From 65ac951964a4c7d678ab2e1bd882fdfb9812a5d8 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 23 Apr 2025 12:59:29 +0200 Subject: [PATCH] C#: Remove all Sink tags after rebase. --- .../API Abuse/FormatInvalid/FormatInvalid.cs | 2 +- .../FormatInvalid/FormatMissingArgument.cs | 22 ++++++------ .../FormatInvalid/FormatMissingArgumentBad.cs | 4 +-- .../FormatInvalid/FormatUnusedArgument.cs | 36 +++++++++---------- .../FormatInvalid/FormatUnusedArgumentBad.cs | 6 ++-- 5 files changed, 35 insertions(+), 35 deletions(-) diff --git a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.cs b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.cs index 2690ec50890..75fc5e4ec23 100644 --- a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.cs +++ b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.cs @@ -34,7 +34,7 @@ class FormatInvalid String.Format("{0:{}}", 1); // $ Alert // BAD: Invalid format string - String.Format("%d", 1); // $ Alert Sink + String.Format("%d", 1); // $ Alert // BAD: } { in the middle. String.Format("{{0}-{1}}", 0, 1); // $ Alert diff --git a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgument.cs b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgument.cs index 8460a456575..b5ff280d86d 100644 --- a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgument.cs +++ b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgument.cs @@ -9,10 +9,10 @@ class Class1 String.Format("{0}", 0); // BAD: Missing {1} - String.Format("{1}", 0); // $ Alert Sink + String.Format("{1}", 0); // $ Alert // BAD: Missing {2} and {3} - String.Format("{2} {3}", 0, 1); // $ Alert Sink + String.Format("{2} {3}", 0, 1); // $ Alert // GOOD: An array has been supplied. String.Format("{0} {1} {2}", args); @@ -29,7 +29,7 @@ class Class1 void helper(string format) { // BAD: Missing {1} - String.Format(format, 0); // $ Alert=source1 Sink=source1 + String.Format(format, 0); // $ Alert=source1 } void TestCompositeFormatMissingArgument() @@ -43,13 +43,13 @@ class Class1 String.Format(null, format0, ""); // BAD: Missing {1} - String.Format(null, format1, ""); // $ Alert=source2 Sink=source2 + String.Format(null, format1, ""); // $ Alert=source2 // GOOD: All args supplied String.Format(null, format01, "", ""); // BAD: Missing {2} and {3} - String.Format(null, format23, "", ""); // $ Alert=source3 Sink=source3 + String.Format(null, format23, "", ""); // $ Alert=source3 // GOOD: All arguments supplied @@ -57,14 +57,14 @@ class Class1 sb.AppendFormat(null, format0, ""); // BAD: Missing {1} - sb.AppendFormat(null, format1, ""); // $ Alert=source2 Sink=source2 - sb.AppendFormat(null, format1, ""); // $ Alert=source2 Sink=source2 + sb.AppendFormat(null, format1, ""); // $ Alert=source2 + sb.AppendFormat(null, format1, ""); // $ Alert=source2 // GOOD: All args supplied sb.AppendFormat(null, format01, "", ""); // BAD: Missing {2} and {3} - sb.AppendFormat(null, format23, "", ""); // $ Alert=source3 Sink=source3 + sb.AppendFormat(null, format23, "", ""); // $ Alert=source3 var span = new Span(); @@ -74,14 +74,14 @@ class Class1 span.TryWrite(null, format0, out _, ""); // BAD: Missing {1} - span.TryWrite(null, format1, out _, ""); // $ Alert=source2 Sink=source2 - span.TryWrite(null, format1, out _, ""); // $ Alert=source2 Sink=source2 + span.TryWrite(null, format1, out _, ""); // $ Alert=source2 + span.TryWrite(null, format1, out _, ""); // $ Alert=source2 // GOOD: All args supplied span.TryWrite(null, format01, out _, "", ""); // BAD: Missing {2} and {3} - span.TryWrite(null, format23, out _, "", ""); // $ Alert=source3 Sink=source3 + span.TryWrite(null, format23, out _, "", ""); // $ Alert=source3 } object[] args; diff --git a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgumentBad.cs b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgumentBad.cs index a3614a881b9..74c2ffd627a 100644 --- a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgumentBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgumentBad.cs @@ -4,7 +4,7 @@ class Bad3 { void Hello(string first, string last) { - Console.WriteLine("Hello {0} {1}", first); // $ Alert Sink - Console.WriteLine("Hello {1} {2}", first, last); // $ Alert Sink + Console.WriteLine("Hello {0} {1}", first); // $ Alert + Console.WriteLine("Hello {1} {2}", first, last); // $ Alert } } diff --git a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgument.cs b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgument.cs index e1c7aa6bf15..c064025ed68 100644 --- a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgument.cs +++ b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgument.cs @@ -9,22 +9,22 @@ class C String.Format("{0} {1} {2}", 0, 1, 2); // BAD: Missing arg {0} - String.Format("X", 1); // $ Alert Sink + String.Format("X", 1); // $ Alert // BAD: Missing {1} - String.Format("{0}", 1, 2); // $ Alert Sink + String.Format("{0}", 1, 2); // $ Alert // BAD: Missing {1} - String.Format("{0} {0}", 1, 2); // $ Alert Sink + String.Format("{0} {0}", 1, 2); // $ Alert // BAD: Missing {0} - String.Format("{1} {1}", 1, 2); // $ Alert Sink + String.Format("{1} {1}", 1, 2); // $ Alert // BAD: Missing {0}, {1} and {2} - String.Format("abcdefg", 0, 1, 2); // $ Alert Sink + String.Format("abcdefg", 0, 1, 2); // $ Alert // BAD: {0} is unused - String.Format("{{sdc}}", 0); // $ Alert Sink + String.Format("{{sdc}}", 0); // $ Alert // GOOD: {0} is used String.Format("{{{0:D}}}", 0); @@ -36,7 +36,7 @@ class C String.Format("{0} {1} {2}", ps); // BAD: Would display "{0}" - String.Format("{{0}}", 1); // $ Alert Sink + String.Format("{{0}}", 1); // $ Alert // GOOD: Ignore the empty string as it's often used as the default value // of GetResource(). @@ -50,35 +50,35 @@ class C var format11 = CompositeFormat.Parse("{1}{1}"); // $ Source=source6 // BAD: Unused arg {0} - String.Format(null, format, ""); // $ Alert=source4 Sink=source4 + String.Format(null, format, ""); // $ Alert=source4 // BAD: Unused arg {1} - String.Format(null, format00, "", ""); // $ Alert=source5 Sink=source5 + String.Format(null, format00, "", ""); // $ Alert=source5 // BAD: Unused arg {0} - String.Format(null, format11, "", ""); // $ Alert=source6 Sink=source6 + String.Format(null, format11, "", ""); // $ Alert=source6 // BAD: Unused arg {0} - sb.AppendFormat(null, format, ""); // $ Alert=source4 Sink=source4 - sb.AppendFormat(null, format, ""); // $ Alert=source4 Sink=source4 + sb.AppendFormat(null, format, ""); // $ Alert=source4 + sb.AppendFormat(null, format, ""); // $ Alert=source4 // BAD: Unused arg {1} - sb.AppendFormat(null, format00, "", ""); // $ Alert=source5 Sink=source5 + sb.AppendFormat(null, format00, "", ""); // $ Alert=source5 // BAD: Unused arg {0} - sb.AppendFormat(null, format11, "", ""); // $ Alert=source6 Sink=source6 + sb.AppendFormat(null, format11, "", ""); // $ Alert=source6 var span = new Span(); // BAD: Unused arg {0} - span.TryWrite(null, format, out _, ""); // $ Alert=source4 Sink=source4 - span.TryWrite(null, format, out _, ""); // $ Alert=source4 Sink=source4 + span.TryWrite(null, format, out _, ""); // $ Alert=source4 + span.TryWrite(null, format, out _, ""); // $ Alert=source4 // BAD: Unused arg {1} - span.TryWrite(null, format00, out _, "", ""); // $ Alert=source5 Sink=source5 + span.TryWrite(null, format00, out _, "", ""); // $ Alert=source5 // BAD: Unused arg {0} - span.TryWrite(null, format11, out _, "", ""); // $ Alert=source6 Sink=source6 + span.TryWrite(null, format11, out _, "", ""); // $ Alert=source6 } object[] ps; diff --git a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgumentBad.cs b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgumentBad.cs index 5a951efa432..969c2b86e9f 100644 --- a/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgumentBad.cs +++ b/csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgumentBad.cs @@ -4,8 +4,8 @@ class Bad2 { void M(Exception ex) { - Console.WriteLine("Error processing file: {0}", ex, ex.HResult); // $ Alert Sink - Console.WriteLine("Error processing file: {1} ({1})", ex, ex.HResult); // $ Alert Sink - Console.WriteLine("Error processing file: %s (%d)", ex, ex.HResult); // $ Alert Sink + Console.WriteLine("Error processing file: {0}", ex, ex.HResult); // $ Alert + Console.WriteLine("Error processing file: {1} ({1})", ex, ex.HResult); // $ Alert + Console.WriteLine("Error processing file: %s (%d)", ex, ex.HResult); // $ Alert } }