hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

C#: Remove all Sink tags after rebase.

Browse Source
This commit is contained in:
Michael Nebel
2025-04-23 12:59:29 +02:00
parent dcf11c2d4b
commit 65ac951964
5 changed files with 35 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.cs
View File

@@ -34,7 +34,7 @@ class FormatInvalid
String.Format("{0:{}}", 1); // $ Alert String.Format("{0:{}}", 1); // $ Alert
// BAD: Invalid format string // BAD: Invalid format string
String.Format("%d", 1); // $ Alert Sink String.Format("%d", 1); // $ Alert
// BAD: } { in the middle. // BAD: } { in the middle.
String.Format("{{0}-{1}}", 0, 1); // $ Alert String.Format("{{0}-{1}}", 0, 1); // $ Alert

22
csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgument.cs
View File

@@ -9,10 +9,10 @@ class Class1
String.Format("{0}", 0); String.Format("{0}", 0);
// BAD: Missing {1} // BAD: Missing {1}
String.Format("{1}", 0); // $ Alert Sink String.Format("{1}", 0); // $ Alert
// BAD: Missing {2} and {3} // BAD: Missing {2} and {3}
String.Format("{2} {3}", 0, 1); // $ Alert Sink String.Format("{2} {3}", 0, 1); // $ Alert
// GOOD: An array has been supplied. // GOOD: An array has been supplied.
String.Format("{0} {1} {2}", args); String.Format("{0} {1} {2}", args);
@@ -29,7 +29,7 @@ class Class1
void helper(string format) void helper(string format)
{ {
// BAD: Missing {1} // BAD: Missing {1}
String.Format(format, 0); // $ Alert=source1 Sink=source1 String.Format(format, 0); // $ Alert=source1
} }
void TestCompositeFormatMissingArgument() void TestCompositeFormatMissingArgument()
@@ -43,13 +43,13 @@ class Class1
String.Format<string>(null, format0, ""); String.Format<string>(null, format0, "");
// BAD: Missing {1} // BAD: Missing {1}
String.Format<string>(null, format1, ""); // $ Alert=source2 Sink=source2 String.Format<string>(null, format1, ""); // $ Alert=source2
// GOOD: All args supplied // GOOD: All args supplied
String.Format<string, string>(null, format01, "", ""); String.Format<string, string>(null, format01, "", "");
// BAD: Missing {2} and {3} // BAD: Missing {2} and {3}
String.Format<string, string>(null, format23, "", ""); // $ Alert=source3 Sink=source3 String.Format<string, string>(null, format23, "", ""); // $ Alert=source3
// GOOD: All arguments supplied // GOOD: All arguments supplied
@@ -57,14 +57,14 @@ class Class1
sb.AppendFormat<string>(null, format0, ""); sb.AppendFormat<string>(null, format0, "");
// BAD: Missing {1} // BAD: Missing {1}
sb.AppendFormat(null, format1, ""); // $ Alert=source2 Sink=source2 sb.AppendFormat(null, format1, ""); // $ Alert=source2
sb.AppendFormat<string>(null, format1, ""); // $ Alert=source2 Sink=source2 sb.AppendFormat<string>(null, format1, ""); // $ Alert=source2
// GOOD: All args supplied // GOOD: All args supplied
sb.AppendFormat<string, string>(null, format01, "", ""); sb.AppendFormat<string, string>(null, format01, "", "");
// BAD: Missing {2} and {3} // BAD: Missing {2} and {3}
sb.AppendFormat<string, string>(null, format23, "", ""); // $ Alert=source3 Sink=source3 sb.AppendFormat<string, string>(null, format23, "", ""); // $ Alert=source3
var span = new Span<char>(); var span = new Span<char>();
@@ -74,14 +74,14 @@ class Class1
span.TryWrite<string>(null, format0, out _, ""); span.TryWrite<string>(null, format0, out _, "");
// BAD: Missing {1} // BAD: Missing {1}
span.TryWrite(null, format1, out _, ""); // $ Alert=source2 Sink=source2 span.TryWrite(null, format1, out _, ""); // $ Alert=source2
span.TryWrite<string>(null, format1, out _, ""); // $ Alert=source2 Sink=source2 span.TryWrite<string>(null, format1, out _, ""); // $ Alert=source2
// GOOD: All args supplied // GOOD: All args supplied
span.TryWrite<string, string>(null, format01, out _, "", ""); span.TryWrite<string, string>(null, format01, out _, "", "");
// BAD: Missing {2} and {3} // BAD: Missing {2} and {3}
span.TryWrite<string, string>(null, format23, out _, "", ""); // $ Alert=source3 Sink=source3 span.TryWrite<string, string>(null, format23, out _, "", ""); // $ Alert=source3
} }
object[] args; object[] args;

4
csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatMissingArgumentBad.cs
View File

@@ -4,7 +4,7 @@ class Bad3
{ {
void Hello(string first, string last) void Hello(string first, string last)
{ {
Console.WriteLine("Hello {0} {1}", first); // $ Alert Sink Console.WriteLine("Hello {0} {1}", first); // $ Alert
Console.WriteLine("Hello {1} {2}", first, last); // $ Alert Sink Console.WriteLine("Hello {1} {2}", first, last); // $ Alert
} }
} }

36
csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgument.cs
View File

@@ -9,22 +9,22 @@ class C
String.Format("{0} {1} {2}", 0, 1, 2); String.Format("{0} {1} {2}", 0, 1, 2);
// BAD: Missing arg {0} // BAD: Missing arg {0}
String.Format("X", 1); // $ Alert Sink String.Format("X", 1); // $ Alert
// BAD: Missing {1} // BAD: Missing {1}
String.Format("{0}", 1, 2); // $ Alert Sink String.Format("{0}", 1, 2); // $ Alert
// BAD: Missing {1} // BAD: Missing {1}
String.Format("{0} {0}", 1, 2); // $ Alert Sink String.Format("{0} {0}", 1, 2); // $ Alert
// BAD: Missing {0} // BAD: Missing {0}
String.Format("{1} {1}", 1, 2); // $ Alert Sink String.Format("{1} {1}", 1, 2); // $ Alert
// BAD: Missing {0}, {1} and {2} // BAD: Missing {0}, {1} and {2}
String.Format("abcdefg", 0, 1, 2); // $ Alert Sink String.Format("abcdefg", 0, 1, 2); // $ Alert
// BAD: {0} is unused // BAD: {0} is unused
String.Format("{{sdc}}", 0); // $ Alert Sink String.Format("{{sdc}}", 0); // $ Alert
// GOOD: {0} is used // GOOD: {0} is used
String.Format("{{{0:D}}}", 0); String.Format("{{{0:D}}}", 0);
@@ -36,7 +36,7 @@ class C
String.Format("{0} {1} {2}", ps); String.Format("{0} {1} {2}", ps);
// BAD: Would display "{0}" // BAD: Would display "{0}"
String.Format("{{0}}", 1); // $ Alert Sink String.Format("{{0}}", 1); // $ Alert
// GOOD: Ignore the empty string as it's often used as the default value // GOOD: Ignore the empty string as it's often used as the default value
// of GetResource(). // of GetResource().
@@ -50,35 +50,35 @@ class C
var format11 = CompositeFormat.Parse("{1}{1}"); // $ Source=source6 var format11 = CompositeFormat.Parse("{1}{1}"); // $ Source=source6
// BAD: Unused arg {0} // BAD: Unused arg {0}
String.Format<string>(null, format, ""); // $ Alert=source4 Sink=source4 String.Format<string>(null, format, ""); // $ Alert=source4
// BAD: Unused arg {1} // BAD: Unused arg {1}
String.Format<string, string>(null, format00, "", ""); // $ Alert=source5 Sink=source5 String.Format<string, string>(null, format00, "", ""); // $ Alert=source5
// BAD: Unused arg {0} // BAD: Unused arg {0}
String.Format<string, string>(null, format11, "", ""); // $ Alert=source6 Sink=source6 String.Format<string, string>(null, format11, "", ""); // $ Alert=source6
// BAD: Unused arg {0} // BAD: Unused arg {0}
sb.AppendFormat(null, format, ""); // $ Alert=source4 Sink=source4 sb.AppendFormat(null, format, ""); // $ Alert=source4
sb.AppendFormat<string>(null, format, ""); // $ Alert=source4 Sink=source4 sb.AppendFormat<string>(null, format, ""); // $ Alert=source4
// BAD: Unused arg {1} // BAD: Unused arg {1}
sb.AppendFormat<string, string>(null, format00, "", ""); // $ Alert=source5 Sink=source5 sb.AppendFormat<string, string>(null, format00, "", ""); // $ Alert=source5
// BAD: Unused arg {0} // BAD: Unused arg {0}
sb.AppendFormat<string, string>(null, format11, "", ""); // $ Alert=source6 Sink=source6 sb.AppendFormat<string, string>(null, format11, "", ""); // $ Alert=source6
var span = new Span<char>(); var span = new Span<char>();
// BAD: Unused arg {0} // BAD: Unused arg {0}
span.TryWrite(null, format, out _, ""); // $ Alert=source4 Sink=source4 span.TryWrite(null, format, out _, ""); // $ Alert=source4
span.TryWrite<string>(null, format, out _, ""); // $ Alert=source4 Sink=source4 span.TryWrite<string>(null, format, out _, ""); // $ Alert=source4
// BAD: Unused arg {1} // BAD: Unused arg {1}
span.TryWrite<string, string>(null, format00, out _, "", ""); // $ Alert=source5 Sink=source5 span.TryWrite<string, string>(null, format00, out _, "", ""); // $ Alert=source5
// BAD: Unused arg {0} // BAD: Unused arg {0}
span.TryWrite<string, string>(null, format11, out _, "", ""); // $ Alert=source6 Sink=source6 span.TryWrite<string, string>(null, format11, out _, "", ""); // $ Alert=source6
} }
object[] ps; object[] ps;

6
csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatUnusedArgumentBad.cs
View File

@@ -4,8 +4,8 @@ class Bad2
{ {
void M(Exception ex) void M(Exception ex)
{ {
Console.WriteLine("Error processing file: {0}", ex, ex.HResult); // $ Alert Sink Console.WriteLine("Error processing file: {0}", ex, ex.HResult); // $ Alert
Console.WriteLine("Error processing file: {1} ({1})", ex, ex.HResult); // $ Alert Sink Console.WriteLine("Error processing file: {1} ({1})", ex, ex.HResult); // $ Alert
Console.WriteLine("Error processing file: %s (%d)", ex, ex.HResult); // $ Alert Sink Console.WriteLine("Error processing file: %s (%d)", ex, ex.HResult); // $ Alert
} }
} }