C#: Add example of missing sink generation.

2026-05-04 13:15:21 +02:00 · 2024-08-13 16:59:43 +02:00
parent a782952969
commit 6f79480b40
2 changed files with 16 additions and 0 deletions
--- a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.ext.yml
+++ b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.ext.yml
@@ -6,6 +6,13 @@ extensions:
      - [ "Sinks", "NewSinks", False, "Sink", "(System.Object)", "", "Argument[0]", "test-sink", "manual"]
      - [ "Sinks", "NewSinks", False, "Sink2", "(System.Object)", "", "Argument[0]", "test-sink2", "manual"]
      - [ "Sinks", "NewSinks", False, "ManualSinkAlreadyDefined", "(System.Object)", "", "Argument[0]", "test-sink", "manual"]
+      - [ "Sinks", "NewSinks", False, "SaveAndGet", "(System.Object)", "", "Argument[0]", "test-sink", "df-generated"]
+
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: sourceModel
+    data:
+      - [ "Sinks", "NewSinks", False, "SaveAndGet", "(System.Object)", "", "ReturnValue", "test-source", "manual"]

  - addsTo:
      pack: codeql/csharp-all
--- a/csharp/ql/test/utils/modelgenerator/dataflow/Sinks.cs
+++ b/csharp/ql/test/utils/modelgenerator/dataflow/Sinks.cs
@@ -24,6 +24,15 @@ public class NewSinks
    // neutral=Sinks;NewSinks;NoSink;(System.Object);summary;df-generated
    public static void NoSink(object o) => throw null;

+    // Sink and Source defined in the extensible file next to the sink test.
+    // MISSING SINK
+    // neutral=Sinks;NewSinks;SaveAndGet;(System.Object);summary;df-generated
+    public static object SaveAndGet(object o)
+    {
+        Sink(o);
+        return null;
+    }
+
    // New sink
    // sink=Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html-injection;df-generated
    // neutral=Sinks;NewSinks;WrapResponseWrite;(System.Object);summary;df-generated