountID(); + ctx.Response.Cookies["MyCookie"].Value = accountKey; // $ Alert + ctx.Response.Cookies["MyOtherCookie"]["Sensitive"] = GetPassword(); // $ Alert + ctx.Response.Cookies["MyOtherCookie"].Values["Sensitive"] = GetPassword(); // $ Alert + ctx.Response.Cookies["MyCookie"].Value = GetAccountID(); // $ Alert // GOOD: Encoding the value before setting it. ctx.Response.Cookies["MyCookie"].Value = Encode(accountKey, "Account key"); @@ -23,15 +23,15 @@ public class ClearTextStorageHandler : IHttpHandler ctx.Response.Cookies["MyCookie"].Value = GetAccountName(); ILogger logger = new ILogger(); // BAD: Logging sensitive data - logger.Warn(GetPassword()); + logger.Warn(GetPassword()); // $ Alert // GOOD: Logging encrypted sensitive data logger.Warn(Encode(GetPassword(), "Password")); - // BAD: Storing sensitive data in local file + // BAD: Storing sensitive data in local file using (var writeStream = File.Open("passwords.txt", FileMode.Create)) { var writer = new StreamWriter(writeStream); - writer.Write(GetPassword()); + writer.Write(GetPassword()); // $ Alert writer.Close(); } @@ -91,9 +91,9 @@ class MyForm : Form { box1.PasswordChar = '*'; box2.UseSystemPasswordChar = true; - logger.Warn(password.Text); // BAD - logger.Warn(box1.Text); // BAD - logger.Warn(box2.Text); // BAD + logger.Warn(password.Text); // $ Alert // BAD + logger.Warn(box1.Text); // $ Alert // BAD + logger.Warn(box2.Text); // $ Alert // BAD logger.Warn(box3.Text); // GOOD } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.qlref b/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.qlref index 0fda4720f54..78dc420e9c8 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-312/CleartextStorage.qlref @@ -1 +1,2 @@ -Security Features/CWE-312/CleartextStorage.ql \ No newline at end of file +query: Security Features/CWE-312/CleartextStorage.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.cs b/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.cs index 0c9c58d0d23..d60d2a389b5 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.cs @@ -14,21 +14,21 @@ namespace HardcodedSymmetricEncryptionKey var a = new AesCryptoServiceProvider(); // BAD: explicit key assignment, hard-coded value - a.Key = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 }; + a.Key = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 }; // $ Alert=r1 var b = new AesCryptoServiceProvider() { // BAD: explicit key assignment, hard-coded value - Key = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 } + Key = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 } // $ Alert=r2 }; - var c = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 }; + var c = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 }; // $ Source=r3 Source=r4 Source=r5 Source=r6 var d = c; - var byteArrayFromString = Encoding.UTF8.GetBytes("Hello, world: here is a very bad way to create a key"); + var byteArrayFromString = Encoding.UTF8.GetBytes("Hello, world: here is a very bad way to create a key"); // $ Source=r7 // BAD: key assignment via variable, from hard-coded value - a.Key = d; + a.Key = d; // $ Alert=r3 Alert=r4 Alert=r5 Alert=r6 // GOOD (not really, but better than hard coding) a.Key = File.ReadAllBytes("secret.key"); @@ -65,7 +65,7 @@ namespace HardcodedSymmetricEncryptionKey { using (MemoryStream ms = new MemoryStream()) { - using (CryptoStream cs = new CryptoStream(ms, aes.CreateDecryptor(password, IV), CryptoStreamMode.Write)) + using (CryptoStream cs = new CryptoStream(ms, aes.CreateDecryptor(password, IV), CryptoStreamMode.Write)) // $ Alert=r3 Alert=r4 Alert=r5 Alert=r6 { cs.Write(cipherText, 0, cipherText.Length); } @@ -105,7 +105,7 @@ namespace HardcodedSymmetricEncryptionKey return new AesManaged() { // BAD: assignment from parameter - Key = key + Key = key // $ Alert=r3 Alert=r4 Alert=r5 Alert=r6 }; } @@ -118,7 +118,7 @@ namespace HardcodedSymmetricEncryptionKey using (MemoryStream ms = new MemoryStream()) { // BAD: flow of hardcoded key to CreateEncryptor constructor - using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(key, IV), CryptoStreamMode.Write)) + using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(key, IV), CryptoStreamMode.Write)) // $ Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 { cs.Write(rawPlaintext, 0, rawPlaintext.Length); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.qlref b/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.qlref index 5ec9c0d849c..6006de2bd61 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-321/HardcodedEncryptionKey.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.qlref b/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.qlref index f023214a784..da9f5248b37 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.qlref @@ -1 +1,2 @@ -Security Features/CWE-327/DontInstallRootCert.ql \ No newline at end of file +query: Security Features/CWE-327/DontInstallRootCert.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/Test.cs b/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/Test.cs index 8323889cffd..1c6e3d5e31f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/Test.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/Test.cs @@ -12,20 +12,20 @@ namespace RootCert public void InstallRootCert() { string file = "mytest.pfx"; // Contains name of certificate file - X509Store store = new X509Store(StoreName.Root); + X509Store store = new X509Store(StoreName.Root); // $ Source store.Open(OpenFlags.ReadWrite); // BAD: adding a certificate to the Root store - store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file))); + store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file))); // $ Alert store.Close(); } public void InstallRootCert2() { string file = "mytest.pfx"; // Contains name of certificate file - X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); + X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); // $ Source store.Open(OpenFlags.ReadWrite); // BAD: adding a certificate to the Root store - store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file))); + store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file))); // $ Alert store.Close(); } @@ -67,10 +67,10 @@ namespace RootCert new X509Certificate2(X509Certificate2.CreateFromCertFile(file1)), new X509Certificate2(X509Certificate2.CreateFromCertFile(file2)), }; - X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); + X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); // $ Source store.Open(OpenFlags.ReadWrite); // BAD: adding multiple certificates to the Root store - store.AddRange(new X509Certificate2Collection(certCollection)); + store.AddRange(new X509Certificate2Collection(certCollection)); // $ Alert store.Close(); } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs b/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs index a433d549385..755130ee32f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs @@ -41,24 +41,24 @@ namespace InsecureSQLConnection public void TriggerThis() { // BAD, Encrypt not specified - SqlConnection conn = new SqlConnection("Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;"); + SqlConnection conn = new SqlConnection("Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;"); // $ Alert } void Test4() { string connectString = - "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd"; + "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd"; // $ Source // BAD, Encrypt not specified - SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString); + SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString); // $ Alert var conn = new SqlConnection(builder.ConnectionString); } void Test5() { string connectString = - "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false"; + "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false"; // $ Source // BAD, Encrypt set to false - SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString); + SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString); // $ Alert var conn = new SqlConnection(builder.ConnectionString); } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.qlref index 9809e87e73c..cd92f970473 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.qlref @@ -1 +1,2 @@ -Security Features/CWE-327/InsecureSQLConnection.ql \ No newline at end of file +query: Security Features/CWE-327/InsecureSQLConnection.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.cs b/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.cs index 56f600e3544..1d4d4efa7ba 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.cs @@ -7,21 +7,21 @@ public class InsufficientKeySize public void CryptoMethod() { // BAD: Key size is less than 128 - new RC2CryptoServiceProvider().EffectiveKeySize = 64; + new RC2CryptoServiceProvider().EffectiveKeySize = 64; // $ Alert // GOOD: Key size defaults to 128 new RC2CryptoServiceProvider(); // GOOD: Key size is greater than 128 new RC2CryptoServiceProvider().EffectiveKeySize = 256; // BAD: Key size is less than 2048. - DSACryptoServiceProvider dsaBad = new DSACryptoServiceProvider(512); + DSACryptoServiceProvider dsaBad = new DSACryptoServiceProvider(512); // $ Alert // GOOD: Key size defaults to 2048. DSACryptoServiceProvider dsaGood1 = new DSACryptoServiceProvider(); // GOOD: Key size is greater than 2048. DSACryptoServiceProvider dsaGood2 = new DSACryptoServiceProvider(2048); // BAD: Key size is less than 2048. - RSACryptoServiceProvider rsaBad = new RSACryptoServiceProvider(512); + RSACryptoServiceProvider rsaBad = new RSACryptoServiceProvider(512); // $ Alert // GOOD: Key size defaults to 2048. RSACryptoServiceProvider rsaGood1 = new RSACryptoServiceProvider(); // GOOD: Key size is greater than 2048. diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.qlref b/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.qlref index 9b9050c417b..2e460bd79e1 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-327/InsufficientKeySize/InsufficientKeySize.qlref @@ -1 +1,2 @@ -Security Features/InsufficientKeySize.ql \ No newline at end of file +query: Security Features/InsufficientKeySize.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs b/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs index 58241499c66..c49f0b81ed9 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.cs @@ -9,9 +9,9 @@ public class InsecureRandomness public void RandomTest() { // BAD: Using insecure RNG to generate password - string password = InsecureRandomString(10); - password = InsecureRandomStringFromSelection(10); - password = InsecureRandomStringFromIndexer(10); + string password = InsecureRandomString(10); // $ Alert=r1 + password = InsecureRandomStringFromSelection(10); // $ Alert=r2 + password = InsecureRandomStringFromIndexer(10); // $ Alert=r3 // IGNORE - do not track further than the first assignment to a tainted variable string passwd = password; // GOOD: Use cryptographically secure RNG @@ -25,7 +25,7 @@ public class InsecureRandomness byte[] data = new byte[1]; while (result.Length < length) { - data[0] = (byte)r.Next(97, 122); + data[0] = (byte)r.Next(97, 122); // $ Source=r1 result.Append(new ASCIIEncoding().GetString(data)); } return result.ToString(); @@ -57,7 +57,7 @@ public class InsecureRandomness Random r = new Random(); while (result.Length < length) { - result += letters[r.Next(3)]; + result += letters[r.Next(3)]; // $ Source=r2 } return result.ToString(); } @@ -69,7 +69,7 @@ public class InsecureRandomness Random r = new Random(); while (result.Length < length) { - result += letters[r.Next(3)]; + result += letters[r.Next(3)]; // $ Source=r3 } return result; } @@ -77,7 +77,7 @@ public class InsecureRandomness public static string BiasPasswordGeneration() { // BAD: Membership.GeneratePassword generates a password with a bias - string password = System.Web.Security.Membership.GeneratePassword(12, 3); + string password = System.Web.Security.Membership.GeneratePassword(12, 3); // $ Alert=r4 $ Alert=r4 return password; } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.qlref b/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.qlref index b2198beb2b4..a79d744ce61 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.qlref @@ -1,2 +1,4 @@ query: Security Features/InsecureRandomness.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-352/global/MissingAntiForgeryTokenValidation.qlref b/csharp/ql/test/query-tests/Security Features/CWE-352/global/MissingAntiForgeryTokenValidation.qlref index 38fdc5c5738..8948b9773a2 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-352/global/MissingAntiForgeryTokenValidation.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-352/global/MissingAntiForgeryTokenValidation.qlref @@ -1 +1,2 @@ -Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql \ No newline at end of file +query: Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.cs b/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.cs index e9e5202b40a..febc12a6125 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.cs @@ -4,7 +4,7 @@ public class HomeController : Controller { // BAD: Anti forgery token has been forgotten [HttpPost] - public ActionResult Login() + public ActionResult Login() // $ Alert { return View(); } @@ -55,7 +55,7 @@ public class DerivedUnprotectedController : UnprotectedBaseController { // BAD: No antiforgery validation on this or any base class [HttpPost] - public ActionResult NoInheritedValidation() + public ActionResult NoInheritedValidation() // $ Alert { return View(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.qlref b/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.qlref index 5e1ab2426c6..8948b9773a2 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-352/missing-aspnetcore/MissingAntiForgeryTokenValidation.qlref @@ -1 +1,2 @@ query: Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.cs b/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.cs index a86800e5152..ab258cddf3f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.cs @@ -4,7 +4,7 @@ public class HomeController : Controller { // BAD: Anti forgery token has been forgotten [HttpPost] - public ActionResult Login() + public ActionResult Login() // $ Alert { return View(); } @@ -55,7 +55,7 @@ public class DerivedUnprotectedController : UnprotectedBaseController { // BAD: No antiforgery validation on this or any base class [HttpPost] - public ActionResult NoInheritedValidation() + public ActionResult NoInheritedValidation() // $ Alert { return View(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.qlref b/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.qlref index 38fdc5c5738..8948b9773a2 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-352/missing/MissingAntiForgeryTokenValidation.qlref @@ -1 +1,2 @@ -Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql \ No newline at end of file +query: Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.cs b/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.cs index 675b05c29de..21f925536d7 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.cs @@ -15,19 +15,19 @@ public class ExposureOfPrivateInformationHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { // BAD: Setting a cookie value or values with private data. - ctx.Response.Cookies["MyCookie"].Value = ctx.Request.QueryString["postcode"]; + ctx.Response.Cookies["MyCookie"].Value = ctx.Request.QueryString["postcode"]; // $ Alert Person p = new Person(); - ctx.Response.Cookies["MyCookie"].Value = p.getTelephone(); + ctx.Response.Cookies["MyCookie"].Value = p.getTelephone(); // $ Alert // BAD: Logging private data ILogger logger = new ILogger(); - logger.Warn(p.getTelephone()); + logger.Warn(p.getTelephone()); // $ Alert // BAD: Storing sensitive data in unencrypted local file using (var writeStream = File.Open("telephones.txt", FileMode.Create)) { var writer = new StreamWriter(writeStream); - writer.Write(p.getTelephone()); + writer.Write(p.getTelephone()); // $ Alert writer.Close(); } @@ -59,7 +59,7 @@ public class ExposureOfPrivateInformationHandler : IHttpHandler void OnButtonClicked() { ILogger logger = new ILogger(); - logger.Warn(postcode.Text); + logger.Warn(postcode.Text); // $ Alert } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.qlref b/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.qlref index 9d578d17de8..fb1a58d5f9e 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-359/ExposureOfPrivateInformation.qlref @@ -1 +1,2 @@ -Security Features/CWE-359/ExposureOfPrivateInformation.ql \ No newline at end of file +query: Security Features/CWE-359/ExposureOfPrivateInformation.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.cs b/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.cs index d674b33a036..e2a8411089a 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.cs @@ -8,7 +8,7 @@ public class Handler1 : IHttpHandler if (FormsAuthentication.Authenticate("username", "password")) { - ctx.Session["foo"] = "bar"; // BAD: Session has not been abandoned + ctx.Session["foo"] = "bar"; // $ Alert // BAD: Session has not been abandoned ctx.Session.Abandon(); ctx.Session["foo"] = "bar"; // GOOD: Session is abandoned } @@ -48,9 +48,9 @@ public class Handler3 : IHttpHandler if (Membership.ValidateUser("username", "password")) { - ctx.Session["foo"] = "bar"; // BAD: Session not abandoned + ctx.Session["foo"] = "bar"; // $ Alert // BAD: Session not abandoned } - ctx.Session["foo"] = "bar"; // BAD: here as well + ctx.Session["foo"] = "bar"; // $ Alert // BAD: here as well } public bool IsReusable => true; diff --git a/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.qlref b/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.qlref index f67c9a36e20..c3ac664edb2 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-384/AbandonSession.qlref @@ -1 +1,2 @@ -Security Features/CWE-384/AbandonSession.ql \ No newline at end of file +query: Security Features/CWE-384/AbandonSession.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/CodeAddedHeader/MissingXFrameOptions.qlref b/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/CodeAddedHeader/MissingXFrameOptions.qlref index b8a963200e5..d0d38c4b011 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/CodeAddedHeader/MissingXFrameOptions.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/CodeAddedHeader/MissingXFrameOptions.qlref @@ -1 +1,2 @@ -Security Features/CWE-451/MissingXFrameOptions.ql +query: Security Features/CWE-451/MissingXFrameOptions.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeader/MissingXFrameOptions.qlref b/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeader/MissingXFrameOptions.qlref index b8a963200e5..d0d38c4b011 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeader/MissingXFrameOptions.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeader/MissingXFrameOptions.qlref @@ -1 +1,2 @@ -Security Features/CWE-451/MissingXFrameOptions.ql +query: Security Features/CWE-451/MissingXFrameOptions.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeaderInLocation/MissingXFrameOptions.qlref b/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeaderInLocation/MissingXFrameOptions.qlref index b8a963200e5..d0d38c4b011 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeaderInLocation/MissingXFrameOptions.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-451/MissingXFrameOptions/WebConfigAddedHeaderInLocation/MissingXFrameOptions.qlref @@ -1 +1,2 @@ -Security Features/CWE-451/MissingXFrameOptions.ql +query: Security Features/CWE-451/MissingXFrameOptions.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.cs b/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.cs index 8370fe93ba0..de23c3caddc 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.cs @@ -4,8 +4,8 @@ class PersistentCookie { void M(System.Web.HttpCookie cookie) { - cookie.Expires = DateTime.Now.AddMonths(12); // BAD + cookie.Expires = DateTime.Now.AddMonths(12); // $ Alert // BAD cookie.Expires = DateTime.Now.AddMinutes(3); // GOOD - cookie.Expires = DateTime.Now.AddSeconds(301); // BAD + cookie.Expires = DateTime.Now.AddSeconds(301); // $ Alert // BAD } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.qlref b/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.qlref index 1d2111ac3fe..d321b853086 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-539/PersistentCookie/PersistentCookie.qlref @@ -1 +1,2 @@ -Security Features/PersistentCookie.ql \ No newline at end of file +query: Security Features/PersistentCookie.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-548/ASPNetDirectoryListing.qlref b/csharp/ql/test/query-tests/Security Features/CWE-548/ASPNetDirectoryListing.qlref index 40d1fce18b5..c792e1fcbe4 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-548/ASPNetDirectoryListing.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-548/ASPNetDirectoryListing.qlref @@ -1 +1,2 @@ -Security Features/CWE-548/ASPNetDirectoryListing.ql \ No newline at end of file +query: Security Features/CWE-548/ASPNetDirectoryListing.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-548/web.config b/csharp/ql/test/query-tests/Security Features/CWE-548/web.config index b4276433838..0631d811660 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-548/web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-548/web.config @@ -1,6 +1,6 @@ - + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.cs b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.cs index 3b3aae534ad..498b004505e 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.cs @@ -10,7 +10,7 @@ public class UrlRedirectHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { // BAD: a request parameter is incorporated without validation into a URL redirect - ctx.Response.Redirect(ctx.Request.QueryString["page"]); + ctx.Response.Redirect(ctx.Request.QueryString["page"]); // $ Alert=r2 Alert=r2 // GOOD: the request parameter is validated against a known fixed string if (VALID_REDIRECT == ctx.Request.QueryString["page"]) @@ -20,7 +20,7 @@ public class UrlRedirectHandler : IHttpHandler // GOOD: We check whether this is a local URL before redirecting, using UrlHelper. // As recommended by https://docs.microsoft.com/en-us/aspnet/mvc/overview/security/preventing-open-redirection-attacks - string url = ctx.Request.QueryString["page"]; + string url = ctx.Request.QueryString["page"]; // $ Source=r5 Source=r6 Source=r7 Source=r8 if (new UrlHelper(null).IsLocalUrl(url)) { ctx.Response.Redirect(url); @@ -35,8 +35,8 @@ public class UrlRedirectHandler : IHttpHandler } // BAD: Adding or appending a header - ctx.Response.AddHeader("Location", ctx.Request.QueryString["page"]); - ctx.Response.AppendHeader("Location", ctx.Request.QueryString["page"]); + ctx.Response.AddHeader("Location", ctx.Request.QueryString["page"]); // $ Alert=r3 Alert=r3 + ctx.Response.AppendHeader("Location", ctx.Request.QueryString["page"]); // $ Alert=r4 Alert=r4 // GOOD: Redirecting to the RawUrl only reloads the current Url ctx.Response.Redirect(ctx.Request.RawUrl); @@ -45,7 +45,7 @@ public class UrlRedirectHandler : IHttpHandler ctx.Response.Redirect("foo.asp?param=" + url); // BAD: Using Transfer with unvalidated user input - ctx.Server.Transfer(url); + ctx.Server.Transfer(url); // $ Alert=r5 Alert=r6 Alert=r7 Alert=r8 // GOOD: request parameter is URL encoded ctx.Response.Redirect(HttpUtility.UrlEncode(ctx.Request.QueryString["page"])); @@ -61,19 +61,19 @@ public class UrlRedirectHandler : IHttpHandler ctx.Response.Redirect($"foo.asp?param={url}"); // BAD: The attacker can control the location - ctx.Response.Redirect($"{url}.asp?param=foo"); + ctx.Response.Redirect($"{url}.asp?param=foo"); // $ Alert=r6 Alert=r5 Alert=r7 Alert=r8 // GOOD: The attacker can only control the parameters, not the location ctx.Response.Redirect(string.Format("foo.asp?param={0}", url)); // BAD: The attacker can control the location - ctx.Response.Redirect(string.Format("{0}.asp?param=foo", url)); + ctx.Response.Redirect(string.Format("{0}.asp?param=foo", url)); // $ Alert=r7 Alert=r5 Alert=r6 Alert=r8 // GOOD: The attacker can only control the parameters, not the location ctx.Response.Redirect(string.Format("foo.asp?{1}param={0}", url, url)); // BAD: The attacker can control the location - ctx.Response.Redirect(string.Format("{1}.asp?{0}param=foo", url, url)); + ctx.Response.Redirect(string.Format("{1}.asp?{0}param=foo", url, url)); // $ Alert=r8 Alert=r5 Alert=r6 Alert=r7 } // Implementation as recommended by Microsoft. diff --git a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.qlref b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.qlref index fdb38b9ffc0..c24957fa4a0 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-601/UrlRedirect.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect2.cs b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect2.cs index 83f499ea048..43c1dcf0b9f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect2.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect2.cs @@ -11,7 +11,7 @@ public class UrlRedirectHandler2 : IHttpHandler public void ProcessRequest(HttpContext ctx) { // BAD: a request parameter is incorporated without validation into a URL redirect - ctx.Response.Redirect(ctx.Request.QueryString["page"]); + ctx.Response.Redirect(ctx.Request.QueryString["page"]); // $ Alert=r1 $ Alert=r1 var redirectUrl = ctx.Request.QueryString["page"]; if (VALID_REDIRECTS.Contains(redirectUrl)) diff --git a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirectCore.cs b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirectCore.cs index 2da9652d854..619373da069 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirectCore.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirectCore.cs @@ -10,50 +10,50 @@ namespace Testing.Controllers private static string SomeValue = "HeaderValue"; [HttpPost] - public void Post([FromBody] string value) + public void Post([FromBody] string value) // $ Source=r9 Source=r10 Source=r11 Source=r12 Source=r13 Source=r14 Source=r15 { // BAD: straight up controller redirect - Redirect(value); + Redirect(value); // $ Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 Alert=r15 // BAD: Setting response headers collection, location = redirect - Response.Headers["location"] = value; + Response.Headers["location"] = value; // $ Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 Alert=r15 Alert=r9 // GOOD: Setting response header to a constant value Response.Headers["location"] = SomeValue; // BAD: Setting response headers collection, location = redirect via add method - Response.Headers.Add("location", value); + Response.Headers.Add("location", value); // $ Alert=r11 Alert=r10 Alert=r12 Alert=r13 Alert=r14 Alert=r15 Alert=r9 // GOOD: Setting response header to a constant value Response.Headers.Add("location", "foo"); // BAD: redirect via location - Response.Headers.SetCommaSeparatedValues("location", value); + Response.Headers.SetCommaSeparatedValues("location", value); // $ Alert=r12 Alert=r10 Alert=r11 Alert=r13 Alert=r14 Alert=r15 Alert=r9 // BAD = redirect via setting location value from tainted source - Response.Headers.Append("location", value); + Response.Headers.Append("location", value); // $ Alert=r13 Alert=r10 Alert=r11 Alert=r12 Alert=r14 Alert=r15 Alert=r9 // BAD: redirect via setting location header from comma-separated values - Response.Headers.AppendCommaSeparatedValues("location", value); + Response.Headers.AppendCommaSeparatedValues("location", value); // $ Alert=r14 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r15 Alert=r9 // BAD: tainted redirect to Action - RedirectToActionPermanent("Error" + value); + RedirectToActionPermanent("Error" + value); // $ Alert=r15 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 Alert=r9 } // PUT: api/Some/5 [HttpPut("{id}")] - public void Put(int id, [FromBody] string value) + public void Put(int id, [FromBody] string value) // $ Source=r16 Source=r17 Source=r18 { - RedirectToPage(value); + RedirectToPage(value); // $ Alert=r16 Alert=r17 Alert=r18 var headers = new ResponseHeaders(Response.Headers); // BAD: redirect via header helper class - headers.Location = new Uri(value); + headers.Location = new Uri(value); // $ Alert=r17 Alert=r16 Alert=r18 // BAD: response redirect - Response.Redirect(value); + Response.Redirect(value); // $ Alert=r18 Alert=r16 Alert=r17 // GOOD: whitelisted redirect if(Url.IsLocalUrl(value)) diff --git a/csharp/ql/test/query-tests/Security Features/CWE-611/Test.cs b/csharp/ql/test/query-tests/Security Features/CWE-611/Test.cs index 005e79a7fb4..103d3cca4cc 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-611/Test.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-611/Test.cs @@ -8,7 +8,7 @@ public class XMLHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { // BAD: XmlTextReader is insecure with these options, using user-provided data - XmlTextReader reader = new XmlTextReader(ctx.Request.QueryString["document"]) { DtdProcessing = DtdProcessing.Parse, XmlResolver = new XmlUrlResolver() }; + XmlTextReader reader = new XmlTextReader(ctx.Request.QueryString["document"]) { DtdProcessing = DtdProcessing.Parse, XmlResolver = new XmlUrlResolver() }; // $ Alert[cs/xml/insecure-dtd-handling]=r1 $ Alert[cs/xml/insecure-dtd-handling]=r1 $ Alert[cs/insecure-xml-read] } public void insecureXMLBad(string content) @@ -18,10 +18,10 @@ public class XMLHandler : IHttpHandler settings.XmlResolver = new XmlUrlResolver(); // BAD: insecure settings - XmlReader reader1 = XmlReader.Create(content, settings); + XmlReader reader1 = XmlReader.Create(content, settings); // $ Alert[cs/insecure-xml-read] // BAD: XmlTextReader is insecure with these options - XmlTextReader reader2 = new XmlTextReader(content) { DtdProcessing = DtdProcessing.Parse, XmlResolver = new XmlUrlResolver() }; + XmlTextReader reader2 = new XmlTextReader(content) { DtdProcessing = DtdProcessing.Parse, XmlResolver = new XmlUrlResolver() }; // $ Alert[cs/insecure-xml-read] } public void insecureXMLGood(string content) diff --git a/csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.qlref b/csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.qlref index 7f685106e25..8cc567d8a97 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-611/UntrustedDataInsecureXml.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-611/UseXmlSecureResolver.qlref b/csharp/ql/test/query-tests/Security Features/CWE-611/UseXmlSecureResolver.qlref index b11f5307924..851c79c1593 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-611/UseXmlSecureResolver.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-611/UseXmlSecureResolver.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-611/UseXmlSecureResolver.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInCode/RequireSSL.qlref b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInCode/RequireSSL.qlref index 73523f94fc0..1a762e07498 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInCode/RequireSSL.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInCode/RequireSSL.qlref @@ -1 +1,2 @@ -Security Features/CWE-614/RequireSSL.ql \ No newline at end of file +query: Security Features/CWE-614/RequireSSL.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInForms/RequireSSL.qlref b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInForms/RequireSSL.qlref index 73523f94fc0..1a762e07498 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInForms/RequireSSL.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/AddedInForms/RequireSSL.qlref @@ -1 +1,2 @@ -Security Features/CWE-614/RequireSSL.ql \ No newline at end of file +query: Security Features/CWE-614/RequireSSL.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/RequireSSL.qlref b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/RequireSSL.qlref index 73523f94fc0..1a762e07498 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/RequireSSL.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/RequireSSL.qlref @@ -1 +1,2 @@ -Security Features/CWE-614/RequireSSL.ql \ No newline at end of file +query: Security Features/CWE-614/RequireSSL.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/Web.config b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/Web.config index 1ddaaf2b65f..7755ae7462d 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/Web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/HttpCookiesCorrect/Web.config @@ -2,7 +2,7 @@ - + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/RequireSSL.qlref b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/RequireSSL.qlref index 73523f94fc0..1a762e07498 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/RequireSSL.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/RequireSSL.qlref @@ -1 +1,2 @@ -Security Features/CWE-614/RequireSSL.ql \ No newline at end of file +query: Security Features/CWE-614/RequireSSL.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/Web.config b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/Web.config index 0ab64b1fcb6..45f9f219f09 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/Web.config +++ b/csharp/ql/test/query-tests/Security Features/CWE-614/RequireSSL/RequireSSLMissing/Web.config @@ -2,8 +2,8 @@ - + - + diff --git a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/CommentController.cs b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/CommentController.cs index d446c7ed486..2508a7c159c 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/CommentController.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/CommentController.cs @@ -12,7 +12,7 @@ public class CommentController : Controller } // BAD: Any user can access this. - public ActionResult Edit1(int commentId, string text) + public ActionResult Edit1(int commentId, string text) // $ Alert { editComment(commentId, text); return View(); @@ -39,7 +39,7 @@ public class CommentController : Controller // BAD: The AllowAnonymous attribute overrides the Authorize attribute [Authorize] [AllowAnonymous] - public ActionResult Edit4(int commentId, string text) + public ActionResult Edit4(int commentId, string text) // $ Alert { editComment(commentId, text); return View(); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/InsecureDirectObjectReference.qlref b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/InsecureDirectObjectReference.qlref index 4756d5a76a4..8fb76298ac5 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/InsecureDirectObjectReference.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/InsecureDirectObjectReference.qlref @@ -1 +1,2 @@ -Security Features/CWE-639/InsecureDirectObjectReference.ql \ No newline at end of file +query: Security Features/CWE-639/InsecureDirectObjectReference.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/MiscTestControllers.cs b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/MiscTestControllers.cs index 503b2955933..5ff2e218768 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/MiscTestControllers.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/MiscTestControllers.cs @@ -23,7 +23,7 @@ public class AController : BaseController { public class BaseAuthController : Controller { // BAD - A subclass of AllowAnonymous is used [MyAllowAnonymous] - public virtual ActionResult EditAnon(int id) { return View(); } + public virtual ActionResult EditAnon(int id) { return View(); } // $ Alert } public class BController : BaseAuthController { @@ -31,7 +31,7 @@ public class BController : BaseAuthController { public ActionResult Edit3(int id) { return View(); } // BAD - MyAllowAnonymous is inherited from overridden method - public override ActionResult EditAnon(int id) { return View(); } + public override ActionResult EditAnon(int id) { return View(); } // $ Alert } [AllowAnonymous] @@ -42,7 +42,7 @@ public class BaseAnonController : Controller { public class CController : BaseAnonController { // BAD - AllowAnonymous is inherited from base class and overrides Authorize [Authorize] - public ActionResult Edit4(int id) { return View(); } + public ActionResult Edit4(int id) { return View(); } // $ Alert } [Authorize] diff --git a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/ProfileController.cs b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/ProfileController.cs index a41c32db641..adb24ce0c3c 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/ProfileController.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-639/MVCTests/ProfileController.cs @@ -11,7 +11,7 @@ public class ProfileController : Controller { // BAD: The AllowAnonymous attribute overrides the Authorize attribute on the class. [AllowAnonymous] - public ActionResult Edit2(int profileId, string text) { + public ActionResult Edit2(int profileId, string text) { // $ Alert editProfileName(profileId, text); return View(); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/EditComment.aspx.cs b/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/EditComment.aspx.cs index 974869a0af4..bdcf80a010f 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/EditComment.aspx.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/EditComment.aspx.cs @@ -4,7 +4,7 @@ using System.Web.UI; class EditComment : System.Web.UI.Page { // BAD - Any user can access this method. - protected void btn1_Click(object sender, EventArgs e) { + protected void btn1_Click(object sender, EventArgs e) { // $ Alert string commentId = Request.QueryString["Id"]; Comment comment = getCommentById(commentId); comment.Text = "xyz"; diff --git a/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/InsecureDirectObjectReference.qlref b/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/InsecureDirectObjectReference.qlref index 4756d5a76a4..8fb76298ac5 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/InsecureDirectObjectReference.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-639/WebFormsTests/InsecureDirectObjectReference.qlref @@ -1 +1,2 @@ -Security Features/CWE-639/InsecureDirectObjectReference.ql \ No newline at end of file +query: Security Features/CWE-639/InsecureDirectObjectReference.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.cs index a42a629cc7e..a7656f26a73 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.cs @@ -8,16 +8,16 @@ public class XPathInjectionHandler : IHttpHandler { public void ProcessRequest(HttpContext ctx) { - string userName = ctx.Request.QueryString["userName"]; - string password = ctx.Request.QueryString["password"]; + string userName = ctx.Request.QueryString["userName"]; // $ Source=r1 Source=r3 Source=r5 Source=r7 Source=r9 Source=r11 Source=r13 + string password = ctx.Request.QueryString["password"]; // $ Source=r2 Source=r4 Source=r6 Source=r8 Source=r10 Source=r12 Source=r14 var s = "//users/user[login/text()='" + userName + "' and password/text() = '" + password + "']/home_dir/text()"; // BAD: User input used directly in an XPath expression - XPathExpression.Compile(s); + XPathExpression.Compile(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 XmlNode xmlNode = null; // BAD: User input used directly in an XPath expression to SelectNodes - xmlNode.SelectNodes(s); + xmlNode.SelectNodes(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 // GOOD: Uses parameters to avoid including user input directly in XPath expression var expr = XPathExpression.Compile("//users/user[login/text()=$username]/home_dir/text()"); @@ -26,31 +26,31 @@ public class XPathInjectionHandler : IHttpHandler var nav = doc.CreateNavigator(); // BAD - nav.Select(s); + nav.Select(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 // GOOD nav.Select(expr); // BAD - nav.SelectSingleNode(s); + nav.SelectSingleNode(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 // GOOD nav.SelectSingleNode(expr); // BAD - nav.Compile(s); + nav.Compile(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 // GOOD nav.Compile("//users/user[login/text()=$username]/home_dir/text()"); // BAD - nav.Evaluate(s); + nav.Evaluate(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 // Good nav.Evaluate(expr); // BAD - nav.Matches(s); + nav.Matches(s); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 Alert=r6 Alert=r7 Alert=r8 Alert=r9 Alert=r10 Alert=r11 Alert=r12 Alert=r13 Alert=r14 // GOOD nav.Matches(expr); @@ -71,17 +71,17 @@ public class XPathInjectionHandler : IHttpHandler { connection.Open(); SqlCommand customerCommand = new SqlCommand("SELECT * FROM customers", connection); - SqlDataReader customerReader = customerCommand.ExecuteReader(); + SqlDataReader customerReader = customerCommand.ExecuteReader(); // $ Source=r15 Source=r16 while (customerReader.Read()) { string userName = customerReader.GetString(1); string password = customerReader.GetString(2); // BAD: User input used directly in an XPath expression - XPathExpression.Compile("//users/user[login/text()='" + userName + "' and password/text() = '" + password + "']/home_dir/text()"); + XPathExpression.Compile("//users/user[login/text()='" + userName + "' and password/text() = '" + password + "']/home_dir/text()"); // $ Alert=r15 Alert=r16 XmlNode xmlNode = null; // BAD: User input used directly in an XPath expression to SelectNodes - xmlNode.SelectNodes("//users/user[login/text()='" + userName + "' and password/text() = '" + password + "']/home_dir/text()"); + xmlNode.SelectNodes("//users/user[login/text()='" + userName + "' and password/text() = '" + password + "']/home_dir/text()"); // $ Alert=r16 Alert=r15 // GOOD: Uses parameters to avoid including user input directly in XPath expression XPathExpression.Compile("//users/user[login/text()=$username]/home_dir/text()"); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.qlref index a0cdca4727a..9ffeeb3a292 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-643/XPathInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ExponentialRegex.cs b/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ExponentialRegex.cs index b54b3bbdf81..0cb19d1f480 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ExponentialRegex.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ExponentialRegex.cs @@ -8,20 +8,20 @@ public class RegexHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { - string userInput = ctx.Request.QueryString["userInput"]; + string userInput = ctx.Request.QueryString["userInput"]; // $ Source=r1 Source=r2 Source=r3 Source=r4 Source=r5 // BAD: // Artificial regexes - new Regex("^([a-z]+)+$").Match(userInput); - new Regex("^([a-z]*)*$").Replace(userInput, ""); + new Regex("^([a-z]+)+$").Match(userInput); // $ Alert=r1 Alert=r2 Alert=r3 Alert=r4 Alert=r5 + new Regex("^([a-z]*)*$").Replace(userInput, ""); // $ Alert=r2 Alert=r1 Alert=r3 Alert=r4 Alert=r5 // Known exponential blowup regex for e-mail address validation // Problematic part is: ([a-zA-Z0-9]+))* - new Regex("^([a-zA-Z0-9])(([\\-.]|[_]+)?([a-zA-Z0-9]+))*(@){1}[a-z0-9]+[.]{1}(([a-z]{2,3})|([a-z]{2,3}[.]{1}[a-z]{2,3}))$").Match(userInput); + new Regex("^([a-zA-Z0-9])(([\\-.]|[_]+)?([a-zA-Z0-9]+))*(@){1}[a-z0-9]+[.]{1}(([a-z]{2,3})|([a-z]{2,3}[.]{1}[a-z]{2,3}))$").Match(userInput); // $ Alert=r3 Alert=r1 Alert=r2 Alert=r4 Alert=r5 // Known exponential blowup regex for Java class name validation // Problematic part is: (([a-z])+.)+ - new Regex(JAVA_CLASS_REGEX).Match(userInput); + new Regex(JAVA_CLASS_REGEX).Match(userInput); // $ Alert=r4 Alert=r1 Alert=r2 Alert=r3 Alert=r5 // Static use - Regex.Match(userInput, JAVA_CLASS_REGEX); + Regex.Match(userInput, JAVA_CLASS_REGEX); // $ Alert=r5 Alert=r1 Alert=r2 Alert=r3 Alert=r4 // GOOD: new Regex("^(([a-b]+[c-z]+)+$").Match(userInput); new Regex("^([a-z]+)+$", RegexOptions.IgnoreCase, TimeSpan.FromSeconds(1)).Match(userInput); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ReDoS.qlref b/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ReDoS.qlref index de8c70102e0..e3f22da0ebe 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ReDoS.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ReDoS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-730/ReDoS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoSGlobalTimeout/ReDoS.qlref b/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoSGlobalTimeout/ReDoS.qlref index de8c70102e0..e3f22da0ebe 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoSGlobalTimeout/ReDoS.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-730/ReDoSGlobalTimeout/ReDoS.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-730/ReDoS.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.cs index d5f802a0268..5b4276d3af1 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.cs @@ -7,11 +7,11 @@ public class RegexInjectionHandler : IHttpHandler public void ProcessRequest(HttpContext ctx) { - string regex = ctx.Request.QueryString["regex"]; + string regex = ctx.Request.QueryString["regex"]; // $ Source=r1 string userInput = ctx.Request.QueryString["userInput"]; // BAD: User input used as regex - new Regex(regex).Match(userInput); + new Regex(regex).Match(userInput); // $ Alert=r1 // GOOD: User input escaped before being used as regex new Regex(Regex.Escape(regex)).Match(userInput); } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.qlref index bec7fbac79a..82cad8aeb6b 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-730/RegexInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedConnectionString.qlref b/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedConnectionString.qlref index d240503b773..da05cee17d4 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedConnectionString.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedConnectionString.qlref @@ -1 +1,2 @@ -Security Features/CWE-798/HardcodedConnectionString.ql \ No newline at end of file +query: Security Features/CWE-798/HardcodedConnectionString.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.cs b/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.cs index 840d65b1965..4a9bada259b 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.cs @@ -13,7 +13,7 @@ public class HardcodedHandler : IHttpHandler string password = ctx.Request.QueryString["password"]; // BAD: Inbound authentication made by comparison to string literal - if (password == "myPa55word") + if (password == "myPa55word") // $ Alert[cs/hardcoded-credentials] { ctx.Response.Redirect("login"); } @@ -29,7 +29,7 @@ public class HardcodedHandler : IHttpHandler // BAD: Create a membership user with hardcoded username MembershipUser user = new MembershipUser( providerName: "provider", - name: "username", + name: "username", // $ Alert[cs/hardcoded-credentials] providerUserKey: "username", email: "foo@bar.com", passwordQuestion: "Hardcoded question.", @@ -43,18 +43,18 @@ public class HardcodedHandler : IHttpHandler lastLockoutDate: DateTime.Now ); // BAD: Set the password to a hardcoded string literal - user.ChangePassword(password, "myNewPa55word"); + user.ChangePassword(password, "myNewPa55word"); // $ Alert[cs/hardcoded-credentials] - byte[] rawCertData = new byte[] { 0x20, 0x20, 0x20 }; + byte[] rawCertData = new byte[] { 0x20, 0x20, 0x20 }; // $ Alert[cs/hardcoded-credentials] // BAD: Passing a literal certificate and password to an X509 certificate constructor X509Certificate2 cert = new X509Certificate2( - rawCertData, - "myPa55word"); + rawCertData, // $ Sink[cs/hardcoded-credentials] + "myPa55word"); // $ Alert[cs/hardcoded-credentials] // BAD: Passing literal Password to connection string - SqlConnection conn = new SqlConnection("Password=12345"); + SqlConnection conn = new SqlConnection("Password=12345"); // $ Alert[cs/hardcoded-connection-string-credentials] // BAD: Passing literal User Id to connection string - SqlConnection conn2 = new SqlConnection("User Id=12345"); + SqlConnection conn2 = new SqlConnection("User Id=12345"); // $ Alert[cs/hardcoded-connection-string-credentials] // GOOD: Password is not specified literally SqlConnection conn3 = new SqlConnection("Password=" + LoadPasswordFromSecretConfig() + ";"); @@ -72,7 +72,7 @@ public class HardcodedHandler : IHttpHandler conn = new SqlConnection($"Password={LoadPasswordFromSecretConfig()}"); // BAD: Hard-coded user - Membership.CreateUser("myusername", "mypassword"); + Membership.CreateUser("myusername", "mypassword"); // $ Alert[cs/hardcoded-credentials] var identityOptions = new IdentityOptions { diff --git a/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.qlref b/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.qlref index ce8fa7f9b28..d4792bd2fa2 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.qlref @@ -1 +1,2 @@ -Security Features/CWE-798/HardcodedCredentials.ql \ No newline at end of file +query: Security Features/CWE-798/HardcodedCredentials.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-798/TestHardcodedCredentials.cs b/csharp/ql/test/query-tests/Security Features/CWE-798/TestHardcodedCredentials.cs index fa6d6f2b98a..997c1b7db79 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-798/TestHardcodedCredentials.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-798/TestHardcodedCredentials.cs @@ -23,7 +23,7 @@ public class HardCodedCredentialsTest // BAD: Create a membership user with hardcoded username MembershipUser user = new MembershipUser( providerName: "provider", - name: "username", + name: "username", // $ Alert[cs/hardcoded-credentials] providerUserKey: "username", email: "foo@bar.com", passwordQuestion: "Hardcoded question.", diff --git a/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs b/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs index 7ab297fbb68..39328ca7c17 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs @@ -9,22 +9,22 @@ public class ConditionalBypassHandler : IHttpHandler { string user = ctx.Request.QueryString["user"]; string password = ctx.Request.QueryString["password"]; - string isAdmin = ctx.Request.QueryString["isAdmin"]; + string isAdmin = ctx.Request.QueryString["isAdmin"]; // $ Source=r1 // BAD: login is only executed if isAdmin is false, but isAdmin // is controlled by the user - if (isAdmin == "false") + if (isAdmin == "false") // $ Alert=r1 login(user, password); - HttpCookie adminCookie = ctx.Request.Cookies["adminCookie"]; + HttpCookie adminCookie = ctx.Request.Cookies["adminCookie"]; // $ Source=r2 Source=r3 Source=r4 // BAD: login is only executed if the cookie value is false, but the cookie // is controlled by the user - if (adminCookie.Value.Equals("false")) + if (adminCookie.Value.Equals("false")) // $ Alert=r2 Alert=r3 Alert=r4 login(user, password); // FALSE POSITIVES: both methods are conditionally executed, but they probably // both perform the security-critical action - if (adminCookie.Value == "false") + if (adminCookie.Value == "false") // $ Alert=r3 Alert=r4 Alert=r2 { login(user, password); } @@ -39,14 +39,14 @@ public class ConditionalBypassHandler : IHttpHandler // BAD: DNS may be controlled by the user IPAddress hostIPAddress = IPAddress.Parse("1.2.3.4"); - IPHostEntry hostInfo = Dns.GetHostByAddress(hostIPAddress); + IPHostEntry hostInfo = Dns.GetHostByAddress(hostIPAddress); // $ Source=r5 Source=r6 // Exact comparison - if (hostInfo.HostName == "trustme.com") + if (hostInfo.HostName == "trustme.com") // $ Alert=r5 Alert=r6 { login(user, password); } // Substring comparison - if (hostInfo.HostName.EndsWith("trustme.com")) + if (hostInfo.HostName.EndsWith("trustme.com")) // $ Alert=r6 Alert=r5 { login(user, password); } @@ -67,9 +67,9 @@ public class ConditionalBypassHandler : IHttpHandler public static void Test2(HttpContext ctx, String user, String password) { - HttpCookie adminCookie = ctx.Request.Cookies["adminCookie"]; + HttpCookie adminCookie = ctx.Request.Cookies["adminCookie"]; // $ Source=r7 // BAD: login may happen once or twice - if (adminCookie.Value == "false") + if (adminCookie.Value == "false") // $ Alert=r7 login(user, password); else { @@ -80,8 +80,8 @@ public class ConditionalBypassHandler : IHttpHandler public static void Test3(HttpContext ctx, String user, String password) { - HttpCookie adminCookie = ctx.Request.Cookies["adminCookie"]; - if (adminCookie.Value == "false") + HttpCookie adminCookie = ctx.Request.Cookies["adminCookie"]; // $ Source=r8 + if (adminCookie.Value == "false") // $ Alert=r8 login(user, password); else { diff --git a/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.qlref b/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.qlref index b0c208da348..fe01c7557af 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-807/ConditionalBypass.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-838/HtmlEncode.cs b/csharp/ql/test/query-tests/Security Features/CWE-838/HtmlEncode.cs index 8a5e378c8d1..fc86cc497ea 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-838/HtmlEncode.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-838/HtmlEncode.cs @@ -7,7 +7,7 @@ public class HtmlEncode public static void Bad(HttpContext ctx) { var user = WebUtility.UrlDecode(ctx.Request.QueryString["user"]); - ctx.Response.Write("Hello, " + WebUtility.UrlEncode(user)); + ctx.Response.Write("Hello, " + WebUtility.UrlEncode(user)); // $ Alert=r1 $ Alert=r1 } public static void Good(HttpContext ctx) diff --git a/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.cs b/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.cs index 637988ddc84..4896ed7c7ef 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.cs @@ -10,12 +10,12 @@ public class InappropriateEncoding { public void Sql(string value) { - var encodedValue = Encode(value); + var encodedValue = Encode(value); // $ Source=r2 using (var connection = new SqlConnection("")) { var query1 = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + encodedValue + "' ORDER BY PRICE"; // BAD - var adapter = new SqlDataAdapter(query1, connection); + var adapter = new SqlDataAdapter(query1, connection); // $ Alert=r2 Alert=r3 var query2 = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=@category ORDER BY PRICE"; // GOOD @@ -28,13 +28,13 @@ public class InappropriateEncoding public void Html(string value, Label label, System.Windows.Forms.HtmlElement html) { // BAD - label.Text = Encode(value); - label.Text = HttpUtility.UrlEncode(value); - label.Text = HttpUtility.UrlEncode(HttpUtility.HtmlEncode(value)); - var encodedValue = HttpUtility.UrlEncode(value); - html.SetAttribute("a", encodedValue); - label.Text = ""; - label.Text = string.Format("", encodedValue); + label.Text = Encode(value); // $ Alert=r4 Alert=r4 + label.Text = HttpUtility.UrlEncode(value); // $ Alert=r5 Alert=r5 + label.Text = HttpUtility.UrlEncode(HttpUtility.HtmlEncode(value)); // $ Alert=r6 Alert=r6 + var encodedValue = HttpUtility.UrlEncode(value); // $ Source=r7 Source=r8 Source=r9 + html.SetAttribute("a", encodedValue); // $ Alert=r7 Alert=r8 Alert=r9 + label.Text = ""; // $ Alert=r8 Alert=r7 Alert=r9 + label.Text = string.Format("", encodedValue); // $ Alert=r9 Alert=r7 Alert=r8 // GOOD label.Text = HttpUtility.HtmlEncode(value); @@ -52,8 +52,8 @@ public class InappropriateEncoding public void Url(string value, HttpServerUtility util, HttpContext ctx) { // BAD - var encodedValue = HttpUtility.HtmlEncode(value); - ctx.Response.Redirect(encodedValue); + var encodedValue = HttpUtility.HtmlEncode(value); // $ Source=r10 + ctx.Response.Redirect(encodedValue); // $ Alert=r10 // GOOD ctx.Response.Redirect(HttpUtility.UrlEncode(encodedValue)); @@ -63,6 +63,6 @@ public class InappropriateEncoding static string Encode(string value) { - return value.Replace("\"", "\\\""); + return value.Replace("\"", "\\\""); // $ Source=r3 } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.qlref b/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.qlref index d70d82f4719..99348351479 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-838/InappropriateEncoding.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-838/SqlEncode.cs b/csharp/ql/test/query-tests/Security Features/CWE-838/SqlEncode.cs index dd3731cb161..77cb8a4485d 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-838/SqlEncode.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-838/SqlEncode.cs @@ -11,8 +11,8 @@ public class SqlEncode var user = WebUtility.UrlDecode(ctx.Request.QueryString["user"]); using (var connection = new SqlConnection("")) { - var query = "select * from Users where Name='" + user.Replace("\"", "\"\"") + "'"; - var adapter = new SqlDataAdapter(query, connection); + var query = "select * from Users where Name='" + user.Replace("\"", "\"\"") + "'"; // $ Source=r11 + var adapter = new SqlDataAdapter(query, connection); // $ Alert=r11 var result = new DataSet(); adapter.Fill(result); return result; diff --git a/csharp/ql/test/query-tests/Security Features/CWE-838/UrlEncode.cs b/csharp/ql/test/query-tests/Security Features/CWE-838/UrlEncode.cs index c43ec2b675a..a0576cd26a9 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-838/UrlEncode.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-838/UrlEncode.cs @@ -7,7 +7,7 @@ public class UrlEncode public static void Bad(string value, HttpContext ctx) { var user = WebUtility.UrlDecode(ctx.Request.QueryString["user"]); - ctx.Response.Redirect("?param=" + WebUtility.HtmlEncode(user)); + ctx.Response.Redirect("?param=" + WebUtility.HtmlEncode(user)); // $ Alert=r12 $ Alert=r12 } public static void Good(string value, HttpContext ctx) diff --git a/csharp/ql/test/query-tests/Telemetry/LibraryUsage/ExternalLibraryUsage.qlref b/csharp/ql/test/query-tests/Telemetry/LibraryUsage/ExternalLibraryUsage.qlref index 98a6202f3eb..918fe540c3b 100644 --- a/csharp/ql/test/query-tests/Telemetry/LibraryUsage/ExternalLibraryUsage.qlref +++ b/csharp/ql/test/query-tests/Telemetry/LibraryUsage/ExternalLibraryUsage.qlref @@ -1 +1 @@ -Telemetry/ExternalLibraryUsage.ql +query: Telemetry/ExternalLibraryUsage.ql diff --git a/csharp/ql/test/query-tests/Telemetry/LibraryUsage/SupportedExternalTaint.qlref b/csharp/ql/test/query-tests/Telemetry/LibraryUsage/SupportedExternalTaint.qlref index ef9ddfadc00..a8f8f4965ef 100644 --- a/csharp/ql/test/query-tests/Telemetry/LibraryUsage/SupportedExternalTaint.qlref +++ b/csharp/ql/test/query-tests/Telemetry/LibraryUsage/SupportedExternalTaint.qlref @@ -1 +1 @@ -Telemetry/SupportedExternalTaint.ql +query: Telemetry/SupportedExternalTaint.ql diff --git a/csharp/ql/test/query-tests/Telemetry/LibraryUsage/UnsupportedExternalAPIs.qlref b/csharp/ql/test/query-tests/Telemetry/LibraryUsage/UnsupportedExternalAPIs.qlref index b89f0a48e2e..da704d4cbbe 100644 --- a/csharp/ql/test/query-tests/Telemetry/LibraryUsage/UnsupportedExternalAPIs.qlref +++ b/csharp/ql/test/query-tests/Telemetry/LibraryUsage/UnsupportedExternalAPIs.qlref @@ -1 +1 @@ -Telemetry/UnsupportedExternalAPIs.ql +query: Telemetry/UnsupportedExternalAPIs.ql diff --git a/csharp/ql/test/query-tests/Telemetry/SupportedExternalApis/SupportedExternalApis.qlref b/csharp/ql/test/query-tests/Telemetry/SupportedExternalApis/SupportedExternalApis.qlref index 2e12499cf62..f3e231b8a7a 100644 --- a/csharp/ql/test/query-tests/Telemetry/SupportedExternalApis/SupportedExternalApis.qlref +++ b/csharp/ql/test/query-tests/Telemetry/SupportedExternalApis/SupportedExternalApis.qlref @@ -1 +1 @@ -Telemetry/SupportedExternalApis.ql +query: Telemetry/SupportedExternalApis.ql diff --git a/csharp/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.qlref b/csharp/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.qlref index e8bd57fad50..d454ef226b9 100644 --- a/csharp/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.qlref +++ b/csharp/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.qlref @@ -1 +1 @@ -Telemetry/SupportedExternalSinks.ql \ No newline at end of file +query: Telemetry/SupportedExternalSinks.ql diff --git a/csharp/ql/test/query-tests/Telemetry/SupportedExternalSources/SupportedExternalSources.qlref b/csharp/ql/test/query-tests/Telemetry/SupportedExternalSources/SupportedExternalSources.qlref index c6819c7775f..f6f3f1b972d 100644 --- a/csharp/ql/test/query-tests/Telemetry/SupportedExternalSources/SupportedExternalSources.qlref +++ b/csharp/ql/test/query-tests/Telemetry/SupportedExternalSources/SupportedExternalSources.qlref @@ -1 +1 @@ -Telemetry/SupportedExternalSources.ql +query: Telemetry/SupportedExternalSources.ql diff --git a/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.cs b/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.cs index aabe43f2258..36c79a9a1ed 100644 --- a/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.cs +++ b/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.cs @@ -6,12 +6,12 @@ class Program bool Prop1 { - set { x = true; } // BAD + set { x = true; } // $ Alert // BAD } bool Prop2 { - set { } // BAD + set { } // $ Alert // BAD } bool Prop3 @@ -55,7 +55,7 @@ class C3 : C2 { public bool Prop1 { - set { } // BAD: not override + set { } // $ Alert // BAD: not override } public override bool Prop2 diff --git a/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.qlref b/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.qlref index 199133fb534..ca84e54c827 100644 --- a/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.qlref +++ b/csharp/ql/test/query-tests/UnusedPropertyValue/UnusedPropertyValue.qlref @@ -1 +1,2 @@ -Language Abuse/UnusedPropertyValue.ql \ No newline at end of file +query: Language Abuse/UnusedPropertyValue.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/UseBraces/UseBraces.cs b/csharp/ql/test/query-tests/UseBraces/UseBraces.cs index c6036255062..99d7c1b5ae6 100644 --- a/csharp/ql/test/query-tests/UseBraces/UseBraces.cs +++ b/csharp/ql/test/query-tests/UseBraces/UseBraces.cs @@ -29,7 +29,7 @@ class UseBraces g(); // BAD if (1 == 1) - f(); g(); // BAD + f(); g(); // $ Alert // BAD // If-then-else statement @@ -63,7 +63,7 @@ class UseBraces f(); } else - f(); g(); // BAD + f(); g(); // $ Alert // BAD // While statement @@ -83,7 +83,7 @@ class UseBraces g(); // GOOD while (x > 1) - f(); g(); // BAD + f(); g(); // $ Alert // BAD while (x > 1) if (x != null) x = 1; @@ -111,7 +111,7 @@ class UseBraces g(); // BAD for (int i = 0; i < 10; ++i) - f(); g(); // BAD + f(); g(); // $ Alert // BAD // Foreach statement @@ -130,7 +130,7 @@ class UseBraces g(); // BAD foreach (var b in branches) - f(); g(); // BAD + f(); g(); // $ Alert // BAD // Nested ifs if (x > 1) diff --git a/csharp/ql/test/query-tests/UseBraces/UseBraces.qlref b/csharp/ql/test/query-tests/UseBraces/UseBraces.qlref index 5d1d4a06388..e89389461d7 100644 --- a/csharp/ql/test/query-tests/UseBraces/UseBraces.qlref +++ b/csharp/ql/test/query-tests/UseBraces/UseBraces.qlref @@ -1 +1,2 @@ -Likely Bugs/Statements/UseBraces.ql +query: Likely Bugs/Statements/UseBraces.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.cs b/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.cs index 096372e4098..04a2b3b68ca 100644 --- a/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.cs +++ b/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.cs @@ -8,7 +8,7 @@ class C : I public void f(int x) { } // BAD: This method is a forwarder - public void f() + public void f() // $ Alert { f(1); } @@ -38,7 +38,7 @@ class C : I void i() { } // BAD: Forwarding method - void i(int a) + void i(int a) // $ Alert { i(); } diff --git a/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.qlref b/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.qlref index 2e42cbc7502..435314fa373 100644 --- a/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.qlref +++ b/csharp/ql/test/query-tests/Useless Code/PointlessForwardingMethod/PointlessForwardingMethod.qlref @@ -1 +1,2 @@ -Useless code/PointlessForwardingMethod.ql +query: Useless code/PointlessForwardingMethod.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.cs b/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.cs index 6d870cad08b..81360515922 100644 --- a/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.cs +++ b/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.cs @@ -7,7 +7,7 @@ public class ContainerTest // Test 1: Variable scopes // Test 1a: Private field - private IList c1a = new List { 1, 2 }; // BAD: private + private IList c1a = new List { 1, 2 }; // $ Alert // BAD: private // Test 1b: protected field protected IList c1b = new List { 1, 2 }; // GOOD: protected @@ -16,7 +16,7 @@ public class ContainerTest public IList c1c = new List { 1, 2 }; // GOOD: public // Test 1d: internal field - internal IList c1d = new List { 1, 2 }; // BAD: internal + internal IList c1d = new List { 1, 2 }; // $ Alert // BAD: internal void TestScopes() { @@ -26,7 +26,7 @@ public class ContainerTest c1d.Add(4); // Test 1e: Local variable - IList c1e = new List { 1, 2 }; // BAD: local + IList c1e = new List { 1, 2 }; // $ Alert // BAD: local c1e.Add(5); } @@ -35,7 +35,7 @@ public class ContainerTest void TestMethodNames() { // Test 2a: Writeonly method names - IList c2a = new List { 1, 2 }; // BAD: writeonly methods + IList c2a = new List { 1, 2 }; // $ Alert // BAD: writeonly methods c2a.Add(1); c2a.Clear(); c2a.Insert(1, 2); @@ -47,14 +47,14 @@ public class ContainerTest bool b = c2b.Contains(1); // Test 2c: Other method names - var c2c = new Stack(); // BAD + var c2c = new Stack(); // $ Alert // BAD c2c.Push(1); - var c2d = new BitArray(10); // BAD + var c2d = new BitArray(10); // $ Alert // BAD c2d.Set(1, true); c2d.SetAll(false); - var c2j = new LinkedList(); // BAD + var c2j = new LinkedList(); // $ Alert // BAD c2j.AddFirst(1); c2j.AddLast(2); c2j.RemoveFirst(); @@ -100,7 +100,7 @@ public class ContainerTest void TestAccessTypes() { // 3a: Unused - IList c3a = new List { 4, 5 }; // BAD + IList c3a = new List { 4, 5 }; // $ Alert // BAD // 3b: Pass to function IList c3b = new List { }; // GOOD: used @@ -115,7 +115,7 @@ public class ContainerTest // Test 4: Initialization type - private IList c4a; // BAD: even though uninitialized + private IList c4a; // $ Alert // BAD: even though uninitialized void TestInitializationTypes() { @@ -123,11 +123,11 @@ public class ContainerTest c4a.Add(1); // Test 4b: Constructed from new - var c4b = new List(); // BAD + var c4b = new List(); // $ Alert // BAD c4b.Add(1); // Test 4c: List initialized - var c4c = new List { 2, 3, 4 }; // BAD + var c4c = new List { 2, 3, 4 }; // $ Alert // BAD c4c.Add(1); // Test 4d: Constructed from other expression @@ -147,7 +147,7 @@ public class ContainerTest void TestAssignment() { // Assigned from new container - IList c5a; // BAD + IList c5a; // $ Alert // BAD c5a = new List(); c5a.Add(1); @@ -162,7 +162,7 @@ public class ContainerTest c5d = c5c; // Assigned in an expression somewhere - IList c5e = new List(); // BAD: assigned in expr + IList c5e = new List(); // $ Alert // BAD: assigned in expr for (int i = 0; i < 10; c5e = new List(), ++i) c5e.Add(1); @@ -183,67 +183,67 @@ public class ContainerTest var c6a = new NonCollection(); // GOOD: not a collection c6a.Add(1); - var c6b = new ArrayList(); // BAD + var c6b = new ArrayList(); // $ Alert // BAD c6b.Add(1); - var c6c = new BitArray(32); // BAD + var c6c = new BitArray(32); // $ Alert // BAD c6c.SetAll(true); - var c6d = new Hashtable(); // BAD + var c6d = new Hashtable(); // $ Alert // BAD c6d.Add(1, 2); - var c6e = new Queue(); // BAD + var c6e = new Queue(); // $ Alert // BAD c6e.Enqueue(1); - var c6f = new SortedList(); // BAD + var c6f = new SortedList(); // $ Alert // BAD c6f.Add(1, 2); - var c6g = new Stack(); // BAD + var c6g = new Stack(); // $ Alert // BAD c6g.Push(1); - var c6h = new Dictionary(); // BAD + var c6h = new Dictionary(); // $ Alert // BAD c6h.Add(1, 2); - var c6i = new HashSet(); // BAD + var c6i = new HashSet(); // $ Alert // BAD c6i.Add(1); - var c6j = new LinkedList(); // BAD + var c6j = new LinkedList(); // $ Alert // BAD c6j.AddFirst(1); - var c6k = new List(); // BAD + var c6k = new List(); // $ Alert // BAD c6k.Add(1); - var c6l = new Queue(); // BAD + var c6l = new Queue(); // $ Alert // BAD c6l.Enqueue(1); - var c6m = new SortedDictionary(); // BAD + var c6m = new SortedDictionary(); // $ Alert // BAD c6m.Add(1, 2); - var c6n = new SortedList(); // BAD + var c6n = new SortedList(); // $ Alert // BAD c6n.Add(1, 2); - var c6o = new SortedDictionary(); // BAD + var c6o = new SortedDictionary(); // $ Alert // BAD c6o.Add(1, 2); - var c6p = new SortedSet(); // BAD + var c6p = new SortedSet(); // $ Alert // BAD c6p.Add(1); - var c6q = new Stack(); // BAD + var c6q = new Stack(); // $ Alert // BAD c6q.Push(1); - ICollection c6u = new List(); // BAD + ICollection c6u = new List(); // $ Alert // BAD c6u.Add(1); - IDictionary c6v = new Dictionary(); // BAD + IDictionary c6v = new Dictionary(); // $ Alert // BAD c6v.Add(1, 2); IEnumerable c6w = new List(); // GOOD c6w.GetEnumerator(); - IList c6x = new List(); // BAD + IList c6x = new List(); // $ Alert // BAD c6x.Add(12); - ISet c6y = new HashSet(); // BAD + ISet c6y = new HashSet(); // $ Alert // BAD c6y.Add(1); } @@ -264,7 +264,7 @@ public class ContainerTest t.InvokeMember("Add", System.Reflection.BindingFlags.InvokeMethod, null, c7c, new Object[] { 1 }); } - IList c8a = new List(); // BAD: no attribute + IList c8a = new List(); // $ Alert // BAD: no attribute [Obsolete()] IList c8b = new List(); // GOOD: has attribute diff --git a/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.qlref b/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.qlref index ddd3e9fb1cb..9d2057a3d37 100644 --- a/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.qlref +++ b/csharp/ql/test/query-tests/WriteOnlyContainer/WriteOnlyContainer.qlref @@ -1 +1,2 @@ -Likely Bugs/Collections/WriteOnlyContainer.ql +query: Likely Bugs/Collections/WriteOnlyContainer.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.cs b/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.cs index 1b550cacf8a..a4541e2ba24 100644 --- a/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.cs +++ b/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.cs @@ -3,9 +3,9 @@ class Test static void Main(string[] args) { // BAD - c3.Equals(c4); - c2.Equals(c3); - c7.Equals(c6); + c3.Equals(c4); // $ Alert + c2.Equals(c3); // $ Alert + c7.Equals(c6); // $ Alert // GOOD c1.Equals(c2); diff --git a/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref b/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref index 96eae4e2eac..91b47c6ddd9 100644 --- a/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref +++ b/csharp/ql/test/query-tests/standalone/Likely Bugs/IncomparableEquals/IncomparableEquals.qlref @@ -1 +1,2 @@ -Likely Bugs/IncomparableEquals.ql \ No newline at end of file +query: Likely Bugs/IncomparableEquals.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.cs b/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.cs index f717fe662c6..756b667a055 100644 --- a/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.cs +++ b/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.cs @@ -14,9 +14,9 @@ class ObjectComparisonTest result = (object)unknownValue = someValue; // BAD: Explicit cast - result = (object)unknownValue == (object)someValue; + result = (object)unknownValue == (object)someValue; // $ Alert // BAD: Type information known - result = this == (object)this; + result = this == (object)this; // $ Alert } } diff --git a/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.qlref b/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.qlref index 6f834d6d654..e4722848720 100644 --- a/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.qlref +++ b/csharp/ql/test/query-tests/standalone/Likely Bugs/ObjectComparison/ObjectComparison.qlref @@ -1 +1,2 @@ -Likely Bugs/ObjectComparison.ql \ No newline at end of file +query: Likely Bugs/ObjectComparison.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/utils/modeleditor/ApplicationModeEndpoints.qlref b/csharp/ql/test/utils/modeleditor/ApplicationModeEndpoints.qlref index 4787fa5d4b2..1255164237c 100644 --- a/csharp/ql/test/utils/modeleditor/ApplicationModeEndpoints.qlref +++ b/csharp/ql/test/utils/modeleditor/ApplicationModeEndpoints.qlref @@ -1 +1 @@ -utils/modeleditor/ApplicationModeEndpoints.ql \ No newline at end of file +query: utils/modeleditor/ApplicationModeEndpoints.ql diff --git a/csharp/ql/test/utils/modeleditor/FrameworkModeEndpoints.qlref b/csharp/ql/test/utils/modeleditor/FrameworkModeEndpoints.qlref index 5ae87455edd..ec216021687 100644 --- a/csharp/ql/test/utils/modeleditor/FrameworkModeEndpoints.qlref +++ b/csharp/ql/test/utils/modeleditor/FrameworkModeEndpoints.qlref @@ -1 +1 @@ -utils/modeleditor/FrameworkModeEndpoints.ql \ No newline at end of file +query: utils/modeleditor/FrameworkModeEndpoints.ql From f67b7299f9bebafa469e4b9b87ea2eb00849e724 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Mon, 6 Jul 2026 14:37:46 +0100 Subject: [PATCH 3/8] Update query example (synced file) --- .../ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs b/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs index 8777e35874a..c41bbf776b1 100644 --- a/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs +++ b/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypassBad.cs @@ -16,6 +16,6 @@ public class PersonBad : ISerializable [OnDeserializing] void ISerializable.GetObjectData(SerializationInfo info, StreamingContext context) { - Age = info.GetInt32("age"); // $ Alert // BAD - write is unsafe + Age = info.GetInt32("age"); // $ Alert[cs/serialization-check-bypass] // BAD - write is unsafe } } From 5ba1fe315dbb16b05cd36190cc50fac277765753 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 8 Jul 2026 00:56:16 +0100 Subject: [PATCH 4/8] Accept updated .expected output --- csharp/ql/integration-tests/all-platforms/blazor/XSS.expected | 1 + .../ql/integration-tests/all-platforms/blazor_net_8/XSS.expected | 1 + 2 files changed, 2 insertions(+) diff --git a/csharp/ql/integration-tests/all-platforms/blazor/XSS.expected b/csharp/ql/integration-tests/all-platforms/blazor/XSS.expected index d4f4f7cdd73..23580f2fe76 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor/XSS.expected +++ b/csharp/ql/integration-tests/all-platforms/blazor/XSS.expected @@ -16,3 +16,4 @@ nodes | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | semmle.label | access to property QueryParam : String | | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components/Pages/TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck : String | semmle.label | call to method TypeCheck : String | subpaths +testFailures diff --git a/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.expected b/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.expected index dbf056053b3..80461b4f851 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.expected +++ b/csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.expected @@ -16,3 +16,4 @@ nodes | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | semmle.label | access to property QueryParam : String | | BlazorTest/obj/Debug/net8.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:497:59:505:13 | call to method TypeCheck : String | semmle.label | call to method TypeCheck : String | subpaths +testFailures From b6d588c1a8ce4d7453c4a38313b3d3301c1e527b Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 8 Jul 2026 00:56:43 +0100 Subject: [PATCH 5/8] Revert inline expectations for blazor integration tests with BMN --- .../BlazorTest/Components/MyOutput.razor | 2 +- .../BlazorTest/Components/Pages/TestPage.razor | 6 +++--- .../all-platforms/blazor_build_mode_none/XSS.qlref | 4 +--- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor index 5476d75ccf9..e583e6b2e9c 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/MyOutput.razor @@ -2,7 +2,7 @@

Value from InputText: @Value

-

Raw value from InputText: @(new MarkupString(Value))

@* $ Alert[cs/web/xss]=r1 *@ +

Raw value from InputText: @(new MarkupString(Value))

@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor index 7a7a02ec222..ac3ccbe1920 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor +++ b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/Components/Pages/TestPage.razor @@ -8,7 +8,7 @@

Route parameter

Go to: /test/@XssUrl

Parameter from URL: @UrlParam

-

Raw parameter from URL: @((MarkupString)UrlParam)

@* $ Alert[cs/web/xss]=r2 $ Alert[cs/web/xss]=r2 *@ +

Raw parameter from URL: @((MarkupString)UrlParam)


@@ -17,7 +17,7 @@

Query parameter

Go to: /test/?qs=@XssUrl

Parameter from query string: @QueryParam

-

Raw parameter from query string: @(new MarkupString(QueryParam))

@* $ Alert[cs/web/xss]=r3 $ Alert[cs/web/xss]=r3 *@ +

Raw parameter from query string: @(new MarkupString(QueryParam))


@@ -82,7 +82,7 @@
- @* $ Source[cs/web/xss]=r1 *@ +
@code { diff --git a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref index a71d4784670..89b5b951bdb 100644 --- a/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref +++ b/csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref @@ -1,4 +1,2 @@ query: Security Features/CWE-079/XSS.ql -postprocess: - - utils/test/PrettyPrintModels.ql - - utils/test/InlineExpectationsTestQuery.ql +postprocess: utils/test/PrettyPrintModels.ql From 85d800f317332d3fadc9afb08418a8116a122622 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com> Date: Wed, 8 Jul 2026 13:02:20 +0100 Subject: [PATCH 6/8] Apply suggestions from code review Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com> --- csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs | 4 ++-- .../Security Features/JsonWebTokenHandler/delegation-test.cs | 4 ++-- .../Language Abuse/UselessCastToSelf/UselessCastToSelf.cs | 4 ++-- .../Security Features/CWE-807/ConditionalBypass.cs | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs b/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs index 2530492ef74..1e6c66fd0db 100644 --- a/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs +++ b/csharp/ql/campaigns/Solorigate/test/Solorigate/test.cs @@ -6,12 +6,12 @@ class FalsePositiveCases // regular FVN ulong GetRegularFvnHash(string s) { - ulong num = 14695981039346656037UL; /* FNV base offset */ // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + ulong num = 14695981039346656037UL; /* FNV base offset */ // $ SPURIOUS: Alert[cs/solorigate/number-of-known-hashes-above-threshold] foreach (byte b in Encoding.UTF8.GetBytes(s)) { num ^= (ulong)b; - num *= 1099511628211UL; /* FNV prime */ // $ Alert[cs/solorigate/number-of-known-hashes-above-threshold] + num *= 1099511628211UL; /* FNV prime */ // $ SPURIOUS: Alert[cs/solorigate/number-of-known-hashes-above-threshold] } return num; diff --git a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs index 95118a986d3..5e0e69119d4 100644 --- a/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs +++ b/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/delegation-test.cs @@ -98,8 +98,8 @@ namespace JsonWebTokenHandlerTest SaveSigninToken = true }; - tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG delegated-security-validations-always-return-true - tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => true; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] // BUG delegated-security-validations-always-return-true + tokenValidationParamsBaseline.LifetimeValidator = (notBefore, expires, securityToken, validationParameters) => ValidateLifetimeAlwaysTrue(securityToken, validationParameters); // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] + tokenValidationParamsBaseline.AudienceValidator = (IEnumerable audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) => true; // $ Alert[cs/json-webtoken-handler/delegated-security-validations-always-return-true] tokenValidationParamsBaseline.TokenReplayValidator = (DateTime? expirationTime, string securityToken, TokenValidationParameters validationParameters) => // GOOD { if (securityToken is null) diff --git a/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs b/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs index 3b3f06ded0f..bcfe712413e 100644 --- a/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs +++ b/csharp/ql/test/query-tests/Language Abuse/UselessCastToSelf/UselessCastToSelf.cs @@ -9,7 +9,7 @@ class Test var bad1 = (int)1; // $ Alert var bad2 = (Test)this; // $ Alert var bad3 = this as Test; // $ Alert - func = (Func)(x => x); // MISSING + func = (Func)(x => x); // $ MISSING: Alert exprFunc = (Expression>)(x => x); // $ Alert // GOOD @@ -22,7 +22,7 @@ class Test var good7 = (Action)((int x) => { }); func = x => x; exprFunc = x => x; - exprFuncUntyped = (Expression>)(x => x); // $ Alert // FP + exprFuncUntyped = (Expression>)(x => x); // $ SPURIOUS: Alert } enum Enum diff --git a/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs b/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs index 39328ca7c17..b3e9c842ac6 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.cs @@ -24,7 +24,7 @@ public class ConditionalBypassHandler : IHttpHandler // FALSE POSITIVES: both methods are conditionally executed, but they probably // both perform the security-critical action - if (adminCookie.Value == "false") // $ Alert=r3 Alert=r4 Alert=r2 + if (adminCookie.Value == "false") // $ SPURIOUS: Alert=r3 Alert=r4 Alert=r2 { login(user, password); } From 7b96f66d34686b1194b89efaa0a1c3d973db2e8b Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 8 Jul 2026 13:18:37 +0100 Subject: [PATCH 7/8] Also run cs/constant-condition on test for cs/comparison-of-identical-expressions --- .../CompareIdenticalValues.cs | 60 +++++++++---------- .../ConstantCondition.expected | 6 ++ .../ConstantCondition.qlref | 2 + 3 files changed, 38 insertions(+), 30 deletions(-) create mode 100644 csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.expected create mode 100644 csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.qlref diff --git a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs index 540ce6bb814..68e95de15dc 100644 --- a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs +++ b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs @@ -11,54 +11,54 @@ class CompareIdenticalValues : Super { public void M() { - if (this.Foo == Foo) ; // $ Alert - if (base.Foo == Foo) ; // $ Alert + if (this.Foo == Foo) ; // $ Alert[cs/comparison-of-identical-expressions] + if (base.Foo == Foo) ; // $ Alert[cs/comparison-of-identical-expressions] if (Foo == new CompareIdenticalValues().Foo) ; var x = "Abc"; if (x == "Abc") ; - var temp = x == x; // BAD: but flagged by cs/constant-comparison + var temp = x == x; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition double d = double.NaN; - if (d == d) ; // $ Alert // !double.IsNan(d) - if (d <= d) ; // $ Alert // !double.IsNan(d), but unlikely to be intentional - if (d >= d) ; // $ Alert // !double.IsNan(d), but unlikely to be intentional - if (d != d) ; // $ Alert // double.IsNan(d) - if (d > d) ; // $ Alert // always false - if (d < d) ; // $ Alert // always false + if (d == d) ; // $ Alert[cs/comparison-of-identical-expressions] // !double.IsNan(d) + if (d <= d) ; // $ Alert[cs/comparison-of-identical-expressions] // !double.IsNan(d), but unlikely to be intentional + if (d >= d) ; // $ Alert[cs/comparison-of-identical-expressions] // !double.IsNan(d), but unlikely to be intentional + if (d != d) ; // $ Alert[cs/comparison-of-identical-expressions] // double.IsNan(d) + if (d > d) ; // $ Alert[cs/comparison-of-identical-expressions] // always false + if (d < d) ; // $ Alert[cs/comparison-of-identical-expressions] // always false float f = float.NaN; - if (f == f) ; // $ Alert // !float.IsNan(f) - if (f <= f) ; // $ Alert // !float.IsNan(f), but unlikely to be intentional - if (f >= f) ; // $ Alert // !float.IsNan(f), but unlikely to be intentional - if (f != f) ; // $ Alert // float.IsNan(f) - if (f > f) ; // $ Alert // always false - if (f < f) ; // $ Alert // always false + if (f == f) ; // $ Alert[cs/comparison-of-identical-expressions] // !float.IsNan(f) + if (f <= f) ; // $ Alert[cs/comparison-of-identical-expressions] // !float.IsNan(f), but unlikely to be intentional + if (f >= f) ; // $ Alert[cs/comparison-of-identical-expressions] // !float.IsNan(f), but unlikely to be intentional + if (f != f) ; // $ Alert[cs/comparison-of-identical-expressions] // float.IsNan(f) + if (f > f) ; // $ Alert[cs/comparison-of-identical-expressions] // always false + if (f < f) ; // $ Alert[cs/comparison-of-identical-expressions] // always false int i = 0; - if (i == i) ; // BAD: but flagged by cs/constant-condition - if (i != i) ; // BAD: but flagged by cs/constant-condition + if (i == i) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition + if (i != i) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition CompareIdenticalValues c = null; - c.Prop.Equals(c.Prop); // $ Alert - Equals(c.Prop.Prop.Prop.Foo + 2, c.Prop.Prop.Prop.Foo + 2); // $ Alert + c.Prop.Equals(c.Prop); // $ Alert[cs/comparison-of-identical-expressions] + Equals(c.Prop.Prop.Prop.Foo + 2, c.Prop.Prop.Prop.Foo + 2); // $ Alert[cs/comparison-of-identical-expressions] Equals(c.Prop.Prop.Prop.Foo, c.Prop.Prop.Foo); if (base.Bar == Bar) ; - if (Bar == this.Bar) ; // $ Alert - Equals(this); // $ Alert + if (Bar == this.Bar) ; // $ Alert[cs/comparison-of-identical-expressions] + Equals(this); // $ Alert[cs/comparison-of-identical-expressions] - if (1 + 1 == 2) ; // BAD: but flagged by cs/constant-condition - if (1 + 1 == 3) ; - if (0 == 1) ; + if (1 + 1 == 2) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition + if (1 + 1 == 3) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition + if (0 == 1) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition var a = new int[0]; - if (a[0] == a[0]) ; // $ Alert + if (a[0] == a[0]) ; // $ Alert[cs/comparison-of-identical-expressions] - if (this.Bar[0] == Bar[1 - 1]) ; // $ Alert + if (this.Bar[0] == Bar[1 - 1]) ; // $ Alert[cs/comparison-of-identical-expressions] if (this.Bar[0] == Bar[1]) ; - if (this.Prop[Foo] == Prop[this.Foo]) ; // $ Alert + if (this.Prop[Foo] == Prop[this.Foo]) ; // $ Alert[cs/comparison-of-identical-expressions] if (this.Prop[0] == Prop[1]) ; } @@ -73,17 +73,17 @@ class CompareIdenticalValues : Super public void IsBoxedWrong1(T x) where T : struct { - ReferenceEquals(x, x); // $ Alert + ReferenceEquals(x, x); // $ Alert[cs/comparison-of-identical-expressions] } public void IsBoxedWrong2(T x) where T : class { - ReferenceEquals(x, x); // $ Alert + ReferenceEquals(x, x); // $ Alert[cs/comparison-of-identical-expressions] } public void IsBoxedWrong3(T x) where T : Super { - ReferenceEquals(x, x); // $ Alert + ReferenceEquals(x, x); // $ Alert[cs/comparison-of-identical-expressions] } public int this[int i] { get { return 0; } } diff --git a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.expected b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.expected new file mode 100644 index 00000000000..e54ba7f25d7 --- /dev/null +++ b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.expected @@ -0,0 +1,6 @@ +| CompareIdenticalValues.cs:20:20:20:25 | ... == ... | Condition always evaluates to 'true'. | CompareIdenticalValues.cs:20:20:20:25 | ... == ... | dummy | +| CompareIdenticalValues.cs:39:13:39:18 | ... == ... | Condition always evaluates to 'true'. | CompareIdenticalValues.cs:39:13:39:18 | ... == ... | dummy | +| CompareIdenticalValues.cs:40:13:40:18 | ... != ... | Condition always evaluates to 'false'. | CompareIdenticalValues.cs:40:13:40:18 | ... != ... | dummy | +| CompareIdenticalValues.cs:51:13:51:22 | ... == ... | Condition always evaluates to 'true'. | CompareIdenticalValues.cs:51:13:51:22 | ... == ... | dummy | +| CompareIdenticalValues.cs:52:13:52:22 | ... == ... | Condition always evaluates to 'false'. | CompareIdenticalValues.cs:52:13:52:22 | ... == ... | dummy | +| CompareIdenticalValues.cs:53:13:53:18 | ... == ... | Condition always evaluates to 'false'. | CompareIdenticalValues.cs:53:13:53:18 | ... == ... | dummy | diff --git a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.qlref b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.qlref new file mode 100644 index 00000000000..6692217230e --- /dev/null +++ b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/ConstantCondition.qlref @@ -0,0 +1,2 @@ +query: Bad Practices/Control-Flow/ConstantCondition.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql From aba008dcd721471052027d42ecdc7cf1fcdbb36a Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 8 Jul 2026 13:19:25 +0100 Subject: [PATCH 8/8] Remove comments "// BAD: but flagged by cs/constant-condition" --- .../CompareIdenticalValues/CompareIdenticalValues.cs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs index 68e95de15dc..55aafe64d28 100644 --- a/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs +++ b/csharp/ql/test/query-tests/CSI/CompareIdenticalValues/CompareIdenticalValues.cs @@ -17,7 +17,7 @@ class CompareIdenticalValues : Super var x = "Abc"; if (x == "Abc") ; - var temp = x == x; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition + var temp = x == x; // $ Alert[cs/constant-condition] double d = double.NaN; if (d == d) ; // $ Alert[cs/comparison-of-identical-expressions] // !double.IsNan(d) @@ -36,8 +36,8 @@ class CompareIdenticalValues : Super if (f < f) ; // $ Alert[cs/comparison-of-identical-expressions] // always false int i = 0; - if (i == i) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition - if (i != i) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition + if (i == i) ; // $ Alert[cs/constant-condition] + if (i != i) ; // $ Alert[cs/constant-condition] CompareIdenticalValues c = null; c.Prop.Equals(c.Prop); // $ Alert[cs/comparison-of-identical-expressions] @@ -48,9 +48,9 @@ class CompareIdenticalValues : Super if (Bar == this.Bar) ; // $ Alert[cs/comparison-of-identical-expressions] Equals(this); // $ Alert[cs/comparison-of-identical-expressions] - if (1 + 1 == 2) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition - if (1 + 1 == 3) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition - if (0 == 1) ; // $ Alert[cs/constant-condition] // BAD: but flagged by cs/constant-condition + if (1 + 1 == 2) ; // $ Alert[cs/constant-condition] + if (1 + 1 == 3) ; // $ Alert[cs/constant-condition] + if (0 == 1) ; // $ Alert[cs/constant-condition] var a = new int[0]; if (a[0] == a[0]) ; // $ Alert[cs/comparison-of-identical-expressions]