hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Mark false-negatives.

Browse Source
This commit is contained in:
calum
2018-11-02 14:49:37 +00:00
parent 7fa442d127
commit 29df7f5e96
2 changed files with 11 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
csharp/ql/test/query-tests/Security Features/CWE-079/XSS/XSS.expected
View File

@@ -1,10 +1,10 @@
| XSSAspNet.cs:27:30:27:34 | access to local variable sayHi | $@ flows to here and is written to HTML or JavaScript: System.Web.WebPages.WebPage.WriteLiteral() method. | XSSAspNet.cs:20:25:20:43 | access to property QueryString | User-provided value |
| XSSAspNet.cs:37:40:37:44 | access to local variable sayHi | $@ flows to here and is written to HTML or JavaScript: System.Web.WebPages.WebPage.WriteLiteralTo() method. | XSSAspNet.cs:20:25:20:43 | access to property QueryString | User-provided value |
| XSSAspNet.cs:44:28:44:55 | access to indexer | $@ flows to here and is written to HTML or JavaScript. | XSSAspNet.cs:44:28:44:46 | access to property QueryString | User-provided value |
| XSSAspNetCore.cs:22:52:22:76 | call to operator implicit conversion | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:22:52:22:64 | access to property Query | User-provided value |
| XSSAspNetCore.cs:45:51:45:53 | access to parameter foo | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:41:56:41:58 | foo | User-provided value |
| XSSAspNetCore.cs:52:43:52:67 | access to property Value | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:52:43:52:67 | access to property Value | User-provided value |
| XSSAspNetCore.cs:59:43:59:73 | call to method ToString | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:59:43:59:55 | access to property Query | User-provided value |
| XSSAspNetCore.cs:62:44:62:66 | access to indexer | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:62:44:62:56 | access to property Query | User-provided value |
| XSSAspNetCore.cs:70:43:70:61 | access to property ContentType | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:70:43:70:61 | access to property ContentType | User-provided value |
| XSSAspNetCore.cs:73:51:73:72 | call to operator implicit conversion | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:73:51:73:65 | access to property Headers | User-provided value |
| XSSAspNetCore.cs:21:52:21:76 | call to operator implicit conversion | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:21:52:21:64 | access to property Query | User-provided value |
| XSSAspNetCore.cs:44:51:44:53 | access to parameter foo | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:40:56:40:58 | foo | User-provided value |
| XSSAspNetCore.cs:51:43:51:67 | access to property Value | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:51:43:51:67 | access to property Value | User-provided value |
| XSSAspNetCore.cs:58:43:58:73 | call to method ToString | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:58:43:58:55 | access to property Query | User-provided value |
| XSSAspNetCore.cs:61:44:61:66 | access to indexer | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:61:44:61:56 | access to property Query | User-provided value |
| XSSAspNetCore.cs:69:43:69:61 | access to property ContentType | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:69:43:69:61 | access to property ContentType | User-provided value |
| XSSAspNetCore.cs:72:51:72:72 | call to operator implicit conversion | $@ flows to here and is written to HTML or JavaScript. | XSSAspNetCore.cs:72:51:72:65 | access to property Headers | User-provided value |

9
csharp/ql/test/query-tests/Security Features/CWE-079/XSS/XSSAspNetCore.cs
View File

@@ -1,5 +1,4 @@

using System.Linq;
using System.Linq;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Html;
using Microsoft.Extensions.Primitives;
@@ -24,13 +23,13 @@ namespace Testing.Controllers
StringValues vOut;
Request.Query.TryGetValue("Foo", out vOut);
// BAD: via Enumerable.
// BAD: via Enumerable. (false negative)
v.ViewData["FooFirst"] = new HtmlString(vOut.First());
// BAD: via toArray.
// BAD: via toArray. (false negative)
v.ViewData["FooArray0"] = new HtmlString(vOut.ToArray()[0]);
// BAD: via implicit conversion operator.
// BAD: via implicit conversion operator. (false negative)
v.ViewData["FooImplicit"] = new HtmlString(vOut);
return v;