Add implementation and tests

csharp/ql/src/Bad Practices/PathCombine.qhelp

@@ -0,0 +1,16 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+<overview>
+<p><code>Path.Combine</code> may silently drop its earlier arguments if its later arguments are absolute paths. E.g. <code>Path.Combine("C:\\Users\\Me\\Documents", "C:\\Program Files\\") == "C:\\Program Files"</code>.</p>
+
+</overview>
+<recommendation>
+<p>Use <code>Path.Join</code> instead.</p>
+</recommendation>
+<references>
+
+
+</references>
+</qhelp>

csharp/ql/src/Bad Practices/PathCombine.ql

@@ -0,0 +1,7 @@
+
+import csharp
+import semmle.code.csharp.frameworks.System
+
+from MethodCall call
+where call.getTarget().hasFullyQualifiedName("System.IO", "Path", "Combine")
+select call, "Path.Combine may silently discard its initial arguments if the latter are absolute paths. Use Path.Join to consistently join them."

csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.cs

@@ -0,0 +1,14 @@
+using System.IO;
+
+class EmptyCatchBlock
+{
+    void bad()
+    {
+        Path.Combine(@"C:\Users", @"C:\Program Files");
+    }
+
+    void good()
+    {
+        Path.Join(@"C:\Users", @"C:\Program Files");
+    }
+}

csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.expected

@@ -0,0 +1 @@
+| PathCombine.cs:7:9:7:55 | catch (...) {...} | Path.Combine may silently discard its initial arguments if the latter are absolute paths. Use Path.Join to consistently join them. |

csharp/ql/test/query-tests/Bad Practices/Path Combine/PathCombine.qlref

@@ -0,0 +1 @@
+Bad Practices/PathCombine.ql

csharp/ql/test/query-tests/Bad Practices/Path Combine/options

@@ -0,0 +1,2 @@
+semmle-extractor-options: /nostdlib /noconfig
+semmle-extractor-options: --load-sources-from-project:${testdir}/../../../resources/stubs/_frameworks/Microsoft.NETCore.App/Microsoft.NETCore.App.csproj