From ac85741da8952e2067986a8096eeabbadd15d3bb Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Wed, 28 Sep 2022 13:57:50 +0200
Subject: [PATCH] C#: Add meta query for reporting calls to unsupported library
 methods

---
 .../frameworks/UnsupportedExternalAPIs.ql     | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 csharp/ql/src/meta/frameworks/UnsupportedExternalAPIs.ql

diff --git a/csharp/ql/src/meta/frameworks/UnsupportedExternalAPIs.ql b/csharp/ql/src/meta/frameworks/UnsupportedExternalAPIs.ql
new file mode 100644
index 00000000000..1b19740e3ae
--- /dev/null
+++ b/csharp/ql/src/meta/frameworks/UnsupportedExternalAPIs.ql
@@ -0,0 +1,23 @@
+/**
+ * @name Usage of unsupported external library API
+ * @description A call to an unsuppported external library API.
+ * @kind problem
+ * @problem.severity recommendation
+ * @tags meta
+ * @id csharp/meta/unsupported-external-api
+ * @precision very-low
+ */
+
+private import csharp
+private import semmle.code.csharp.dispatch.Dispatch
+private import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
+private import semmle.code.csharp.dataflow.internal.NegativeSummary
+private import Telemetry.ExternalApi
+
+from DispatchCall c, ExternalApi api
+where
+  c = api.getACall() and
+  not api.isUninteresting() and
+  not api.isSupported() and
+  not api instanceof FlowSummaryImpl::Public::NegativeSummarizedCallable
+select c, "Call to unsupported external API $@.", api, api.toString()