Merge pull request #6145 from tamasvajk/feature/stub-jsonnet

C#: Change Newtonsoft.Json stub to nuget-based one
2026-04-26 17:25:19 +02:00 · 2021-06-23 18:00:27 +02:00
parent f6ba4e0235 e200ecde4a
commit 4dc70fa959
5 changed files with 2343 additions and 61 deletions
--- a/csharp/ql/test/library-tests/frameworks/JsonNET/Json.cs
+++ b/csharp/ql/test/library-tests/frameworks/JsonNET/Json.cs
@@ -1,4 +1,4 @@
-// semmle-extractor-options: ${testdir}/../../../resources/stubs/JsonNET.cs /r:System.Linq.dll
+// semmle-extractor-options: /nostdlib /noconfig --load-sources-from-project:../../../resources/stubs/Newtonsoft.Json/13.0.1/Newtonsoft.Json.csproj

 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
@@ -47,14 +47,14 @@ namespace JsonTest
            Sink((string)jobject["1"]["2"]);

            // Linq JToken tests
-            Sink(jobject.First(i => true));
+            Sink(jobject.First((JToken i) => true));
            Sink(jobject["2"].First(i => true));
            Sink(jobject["2"]["3"].First(i => true));
            Sink(jobject.SelectToken("Manufacturers[0].Name"));

            JObject untaintedJObject = JObject.Parse(u);
            Sink(untaintedJObject);
-            Sink(untaintedJObject.First(i => true));
+            Sink(untaintedJObject.First((JToken i) => true));
        }

        public class Object
@@ -64,7 +64,7 @@ namespace JsonTest
            [JsonIgnore]
            public int untainted;

-            public Dictionary<string,string> taintedValues;
+            public Dictionary<string, string> taintedValues;

            public string[] taintedArray;
        }
--- a/csharp/ql/test/library-tests/frameworks/JsonNET/Json.expected
+++ b/csharp/ql/test/library-tests/frameworks/JsonNET/Json.expected
@@ -9,7 +9,7 @@
 | Json.cs:18:24:18:32 | "tainted" | Json.cs:45:18:45:29 | access to indexer |
 | Json.cs:18:24:18:32 | "tainted" | Json.cs:46:18:46:34 | access to indexer |
 | Json.cs:18:24:18:32 | "tainted" | Json.cs:47:18:47:42 | call to operator explicit conversion |
-| Json.cs:18:24:18:32 | "tainted" | Json.cs:50:18:50:41 | call to method First |
+| Json.cs:18:24:18:32 | "tainted" | Json.cs:50:18:50:50 | call to method First |
 | Json.cs:18:24:18:32 | "tainted" | Json.cs:51:18:51:46 | call to method First |
 | Json.cs:18:24:18:32 | "tainted" | Json.cs:52:18:52:51 | call to method First |
 | Json.cs:18:24:18:32 | "tainted" | Json.cs:53:18:53:61 | call to method SelectToken |
--- a/csharp/ql/test/resources/stubs/JsonNET.cs
+++ b/csharp/ql/test/resources/stubs/JsonNET.cs
@@ -1,56 +0,0 @@
-using System;
-using System.Collections;
-using System.Collections.Generic;
-
-namespace Newtonsoft.Json
-{
-    public static class JsonConvert
-    {
-        public static string ToString(int x) => null;
-        public static T DeserializeObject<T>(string s) => default(T);
-        public static string SerializeObject(object obj) => null;
-        public static void PopulateObject(string s, object obj) { }
-    }
-
-    public class JsonIgnoreAttribute : Attribute
-    {
-    }
-
-    public class JsonRequiredAttribute : Attribute
-    {
-    }
-
-    public class JsonLoadSettings { }
-
-    public enum MemberSerialization { OptOut, OptIn, Fields }
-
-    public class JsonObjectAttribute : Attribute
-    {
-      public JsonObjectAttribute() { }
-      public JsonObjectAttribute(MemberSerialization ms) { }
-    }
-}
-
-namespace Newtonsoft.Json.Linq
-{
-    public class JToken : IEnumerable<JToken>, IEnumerable
-    {
-        public virtual JToken this[object key] => null;
-        public virtual JToken this[string key] => null;
-
-        public IEnumerator<JToken> GetEnumerator() => null;
-        IEnumerator IEnumerable.GetEnumerator() => null;
-
-        public static explicit operator string(JToken t) => null;
-
-        public IEnumerable<JToken> SelectToken(string s) => null;
-    }
-
-    public class JObject : JToken
-    {
-        public static JObject Parse(string str) => null;
-        public static JObject Parse(string str, JsonLoadSettings settings) => null;
-        public JToken this[object key] => null;
-        public JToken this[string key] => null;
-    }
-}
--- a/csharp/ql/test/resources/stubs/Newtonsoft.Json/13.0.1/Newtonsoft.Json.cs
+++ b/csharp/ql/test/resources/stubs/Newtonsoft.Json/13.0.1/Newtonsoft.Json.cs
--- a/csharp/ql/test/resources/stubs/Newtonsoft.Json/13.0.1/Newtonsoft.Json.csproj
+++ b/csharp/ql/test/resources/stubs/Newtonsoft.Json/13.0.1/Newtonsoft.Json.csproj
@@ -0,0 +1,12 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <TargetFramework>net5.0</TargetFramework>
+    <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
+    <OutputPath>bin\</OutputPath>
+    <AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="../../_frameworks/Microsoft.NETCore.App/Microsoft.NETCore.App.csproj" />
+  </ItemGroup>
+</Project>