mirror of
https://github.com/github/codeql.git
synced 2026-05-02 12:15:17 +02:00
C#: Rename -> for .
This commit is contained in:
Michael Nebel
@@ -185,9 +185,9 @@ class PageDirective extends AspDirective {
|
||||
* Gets the 'CodeBehind' class from which this page inherits.
|
||||
*/
|
||||
ValueOrRefType getInheritedType() {
|
||||
exists(string namespace, string type |
|
||||
result.hasQualifiedName(namespace, type) and
|
||||
splitQualifiedName(this.getInheritedTypeQualifiedName(), namespace, type)
|
||||
exists(string qualifier, string type |
|
||||
result.hasQualifiedName(qualifier, type) and
|
||||
splitQualifiedName(this.getInheritedTypeQualifiedName(), qualifier, type)
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -485,11 +485,11 @@ class InvalidOverride extends MethodViolation {
|
||||
}
|
||||
|
||||
override string getMessage() {
|
||||
exists(string namespace, string type |
|
||||
base.getDeclaringType().hasQualifiedName(namespace, type)
|
||||
exists(string qualifier, string type |
|
||||
base.getDeclaringType().hasQualifiedName(qualifier, type)
|
||||
|
|
||||
result =
|
||||
"Overridden method from " + getQualifiedName(namespace, type) + " is not in a base type"
|
||||
"Overridden method from " + getQualifiedName(qualifier, type) + " is not in a base type"
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -51,10 +51,10 @@ class Type extends DotNet::Type, Declaration, TypeContainer, @cil_type {
|
||||
*/
|
||||
Type getUnboundType() { cil_type(this, _, _, _, result) }
|
||||
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
name = this.getName() and
|
||||
exists(string pnamespace, string pname | this.getParent().hasQualifiedName(pnamespace, pname) |
|
||||
namespace = getQualifiedName(pnamespace, pname)
|
||||
exists(string pqualifier, string pname | this.getParent().hasQualifiedName(pqualifier, pname) |
|
||||
qualifier = getQualifiedName(pqualifier, pname)
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ class Variable extends DotNet::Variable, Declaration, DataFlowNode, @cil_variabl
|
||||
|
||||
/** A stack variable. Either a local variable (`LocalVariable`) or a parameter (`Parameter`). */
|
||||
class StackVariable extends Variable, @cil_stack_variable {
|
||||
override predicate hasQualifiedName(string namespace, string name) { none() }
|
||||
override predicate hasQualifiedName(string qualifier, string name) { none() }
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -456,8 +456,8 @@ class Operator extends Callable, Member, Attributable, @operator {
|
||||
|
||||
override Parameter getRawParameter(int i) { result = this.getParameter(i) }
|
||||
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
super.hasQualifiedName(namespace, _) and
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
super.hasQualifiedName(qualifier, _) and
|
||||
name = this.getFunctionName()
|
||||
}
|
||||
|
||||
@@ -1001,10 +1001,10 @@ class LocalFunction extends Callable, Modifiable, Attributable, @local_function
|
||||
|
||||
override Callable getEnclosingCallable() { result = this.getStatement().getEnclosingCallable() }
|
||||
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
exists(string cnamespace, string type |
|
||||
this.getEnclosingCallable().hasQualifiedName(cnamespace, type) and
|
||||
namespace = getQualifiedName(cnamespace, type)
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string cqualifier, string type |
|
||||
this.getEnclosingCallable().hasQualifiedName(cqualifier, type) and
|
||||
qualifier = getQualifiedName(cqualifier, type)
|
||||
) and
|
||||
name = this.getName()
|
||||
}
|
||||
|
||||
@@ -100,9 +100,9 @@ private string getTypeArgumentsNames(ConstructedGeneric cg) {
|
||||
|
||||
bindingset[t]
|
||||
private string getFullName(Type t) {
|
||||
exists(string namespace, string name |
|
||||
t.hasQualifiedName(namespace, name) and
|
||||
result = getQualifiedName(namespace, name)
|
||||
exists(string qualifier, string name |
|
||||
t.hasQualifiedName(qualifier, name) and
|
||||
result = getQualifiedName(qualifier, name)
|
||||
)
|
||||
}
|
||||
|
||||
@@ -159,15 +159,15 @@ class UnboundGenericType extends ValueOrRefType, UnboundGeneric {
|
||||
result = this.getUndecoratedName() + "<" + getTypeParameterCommas(this) + ">"
|
||||
}
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string name0 | name = name0 + "<" + getTypeParameterCommas(this) + ">" |
|
||||
exists(string enclosing |
|
||||
this.getDeclaringType().hasQualifiedName(namespace, enclosing) and
|
||||
this.getDeclaringType().hasQualifiedName(qualifier, enclosing) and
|
||||
name0 = enclosing + "+" + this.getUndecoratedName()
|
||||
)
|
||||
or
|
||||
not exists(this.getDeclaringType()) and
|
||||
namespace = this.getNamespace().getFullName() and
|
||||
qualifier = this.getNamespace().getFullName() and
|
||||
name0 = this.getUndecoratedName()
|
||||
)
|
||||
}
|
||||
@@ -237,8 +237,8 @@ class TypeParameter extends DotNet::TypeParameter, Type, @type_parameter {
|
||||
/** Gets the generic that defines this type parameter. */
|
||||
UnboundGeneric getGeneric() { type_parameters(this, _, result, _) }
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
namespace = "" and
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
qualifier = "" and
|
||||
name = this.getName()
|
||||
}
|
||||
|
||||
@@ -424,15 +424,15 @@ class ConstructedType extends ValueOrRefType, ConstructedGeneric {
|
||||
result = this.getUndecoratedName() + "<" + getTypeArgumentsNames(this) + ">"
|
||||
}
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string name0 | name = name0 + "<" + getTypeArgumentsQualifiedNames(this) + ">" |
|
||||
exists(string enclosing |
|
||||
this.getDeclaringType().hasQualifiedName(namespace, enclosing) and
|
||||
this.getDeclaringType().hasQualifiedName(qualifier, enclosing) and
|
||||
name0 = enclosing + "+" + this.getUndecoratedName()
|
||||
)
|
||||
or
|
||||
not exists(this.getDeclaringType()) and
|
||||
namespace = this.getNamespace().getFullName() and
|
||||
qualifier = this.getNamespace().getFullName() and
|
||||
name0 = this.getUndecoratedName()
|
||||
)
|
||||
}
|
||||
|
||||
@@ -57,19 +57,19 @@ private predicate isObjectClass(Class c) { c instanceof ObjectType }
|
||||
*/
|
||||
class ValueOrRefType extends DotNet::ValueOrRefType, Type, Attributable, @value_or_ref_type {
|
||||
/**
|
||||
* Holds if this type has the qualified name `namespace`.`name`.
|
||||
* Holds if this type has the qualified name `qualifier`.`name`.
|
||||
*
|
||||
* For example the class `System.IO.IOException` has
|
||||
* `namespace`=`System.IO` and `name`=`IOException`.
|
||||
* `qualifier`=`System.IO` and `name`=`IOException`.
|
||||
*/
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string enclosing |
|
||||
this.getDeclaringType().hasQualifiedName(namespace, enclosing) and
|
||||
this.getDeclaringType().hasQualifiedName(qualifier, enclosing) and
|
||||
name = enclosing + "+" + this.getUndecoratedName()
|
||||
)
|
||||
or
|
||||
not exists(this.getDeclaringType()) and
|
||||
namespace = this.getNamespace().getFullName() and
|
||||
qualifier = this.getNamespace().getFullName() and
|
||||
name = this.getUndecoratedName()
|
||||
}
|
||||
|
||||
@@ -398,8 +398,8 @@ class NonNestedType extends ValueOrRefType {
|
||||
* The `void` type.
|
||||
*/
|
||||
class VoidType extends DotNet::ValueOrRefType, Type, @void_type {
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
namespace = "System" and
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
qualifier = "System" and
|
||||
name = "Void"
|
||||
}
|
||||
|
||||
@@ -1007,8 +1007,8 @@ class NullableType extends ValueType, DotNet::ConstructedGeneric, @nullable_type
|
||||
result = "Nullable<" + this.getUnderlyingType().getName() + ">"
|
||||
}
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
namespace = "System" and
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
qualifier = "System" and
|
||||
name = "Nullable<" + this.getUnderlyingType().getQualifiedName() + ">"
|
||||
}
|
||||
}
|
||||
@@ -1076,9 +1076,9 @@ class ArrayType extends DotNet::ArrayType, RefType, @array_type {
|
||||
result = this.getElementType().getALocation()
|
||||
}
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(Type elementType, string name0 |
|
||||
elementType.hasQualifiedName(namespace, name0) and
|
||||
elementType.hasQualifiedName(qualifier, name0) and
|
||||
name = name0 + this.getDimensionString(elementType)
|
||||
)
|
||||
}
|
||||
@@ -1106,9 +1106,9 @@ class PointerType extends DotNet::PointerType, Type, @pointer_type {
|
||||
|
||||
override string getAPrimaryQlClass() { result = "PointerType" }
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string name0 |
|
||||
this.getReferentType().hasQualifiedName(namespace, name0) and
|
||||
this.getReferentType().hasQualifiedName(qualifier, name0) and
|
||||
name = name0 + "*"
|
||||
)
|
||||
}
|
||||
@@ -1190,8 +1190,8 @@ class TupleType extends ValueType, @tuple_type {
|
||||
|
||||
override Type getChild(int i) { result = this.getUnderlyingType().getChild(i) }
|
||||
|
||||
final override predicate hasQualifiedName(string namespace, string name) {
|
||||
this.getUnderlyingType().hasQualifiedName(namespace, name)
|
||||
final override predicate hasQualifiedName(string qualifier, string name) {
|
||||
this.getUnderlyingType().hasQualifiedName(qualifier, name)
|
||||
}
|
||||
|
||||
override string getAPrimaryQlClass() { result = "TupleType" }
|
||||
|
||||
@@ -71,7 +71,7 @@ class LocalScopeVariable extends Variable, @local_scope_variable {
|
||||
*/
|
||||
predicate isRef() { none() }
|
||||
|
||||
override predicate hasQualifiedName(string namespace, string name) { none() }
|
||||
override predicate hasQualifiedName(string qualifier, string name) { none() }
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -3,11 +3,11 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
* Returns the concatenation of `namespace` and `name`, separated by a dot.
|
||||
* Returns the concatenation of `qualifier` and `name`, separated by a dot.
|
||||
*/
|
||||
bindingset[namespace, name]
|
||||
string getQualifiedName(string namespace, string name) {
|
||||
if namespace = "" then result = name else result = namespace + "." + name
|
||||
bindingset[qualifier, name]
|
||||
string getQualifiedName(string qualifier, string name) {
|
||||
if qualifier = "" then result = name else result = qualifier + "." + name
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -5,20 +5,20 @@
|
||||
import csharp
|
||||
|
||||
/**
|
||||
* Holds if the object creation `oc` is the creation of the reference type with the specified `namespace` and `type`, or a class derived from
|
||||
* the class with the specified `namespace` and `type`.
|
||||
* Holds if the object creation `oc` is the creation of the reference type with the specified `qualifier` and `type`, or a class derived from
|
||||
* the class with the specified `qualifier` and `type`.
|
||||
*/
|
||||
private predicate isCreatingObject(ObjectCreation oc, string namespace, string type) {
|
||||
exists(RefType t | t = oc.getType() | t.getBaseClass*().hasQualifiedName(namespace, type))
|
||||
private predicate isCreatingObject(ObjectCreation oc, string qualifier, string type) {
|
||||
exists(RefType t | t = oc.getType() | t.getBaseClass*().hasQualifiedName(qualifier, type))
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if the method call `mc` is returning the reference type with the specified `namespace` and `type`.
|
||||
* Holds if the method call `mc` is returning the reference type with the specified `qualifier` and `type`.
|
||||
* and the target of the method call is a library method.
|
||||
*/
|
||||
private predicate isReturningObject(MethodCall mc, string namespace, string type) {
|
||||
private predicate isReturningObject(MethodCall mc, string qualifier, string type) {
|
||||
mc.getTarget().fromLibrary() and
|
||||
exists(RefType t | t = mc.getType() | t.hasQualifiedName(namespace, type))
|
||||
exists(RefType t | t = mc.getType() | t.hasQualifiedName(qualifier, type))
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -40,9 +40,9 @@ class NUnitTestMethod extends TestMethod {
|
||||
|
|
||||
if expected.getArgument(0).getType() instanceof StringType
|
||||
then
|
||||
exists(string namespace, string type |
|
||||
result.hasQualifiedName(namespace, type) and
|
||||
splitQualifiedName(expected.getArgument(0).getValue(), namespace, type)
|
||||
exists(string qualifier, string type |
|
||||
result.hasQualifiedName(qualifier, type) and
|
||||
splitQualifiedName(expected.getArgument(0).getValue(), qualifier, type)
|
||||
)
|
||||
else result = expected.getArgument(0).(TypeofExpr).getTypeAccess().getTarget()
|
||||
)
|
||||
|
||||
@@ -71,9 +71,9 @@ class ExternalApiDataNode extends DataFlow::Node {
|
||||
/** Gets the index which is passed untrusted data (where -1 indicates the qualifier). */
|
||||
int getIndex() { result = i }
|
||||
|
||||
/** Holds if the callable being use has name `name` and is defined in namespace `namespace`. */
|
||||
predicate hasQualifiedName(string namespace, string name) {
|
||||
this.getCallable().hasQualifiedName(namespace, name)
|
||||
/** Holds if the callable being use has name `name` and has qualifier `qualifier`. */
|
||||
predicate hasQualifiedName(string qualifier, string name) {
|
||||
this.getCallable().hasQualifiedName(qualifier, name)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -82,8 +82,8 @@ class ExternalApiDataNode extends DataFlow::Node {
|
||||
* Gets the description of the callable being called.
|
||||
*/
|
||||
deprecated string getCallableDescription() {
|
||||
exists(string namespace, string name |
|
||||
this.hasQualifiedName(namespace, name) and result = getQualifiedName(namespace, name)
|
||||
exists(string qualifier, string name |
|
||||
this.hasQualifiedName(qualifier, name) and result = getQualifiedName(qualifier, name)
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,10 +8,10 @@ private import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
/** A declaration. */
|
||||
class Declaration extends NamedElement, @dotnet_declaration {
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
exists(string dnamespace, string dname |
|
||||
this.getDeclaringType().hasQualifiedName(dnamespace, dname) and
|
||||
namespace = getQualifiedName(dnamespace, dname)
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string dqualifier, string dname |
|
||||
this.getDeclaringType().hasQualifiedName(dqualifier, dname) and
|
||||
qualifier = getQualifiedName(dqualifier, dname)
|
||||
) and
|
||||
name = this.getName()
|
||||
}
|
||||
@@ -82,7 +82,7 @@ class Member extends Declaration, @dotnet_member {
|
||||
|
||||
/**
|
||||
* Holds if this member has name `name` and is defined in type `type`
|
||||
* with qualifier `qualifier`
|
||||
* with namespace `namespace`.
|
||||
*/
|
||||
cached
|
||||
predicate hasQualifiedName(string namespace, string type, string name) {
|
||||
|
||||
@@ -107,8 +107,8 @@ class NamedElement extends Element, @dotnet_named_element {
|
||||
|
||||
/** Holds if this element has the qualified name `qualifier`.`name`. */
|
||||
cached
|
||||
predicate hasQualifiedName(string namespace, string name) {
|
||||
namespace = "" and name = this.getName()
|
||||
predicate hasQualifiedName(string qualifier, string name) {
|
||||
qualifier = "" and name = this.getName()
|
||||
}
|
||||
|
||||
/** Gets a unique string label for this element. */
|
||||
|
||||
@@ -20,15 +20,15 @@ class Namespace extends Declaration, @namespace {
|
||||
Namespace getAChildNamespace() { result.getParentNamespace() = this }
|
||||
|
||||
/**
|
||||
* Holds if this namespace has the qualified name `namespace`.`name`.
|
||||
* Holds if this namespace has the qualified name `qualifier`.`name`.
|
||||
*
|
||||
* For example if the qualified name is `System.Collections.Generic`, then
|
||||
* `namespace`=`System.Collections` and `name`=`Generic`.
|
||||
* `qualifier`=`System.Collections` and `name`=`Generic`.
|
||||
*/
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
exists(string pnamespace, string pname |
|
||||
this.getParentNamespace().hasQualifiedName(pnamespace, pname) and
|
||||
namespace = getQualifiedName(pnamespace, pname)
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
exists(string pqualifier, string pname |
|
||||
this.getParentNamespace().hasQualifiedName(pqualifier, pname) and
|
||||
qualifier = getQualifiedName(pqualifier, pname)
|
||||
) and
|
||||
name = this.getName()
|
||||
}
|
||||
@@ -61,7 +61,7 @@ class Namespace extends Declaration, @namespace {
|
||||
class GlobalNamespace extends Namespace {
|
||||
GlobalNamespace() { this.getName() = "" }
|
||||
|
||||
override predicate hasQualifiedName(string namespace, string name) {
|
||||
namespace = "" and name = ""
|
||||
override predicate hasQualifiedName(string qualifier, string name) {
|
||||
qualifier = "" and name = ""
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,8 +11,8 @@
|
||||
|
||||
import csharp
|
||||
|
||||
string prefix(string namespace, string typename) {
|
||||
namespace = "System.Web.UI.WebControls" and
|
||||
string prefix(string qualifier, string typename) {
|
||||
qualifier = "System.Web.UI.WebControls" and
|
||||
(
|
||||
typename = "Label" and result = "lbl"
|
||||
or
|
||||
@@ -75,7 +75,7 @@ string prefix(string namespace, string typename) {
|
||||
typename = "CrystalReportViewer" and result = "crvr"
|
||||
)
|
||||
or
|
||||
namespace = "System.Web.UI.HtmlControls" and
|
||||
qualifier = "System.Web.UI.HtmlControls" and
|
||||
(
|
||||
typename = "TextArea" and result = "txa"
|
||||
or
|
||||
@@ -95,11 +95,11 @@ string prefix(string namespace, string typename) {
|
||||
)
|
||||
}
|
||||
|
||||
from Field f, RefType t, string name, string prefix, string namespace, string type
|
||||
from Field f, RefType t, string name, string prefix, string qualifier, string type
|
||||
where
|
||||
f.getType() = t and
|
||||
f.getName() = name and
|
||||
t.hasQualifiedName(namespace, type) and
|
||||
prefix = prefix(namespace, type) and
|
||||
t.hasQualifiedName(qualifier, type) and
|
||||
prefix = prefix(qualifier, type) and
|
||||
not name.matches(prefix + "%")
|
||||
select f, "This field should have the prefix '" + prefix + "' to match its types."
|
||||
|
||||
@@ -24,9 +24,9 @@ where
|
||||
(
|
||||
throwBaseType.hasName(exceptionName)
|
||||
or
|
||||
exists(string namespace, string type |
|
||||
splitQualifiedName(exceptionName, namespace, type) and
|
||||
throwBaseType.hasQualifiedName(namespace, type)
|
||||
exists(string qualifier, string type |
|
||||
splitQualifiedName(exceptionName, qualifier, type) and
|
||||
throwBaseType.hasQualifiedName(qualifier, type)
|
||||
)
|
||||
// and comment.hasBody(offset) // Too slow
|
||||
)
|
||||
|
||||
@@ -13,9 +13,9 @@
|
||||
import csharp
|
||||
import semmle.code.csharp.commons.Assertions
|
||||
|
||||
private predicate propertyOverrides(Property p, string namespace, string baseClass, string property) {
|
||||
private predicate propertyOverrides(Property p, string qualifier, string baseClass, string property) {
|
||||
exists(Property p2 |
|
||||
p2.getUnboundDeclaration().getDeclaringType().hasQualifiedName(namespace, baseClass) and
|
||||
p2.getUnboundDeclaration().getDeclaringType().hasQualifiedName(qualifier, baseClass) and
|
||||
p2.hasName(property)
|
||||
|
|
||||
p.overridesOrImplementsOrEquals(p2)
|
||||
|
||||
@@ -16,10 +16,10 @@ import DataFlow::PathGraph
|
||||
|
||||
from
|
||||
UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink,
|
||||
string namespace, string name
|
||||
string qualifier, string name
|
||||
where
|
||||
config.hasFlowPath(source, sink) and
|
||||
sink.getNode().(ExternalApiDataNode).hasQualifiedName(namespace, name)
|
||||
sink.getNode().(ExternalApiDataNode).hasQualifiedName(qualifier, name)
|
||||
select sink, source, sink,
|
||||
"Call to " + getQualifiedName(namespace, name) + " with untrusted data from $@.", source,
|
||||
"Call to " + getQualifiedName(qualifier, name) + " with untrusted data from $@.", source,
|
||||
source.toString()
|
||||
|
||||
@@ -121,10 +121,10 @@ abstract private class GeneratedType extends Type, GeneratedElement {
|
||||
}
|
||||
|
||||
private string stubComment() {
|
||||
exists(string namespace, string name |
|
||||
this.hasQualifiedName(namespace, name) and
|
||||
exists(string qualifier, string name |
|
||||
this.hasQualifiedName(qualifier, name) and
|
||||
result =
|
||||
"// Generated from `" + getQualifiedName(namespace, name) + "` in `" +
|
||||
"// Generated from `" + getQualifiedName(qualifier, name) + "` in `" +
|
||||
concat(this.getALocation().toString(), "; ") + "`\n"
|
||||
)
|
||||
}
|
||||
|
||||
@@ -17,9 +17,9 @@ import JsonWebTokenHandlerLib
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
from
|
||||
TokenValidationParametersProperty p, CallableAlwaysReturnsTrueHigherPrecision e, string namespace,
|
||||
TokenValidationParametersProperty p, CallableAlwaysReturnsTrueHigherPrecision e, string qualifier,
|
||||
string name
|
||||
where e = p.getAnAssignedValue() and p.hasQualifiedName(namespace, name)
|
||||
where e = p.getAnAssignedValue() and p.hasQualifiedName(qualifier, name)
|
||||
select e,
|
||||
"JsonWebTokenHandler security-sensitive property $@ is being delegated to this callable that always returns \"true\".",
|
||||
p, getQualifiedName(namespace, name)
|
||||
p, getQualifiedName(qualifier, name)
|
||||
|
||||
@@ -17,10 +17,10 @@ import semmle.code.csharp.commons.QualifiedName
|
||||
from
|
||||
FalseValueFlowsToTokenValidationParametersPropertyWriteToBypassValidation config,
|
||||
DataFlow::Node source, DataFlow::Node sink,
|
||||
TokenValidationParametersPropertySensitiveValidation pw, string namespace, string name
|
||||
TokenValidationParametersPropertySensitiveValidation pw, string qualifier, string name
|
||||
where
|
||||
config.hasFlow(source, sink) and
|
||||
sink.asExpr() = pw.getAnAssignedValue() and
|
||||
pw.hasQualifiedName(namespace, name)
|
||||
pw.hasQualifiedName(qualifier, name)
|
||||
select sink, "The security sensitive property $@ is being disabled by the following value: $@.", pw,
|
||||
getQualifiedName(namespace, name), source, "false"
|
||||
getQualifiedName(qualifier, name), source, "false"
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
import csharp
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
from Attributable element, Attribute attribute, string namespace, string name
|
||||
from Attributable element, Attribute attribute, string qualifier, string name
|
||||
where
|
||||
attribute = element.getAnAttribute() and
|
||||
(attribute.fromSource() or element.(Assembly).getName() in ["attributes", "Assembly1"]) and
|
||||
attribute.getType().hasQualifiedName(namespace, name)
|
||||
select element, attribute, getQualifiedName(namespace, name)
|
||||
attribute.getType().hasQualifiedName(qualifier, name)
|
||||
select element, attribute, getQualifiedName(qualifier, name)
|
||||
|
||||
@@ -12,10 +12,10 @@ class MetadataEntity extends DotNet::NamedElement, @metadata_entity {
|
||||
}
|
||||
|
||||
query predicate tooManyHandles(string s) {
|
||||
exists(MetadataEntity e, Assembly a, string namespace, string name |
|
||||
exists(MetadataEntity e, Assembly a, string qualifier, string name |
|
||||
strictcount(int handle | metadata_handle(e, a, handle)) > 1 and
|
||||
e.hasQualifiedName(namespace, name) and
|
||||
s = getQualifiedName(namespace, name)
|
||||
e.hasQualifiedName(qualifier, name) and
|
||||
s = getQualifiedName(qualifier, name)
|
||||
)
|
||||
}
|
||||
|
||||
@@ -31,11 +31,11 @@ private class UniqueMetadataEntity extends MetadataEntity {
|
||||
}
|
||||
|
||||
query predicate tooManyMatchingHandles(string s) {
|
||||
exists(UniqueMetadataEntity e, Assembly a, int handle, string namespace, string name |
|
||||
exists(UniqueMetadataEntity e, Assembly a, int handle, string qualifier, string name |
|
||||
metadata_handle(e, a, handle) and
|
||||
strictcount(UniqueMetadataEntity e2 | metadata_handle(e2, a, handle)) > 2 and
|
||||
e.hasQualifiedName(namespace, name) and
|
||||
s = getQualifiedName(namespace, name)
|
||||
e.hasQualifiedName(qualifier, name) and
|
||||
s = getQualifiedName(qualifier, name)
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
import semmle.code.cil.Types
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
from Enum e, string namespace, string name
|
||||
from Enum e, string qualifier, string name
|
||||
where
|
||||
e.hasQualifiedName(namespace, name) and
|
||||
not (namespace = "Interop.Sys" and name = "LockType") // doesn't exist on osx
|
||||
select getQualifiedName(namespace, name), e.getUnderlyingType().toStringWithTypes()
|
||||
e.hasQualifiedName(qualifier, name) and
|
||||
not (qualifier = "Interop.Sys" and name = "LockType") // doesn't exist on osx
|
||||
select getQualifiedName(qualifier, name), e.getUnderlyingType().toStringWithTypes()
|
||||
|
||||
@@ -27,12 +27,12 @@ query predicate params(string fnptr, int i, string param, string t) {
|
||||
}
|
||||
|
||||
query predicate modifiers(string fnptr, string modifier, string sKind) {
|
||||
exists(Type modType, int kind, FunctionPointerType fn, string namespace, string name |
|
||||
exists(Type modType, int kind, FunctionPointerType fn, string qualifier, string name |
|
||||
fnptr = fn.toString()
|
||||
|
|
||||
cil_custom_modifiers(fn, modType, kind) and
|
||||
modType.hasQualifiedName(namespace, name) and
|
||||
modifier = getQualifiedName(namespace, name) and
|
||||
modType.hasQualifiedName(qualifier, name) and
|
||||
modifier = getQualifiedName(qualifier, name) and
|
||||
sKind = getKind(kind)
|
||||
)
|
||||
}
|
||||
|
||||
@@ -6,10 +6,10 @@ private string getKind(int kind) { if kind = 1 then result = "modreq" else resul
|
||||
|
||||
from string receiver, string modifier, int kind
|
||||
where
|
||||
exists(Type modType, CustomModifierReceiver cmr, string namespace, string name |
|
||||
exists(Type modType, CustomModifierReceiver cmr, string qualifier, string name |
|
||||
receiver = cmr.toString() and
|
||||
cil_custom_modifiers(cmr, modType, kind) and
|
||||
modType.hasQualifiedName(namespace, name) and
|
||||
modifier = getQualifiedName(namespace, name)
|
||||
modType.hasQualifiedName(qualifier, name) and
|
||||
modifier = getQualifiedName(qualifier, name)
|
||||
)
|
||||
select receiver, modifier, getKind(kind)
|
||||
|
||||
@@ -13,10 +13,10 @@ private string elementType(Element e, string toString) {
|
||||
or
|
||||
e =
|
||||
any(Parameter p |
|
||||
exists(string namespace, string name |
|
||||
p.getDeclaringElement().hasQualifiedName(namespace, name)
|
||||
exists(string qualifier, string name |
|
||||
p.getDeclaringElement().hasQualifiedName(qualifier, name)
|
||||
|
|
||||
toString = "Parameter " + p.getIndex() + " of " + getQualifiedName(namespace, name)
|
||||
toString = "Parameter " + p.getIndex() + " of " + getQualifiedName(qualifier, name)
|
||||
)
|
||||
) and
|
||||
result = "parameter"
|
||||
@@ -32,8 +32,8 @@ private string elementType(Element e, string toString) {
|
||||
) and
|
||||
result = "local"
|
||||
or
|
||||
exists(string namespace, string name | e.(FunctionPointerType).hasQualifiedName(namespace, name) |
|
||||
toString = getQualifiedName(namespace, name)
|
||||
exists(string qualifier, string name | e.(FunctionPointerType).hasQualifiedName(qualifier, name) |
|
||||
toString = getQualifiedName(qualifier, name)
|
||||
) and
|
||||
result = "fnptr"
|
||||
or
|
||||
|
||||
@@ -2,9 +2,9 @@ import cil
|
||||
import semmle.code.csharp.commons.Disposal
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
from CIL::Field field, string namespace, string name
|
||||
from CIL::Field field, string qualifier, string name
|
||||
where
|
||||
mayBeDisposed(field) and
|
||||
field.getDeclaringType().hasQualifiedName("DisposalTests", "Class1") and
|
||||
field.hasQualifiedName(namespace, name)
|
||||
select getQualifiedName(namespace, name)
|
||||
field.hasQualifiedName(qualifier, name)
|
||||
select getQualifiedName(qualifier, name)
|
||||
|
||||
@@ -5,9 +5,9 @@
|
||||
import csharp
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
from Destructor c, string namespace, string name
|
||||
from Destructor c, string qualifier, string name
|
||||
where
|
||||
c.getDeclaringType().hasQualifiedName(namespace, name) and
|
||||
namespace = "Constructors" and
|
||||
c.getDeclaringType().hasQualifiedName(qualifier, name) and
|
||||
qualifier = "Constructors" and
|
||||
name = "Class"
|
||||
select c, c.getDeclaringType().getQualifiedName()
|
||||
|
||||
@@ -10,12 +10,12 @@ private string getIsAsync(ForeachStmt f) {
|
||||
}
|
||||
|
||||
from
|
||||
ForeachStmt f, string namespace1, string type1, string namespace2, string type2,
|
||||
string namespace3, string type3
|
||||
ForeachStmt f, string qualifier1, string type1, string qualifier2, string type2,
|
||||
string qualifier3, string type3
|
||||
where
|
||||
f.getGetEnumerator().getDeclaringType().hasQualifiedName(namespace1, type1) and
|
||||
f.getCurrent().getDeclaringType().hasQualifiedName(namespace2, type2) and
|
||||
f.getMoveNext().getDeclaringType().hasQualifiedName(namespace3, type3)
|
||||
select f, f.getElementType().toString(), getIsAsync(f), getQualifiedName(namespace1, type1),
|
||||
getLocation(f.getGetEnumerator()), getQualifiedName(namespace2, type2),
|
||||
getLocation(f.getCurrent()), getQualifiedName(namespace3, type3), getLocation(f.getMoveNext())
|
||||
f.getGetEnumerator().getDeclaringType().hasQualifiedName(qualifier1, type1) and
|
||||
f.getCurrent().getDeclaringType().hasQualifiedName(qualifier2, type2) and
|
||||
f.getMoveNext().getDeclaringType().hasQualifiedName(qualifier3, type3)
|
||||
select f, f.getElementType().toString(), getIsAsync(f), getQualifiedName(qualifier1, type1),
|
||||
getLocation(f.getGetEnumerator()), getQualifiedName(qualifier2, type2),
|
||||
getLocation(f.getCurrent()), getQualifiedName(qualifier3, type3), getLocation(f.getMoveNext())
|
||||
|
||||
@@ -8,8 +8,8 @@ query predicate records(RecordClass t, string i, RecordCloneMethod clone) {
|
||||
}
|
||||
|
||||
private string getMemberName(Member m) {
|
||||
exists(string namespace, string name | m.getDeclaringType().hasQualifiedName(namespace, name) |
|
||||
result = getQualifiedName(namespace, name) + "." + m.toStringWithTypes()
|
||||
exists(string qualifier, string name | m.getDeclaringType().hasQualifiedName(qualifier, name) |
|
||||
result = getQualifiedName(qualifier, name) + "." + m.toStringWithTypes()
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -2,8 +2,8 @@ import csharp
|
||||
import semmle.code.csharp.commons.QualifiedName
|
||||
|
||||
private string getSignature(Method m) {
|
||||
exists(string namespace, string name | m.getDeclaringType().hasQualifiedName(namespace, name) |
|
||||
result = getQualifiedName(namespace, name) + "." + m.toStringWithTypes()
|
||||
exists(string qualifier, string name | m.getDeclaringType().hasQualifiedName(qualifier, name) |
|
||||
result = getQualifiedName(qualifier, name) + "." + m.toStringWithTypes()
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -268,8 +268,8 @@ query predicate test33(ConstructedMethod cm, string s1, string s2) {
|
||||
|
||||
query predicate test34(UnboundGeneric ug, string s1, string s2) {
|
||||
ug.fromSource() and
|
||||
exists(string namespace, string name |
|
||||
ug.hasQualifiedName(namespace, name) and s1 = getQualifiedName(namespace, name)
|
||||
exists(string qualifier, string name |
|
||||
ug.hasQualifiedName(qualifier, name) and s1 = getQualifiedName(qualifier, name)
|
||||
) and
|
||||
ug.getQualifiedNameWithTypes() = s2
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user