hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

change more queries to start with "This "

Browse Source
This commit is contained in:
erik-krogh
2022-09-30 13:29:18 +02:00
parent 77eeabe8e5
commit 7098e7b102
30 changed files with 86 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/campaigns/Solorigate/src/NumberOfKnownCommandsAboveThreshold.ql
View File

@@ -34,5 +34,5 @@ where
total = countSolorigateCommandInEnum(e) and
total > 10
select e,
"The enum may be related to Solorigate. It matches " + total +
"This enum may be related to Solorigate. It matches " + total +
" of the values used for commands in the enum."

2
csharp/ql/src/Security Features/CWE-078/CommandInjection.ql
View File

@@ -19,5 +19,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Command line depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This command line depends on a $@.", source.getNode(),
"user-provided value"

2
csharp/ql/src/Security Features/CWE-078/StoredCommandInjection.ql
View File

@@ -24,5 +24,5 @@ class StoredTaintTrackingConfiguration extends TaintTrackingConfiguration {
from StoredTaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Command line depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This command line depends on a $@.", source.getNode(),
"stored (potentially user-provided) value"

2
csharp/ql/src/Security Features/CWE-079/StoredXSS.ql
View File

@@ -31,5 +31,5 @@ where
if exists(sink.getNode().(Sink).explanation())
then explanation = " (" + sink.getNode().(Sink).explanation() + ")"
else explanation = ""
select sink.getNode(), source, sink, "HTML or JavaScript write" + explanation + " depends on a $@.",
select sink.getNode(), source, sink, "This HTML or JavaScript write" + explanation + " depends on a $@.",
source.getNode(), "stored (potentially user-provided) value"

2
csharp/ql/src/Security Features/CWE-090/LDAPInjection.ql
View File

@@ -17,5 +17,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "LDAP query depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This LDAP query depends on a $@.", source.getNode(),
"user-provided value"

2
csharp/ql/src/Security Features/CWE-099/ResourceInjection.ql
View File

@@ -17,5 +17,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Resource descriptor depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This resource descriptor depends on a $@.", source.getNode(),
"user-provided value"

2
csharp/ql/src/Security Features/CWE-112/MissingXMLValidation.ql
View File

@@ -18,5 +18,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink,
"XML processing depends on a $@ without validation because " + sink.getNode().(Sink).getReason(),
"This XML processing depends on a $@ without validation because " + sink.getNode().(Sink).getReason(),
source.getNode(), "user-provided value"

2
csharp/ql/src/Security Features/CWE-117/LogForging.ql
View File

@@ -17,5 +17,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Log entry depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This log entry depends on a $@.", source.getNode(),
"user-provided value"

2
csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql
View File

@@ -39,5 +39,5 @@ string getSourceType(DataFlow::Node node) {
from FormatStringConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Format string depends on $@.", source.getNode(),
select sink.getNode(), source, sink, "This format string depends on $@.", source.getNode(),
("this" + getSourceType(source.getNode()))

2
csharp/ql/src/Security Features/CWE-201/ExposureInTransmittedData.ql
View File

@@ -47,5 +47,5 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
from TaintTrackingConfiguration configuration, DataFlow::PathNode source, DataFlow::PathNode sink
where configuration.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Data transmitted to the user depends on $@.",
select sink.getNode(), source, sink, "This data transmitted to the user depends on $@.",
source.getNode(), "sensitive information"

2
csharp/ql/src/Security Features/CWE-209/ExceptionInformationExposure.ql
View File

@@ -64,5 +64,5 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Information exposed to the user depends on $@.",
select sink.getNode(), source, sink, "This information exposed to the user depends on $@.",
source.getNode(), "exception information"

2
csharp/ql/src/Security Features/CWE-321/HardcodedEncryptionKey.ql
View File

@@ -38,5 +38,5 @@ class StringLiteralSource extends KeySource {
from SymmetricKeyTaintTrackingConfiguration keyFlow, KeySource src, SymmetricEncryptionKeySink sink
where keyFlow.hasFlow(src, sink)
select sink, "Hard-coded $@ is used in symmetric algorithm in " + sink.getDescription(), src,
select sink, "This hard-coded $@ is used in symmetric algorithm in " + sink.getDescription(), src,
"symmetric key"

2
csharp/ql/src/Security Features/CWE-327/DontInstallRootCert.ql
View File

@@ -41,4 +41,4 @@ class AddCertToRootStoreConfig extends DataFlow::Configuration {
from DataFlow::PathNode oc, DataFlow::PathNode mc, AddCertToRootStoreConfig config
where config.hasFlowPath(oc, mc)
select mc.getNode(), oc, mc, "Certificate is added to the root certificate store."
select mc.getNode(), oc, mc, "This certificate is added to the root certificate store."

2
csharp/ql/src/Security Features/CWE-611/UntrustedDataInsecureXml.ql
View File

@@ -19,5 +19,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink,
"Insecure XML processing depends on a $@ (" + sink.getNode().(Sink).getReason() + ").",
"This insecure XML processing depends on a $@ (" + sink.getNode().(Sink).getReason() + ").",
source.getNode(), "user-provided value"

2
csharp/ql/src/Security Features/CWE-643/StoredXPathInjection.ql
View File

@@ -22,5 +22,5 @@ class StoredTaintTrackingConfiguration extends XPathInjection::TaintTrackingConf
from StoredTaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "XPath expression depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This XPath expression depends on a $@.", source.getNode(),
"stored (potentially user-provided) value"

2
csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
View File

@@ -17,5 +17,5 @@ import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
where c.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "XPath expression depends on a $@.", source.getNode(),
select sink.getNode(), source, sink, "This XPath expression depends on a $@.", source.getNode(),
"user-provided value"

18
csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.expected
View File

@@ -44,12 +44,12 @@ nodes
| CommandInjection.cs:35:27:35:40 | access to local variable startInfoProps | semmle.label | access to local variable startInfoProps |
subpaths
#select
| CommandInjection.cs:26:27:26:47 | ... + ... | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:26:27:26:47 | ... + ... | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:26:50:26:66 | ... + ... | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:26:50:26:66 | ... + ... | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:28:63:28:71 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:28:63:28:71 | access to local variable userInput | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:28:74:28:82 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:28:74:28:82 | access to local variable userInput | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:29:27:29:35 | access to local variable startInfo | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:29:27:29:35 | access to local variable startInfo | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:32:39:32:47 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:32:39:32:47 | access to local variable userInput | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:33:40:33:48 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:33:40:33:48 | access to local variable userInput | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:34:47:34:55 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:34:47:34:55 | access to local variable userInput | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:35:27:35:40 | access to local variable startInfoProps | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:35:27:35:40 | access to local variable startInfoProps | Command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:26:27:26:47 | ... + ... | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:26:27:26:47 | ... + ... | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:26:50:26:66 | ... + ... | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:26:50:26:66 | ... + ... | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:28:63:28:71 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:28:63:28:71 | access to local variable userInput | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:28:74:28:82 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:28:74:28:82 | access to local variable userInput | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:29:27:29:35 | access to local variable startInfo | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:29:27:29:35 | access to local variable startInfo | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:32:39:32:47 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:32:39:32:47 | access to local variable userInput | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:33:40:33:48 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:33:40:33:48 | access to local variable userInput | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:34:47:34:55 | access to local variable userInput | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:34:47:34:55 | access to local variable userInput | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |
| CommandInjection.cs:35:27:35:40 | access to local variable startInfoProps | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox : TextBox | CommandInjection.cs:35:27:35:40 | access to local variable startInfoProps | This command line depends on a $@. | CommandInjection.cs:25:32:25:46 | access to field categoryTextBox | user-provided value |

2
csharp/ql/test/query-tests/Security Features/CWE-078/StoredCommandInjection.expected
View File

@@ -5,4 +5,4 @@ nodes
| StoredCommandInjection.cs:22:54:22:80 | call to method GetString : String | semmle.label | call to method GetString : String |
subpaths
#select
| StoredCommandInjection.cs:22:46:22:80 | ... + ... | StoredCommandInjection.cs:22:54:22:80 | call to method GetString : String | StoredCommandInjection.cs:22:46:22:80 | ... + ... | Command line depends on a $@. | StoredCommandInjection.cs:22:54:22:80 | call to method GetString | stored (potentially user-provided) value |
| StoredCommandInjection.cs:22:46:22:80 | ... + ... | StoredCommandInjection.cs:22:54:22:80 | call to method GetString : String | StoredCommandInjection.cs:22:46:22:80 | ... + ... | This command line depends on a $@. | StoredCommandInjection.cs:22:54:22:80 | call to method GetString | stored (potentially user-provided) value |

2
csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.expected
View File

@@ -5,4 +5,4 @@ nodes
| StoredXSS.cs:24:60:24:86 | call to method GetString : String | semmle.label | call to method GetString : String |
subpaths
#select
| StoredXSS.cs:24:44:24:86 | ... + ... | StoredXSS.cs:24:60:24:86 | call to method GetString : String | StoredXSS.cs:24:44:24:86 | ... + ... | HTML or JavaScript write depends on a $@. | StoredXSS.cs:24:60:24:86 | call to method GetString | stored (potentially user-provided) value |
| StoredXSS.cs:24:44:24:86 | ... + ... | StoredXSS.cs:24:60:24:86 | call to method GetString : String | StoredXSS.cs:24:44:24:86 | ... + ... | This HTML or JavaScript write depends on a $@. | StoredXSS.cs:24:60:24:86 | call to method GetString | stored (potentially user-provided) value |

12
csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.expected
View File

@@ -23,9 +23,9 @@ nodes
| LDAPInjection.cs:29:20:29:42 | ... + ... | semmle.label | ... + ... |
subpaths
#select
| LDAPInjection.cs:14:54:14:78 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:14:54:14:78 | ... + ... | LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:16:21:16:45 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:16:21:16:45 | ... + ... | LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:23:21:23:45 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:23:21:23:45 | ... + ... | LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:24:53:24:77 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:24:53:24:77 | ... + ... | LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:27:48:27:70 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:27:48:27:70 | ... + ... | LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:29:20:29:42 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:29:20:29:42 | ... + ... | LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:14:54:14:78 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:14:54:14:78 | ... + ... | This LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:16:21:16:45 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:16:21:16:45 | ... + ... | This LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:23:21:23:45 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:23:21:23:45 | ... + ... | This LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:24:53:24:77 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:24:53:24:77 | ... + ... | This LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:27:48:27:70 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:27:48:27:70 | ... + ... | This LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| LDAPInjection.cs:29:20:29:42 | ... + ... | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:29:20:29:42 | ... + ... | This LDAP query depends on a $@. | LDAPInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |

4
csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.expected
View File

@@ -11,5 +11,5 @@ nodes
| ResourceInjection.cs:13:42:13:57 | access to local variable connectionString | semmle.label | access to local variable connectionString |
subpaths
#select
| ResourceInjection.cs:11:57:11:72 | access to local variable connectionString | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:11:57:11:72 | access to local variable connectionString | Resource descriptor depends on a $@. | ResourceInjection.cs:8:27:8:49 | access to property QueryString | user-provided value |
| ResourceInjection.cs:13:42:13:57 | access to local variable connectionString | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:13:42:13:57 | access to local variable connectionString | Resource descriptor depends on a $@. | ResourceInjection.cs:8:27:8:49 | access to property QueryString | user-provided value |
| ResourceInjection.cs:11:57:11:72 | access to local variable connectionString | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:11:57:11:72 | access to local variable connectionString | This resource descriptor depends on a $@. | ResourceInjection.cs:8:27:8:49 | access to property QueryString | user-provided value |
| ResourceInjection.cs:13:42:13:57 | access to local variable connectionString | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:13:42:13:57 | access to local variable connectionString | This resource descriptor depends on a $@. | ResourceInjection.cs:8:27:8:49 | access to property QueryString | user-provided value |

10
csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.expected
View File

@@ -30,8 +30,8 @@ nodes
| MissingXMLValidation.cs:45:43:45:57 | access to local variable userProvidedXml : String | semmle.label | access to local variable userProvidedXml : String |
subpaths
#select
| MissingXMLValidation.cs:16:26:16:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:16:26:16:58 | object creation of type StringReader | XML processing depends on a $@ without validation because there is no 'XmlReaderSettings' instance specifying schema validation. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:21:26:21:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:21:26:21:58 | object creation of type StringReader | XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance does not specify the 'ValidationType' as 'Schema'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:27:26:27:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:27:26:27:58 | object creation of type StringReader | XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance does not specify the 'ValidationType' as 'Schema'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance specifies 'ProcessInlineSchema'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance specifies 'ProcessSchemaLocation'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:16:26:16:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:16:26:16:58 | object creation of type StringReader | This XML processing depends on a $@ without validation because there is no 'XmlReaderSettings' instance specifying schema validation. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:21:26:21:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:21:26:21:58 | object creation of type StringReader | This XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance does not specify the 'ValidationType' as 'Schema'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:27:26:27:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:27:26:27:58 | object creation of type StringReader | This XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance does not specify the 'ValidationType' as 'Schema'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | This XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance specifies 'ProcessInlineSchema'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |
| MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader | This XML processing depends on a $@ without validation because the 'XmlReaderSettings' instance specifies 'ProcessSchemaLocation'. | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString | user-provided value |

6
csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected
View File

@@ -14,6 +14,6 @@ nodes
| LogForgingAsp.cs:12:21:12:43 | ... + ... | semmle.label | ... + ... |
subpaths
#select
| LogForging.cs:20:21:20:43 | ... + ... | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:20:21:20:43 | ... + ... | Log entry depends on a $@. | LogForging.cs:17:27:17:49 | access to property QueryString | user-provided value |
| LogForging.cs:26:50:26:72 | ... + ... | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:26:50:26:72 | ... + ... | Log entry depends on a $@. | LogForging.cs:17:27:17:49 | access to property QueryString | user-provided value |
| LogForgingAsp.cs:12:21:12:43 | ... + ... | LogForgingAsp.cs:8:32:8:39 | username : String | LogForgingAsp.cs:12:21:12:43 | ... + ... | Log entry depends on a $@. | LogForgingAsp.cs:8:32:8:39 | username | user-provided value |
| LogForging.cs:20:21:20:43 | ... + ... | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:20:21:20:43 | ... + ... | This log entry depends on a $@. | LogForging.cs:17:27:17:49 | access to property QueryString | user-provided value |
| LogForging.cs:26:50:26:72 | ... + ... | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:26:50:26:72 | ... + ... | This log entry depends on a $@. | LogForging.cs:17:27:17:49 | access to property QueryString | user-provided value |
| LogForgingAsp.cs:12:21:12:43 | ... + ... | LogForgingAsp.cs:8:32:8:39 | username : String | LogForgingAsp.cs:12:21:12:43 | ... + ... | This log entry depends on a $@. | LogForgingAsp.cs:8:32:8:39 | username | user-provided value |

10
csharp/ql/test/query-tests/Security Features/CWE-134/UncontrolledFormatString.expected
View File

@@ -21,8 +21,8 @@ nodes
| UncontrolledFormatStringBad.cs:12:39:12:44 | access to local variable format | semmle.label | access to local variable format |
subpaths
#select
| ConsoleUncontrolledFormatString.cs:11:31:11:36 | access to local variable format | ConsoleUncontrolledFormatString.cs:8:22:8:39 | call to method ReadLine : String | ConsoleUncontrolledFormatString.cs:11:31:11:36 | access to local variable format | Format string depends on $@. | ConsoleUncontrolledFormatString.cs:8:22:8:39 | call to method ReadLine | thisexternal |
| UncontrolledFormatString.cs:12:23:12:26 | access to local variable path | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString : NameValueCollection | UncontrolledFormatString.cs:12:23:12:26 | access to local variable path | Format string depends on $@. | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString | thisASP.NET query string |
| UncontrolledFormatString.cs:15:46:15:49 | access to local variable path | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString : NameValueCollection | UncontrolledFormatString.cs:15:46:15:49 | access to local variable path | Format string depends on $@. | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString | thisASP.NET query string |
| UncontrolledFormatString.cs:32:23:32:31 | access to property Text | UncontrolledFormatString.cs:32:23:32:31 | access to property Text | UncontrolledFormatString.cs:32:23:32:31 | access to property Text | Format string depends on $@. | UncontrolledFormatString.cs:32:23:32:31 | access to property Text | thisTextBox text |
| UncontrolledFormatStringBad.cs:12:39:12:44 | access to local variable format | UncontrolledFormatStringBad.cs:9:25:9:47 | access to property QueryString : NameValueCollection | UncontrolledFormatStringBad.cs:12:39:12:44 | access to local variable format | Format string depends on $@. | UncontrolledFormatStringBad.cs:9:25:9:47 | access to property QueryString | thisASP.NET query string |
| ConsoleUncontrolledFormatString.cs:11:31:11:36 | access to local variable format | ConsoleUncontrolledFormatString.cs:8:22:8:39 | call to method ReadLine : String | ConsoleUncontrolledFormatString.cs:11:31:11:36 | access to local variable format | This format string depends on $@. | ConsoleUncontrolledFormatString.cs:8:22:8:39 | call to method ReadLine | thisexternal |
| UncontrolledFormatString.cs:12:23:12:26 | access to local variable path | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString : NameValueCollection | UncontrolledFormatString.cs:12:23:12:26 | access to local variable path | This format string depends on $@. | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString | thisASP.NET query string |
| UncontrolledFormatString.cs:15:46:15:49 | access to local variable path | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString : NameValueCollection | UncontrolledFormatString.cs:15:46:15:49 | access to local variable path | This format string depends on $@. | UncontrolledFormatString.cs:9:23:9:45 | access to property QueryString | thisASP.NET query string |
| UncontrolledFormatString.cs:32:23:32:31 | access to property Text | UncontrolledFormatString.cs:32:23:32:31 | access to property Text | UncontrolledFormatString.cs:32:23:32:31 | access to property Text | This format string depends on $@. | UncontrolledFormatString.cs:32:23:32:31 | access to property Text | thisTextBox text |
| UncontrolledFormatStringBad.cs:12:39:12:44 | access to local variable format | UncontrolledFormatStringBad.cs:9:25:9:47 | access to property QueryString : NameValueCollection | UncontrolledFormatStringBad.cs:12:39:12:44 | access to local variable format | This format string depends on $@. | UncontrolledFormatStringBad.cs:9:25:9:47 | access to property QueryString | thisASP.NET query string |

18
csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.expected
View File

@@ -18,12 +18,12 @@ nodes
| ExposureInTransmittedData.cs:33:27:33:27 | access to local variable p | semmle.label | access to local variable p |
subpaths
#select
| ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | sensitive information |
| ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | sensitive information |
| ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | sensitive information |
| ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | sensitive information |
| ExposureInTransmittedData.cs:24:32:24:50 | access to indexer | ExposureInTransmittedData.cs:24:32:24:38 | access to property Data : IDictionary | ExposureInTransmittedData.cs:24:32:24:50 | access to indexer | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:24:32:24:38 | access to property Data | sensitive information |
| ExposureInTransmittedData.cs:31:53:31:53 | access to local variable p | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:31:53:31:53 | access to local variable p | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:31:56:31:56 | access to local variable p | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:31:56:31:56 | access to local variable p | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:32:24:32:52 | ... + ... | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:32:24:32:52 | ... + ... | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:33:27:33:27 | access to local variable p | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:33:27:33:27 | access to local variable p | Data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:14:32:14:39 | access to local variable password | sensitive information |
| ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:18:32:18:44 | call to method ToString | sensitive information |
| ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:22:32:22:41 | access to property Message | sensitive information |
| ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:23:32:23:44 | call to method ToString | sensitive information |
| ExposureInTransmittedData.cs:24:32:24:50 | access to indexer | ExposureInTransmittedData.cs:24:32:24:38 | access to property Data : IDictionary | ExposureInTransmittedData.cs:24:32:24:50 | access to indexer | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:24:32:24:38 | access to property Data | sensitive information |
| ExposureInTransmittedData.cs:31:53:31:53 | access to local variable p | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:31:53:31:53 | access to local variable p | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:31:56:31:56 | access to local variable p | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:31:56:31:56 | access to local variable p | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:32:24:32:52 | ... + ... | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:32:24:32:52 | ... + ... | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |
| ExposureInTransmittedData.cs:33:27:33:27 | access to local variable p | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField : String | ExposureInTransmittedData.cs:33:27:33:27 | access to local variable p | This data transmitted to the user depends on $@. | ExposureInTransmittedData.cs:30:17:30:36 | call to method GetField | sensitive information |

14
csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.expected
View File

@@ -21,10 +21,10 @@ nodes
| ExceptionInformationExposure.cs:47:28:47:55 | call to method ToString | semmle.label | call to method ToString |
subpaths
#select
| ExceptionInformationExposure.cs:19:32:19:44 | call to method ToString | ExceptionInformationExposure.cs:19:32:19:33 | access to local variable ex : Exception | ExceptionInformationExposure.cs:19:32:19:44 | call to method ToString | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:19:32:19:33 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:23:32:23:44 | access to property StackTrace | ExceptionInformationExposure.cs:23:32:23:33 | access to local variable ex : Exception | ExceptionInformationExposure.cs:23:32:23:44 | access to property StackTrace | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:23:32:23:33 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:39:28:39:55 | access to property StackTrace | ExceptionInformationExposure.cs:39:28:39:44 | access to property InnerException : Exception | ExceptionInformationExposure.cs:39:28:39:55 | access to property StackTrace | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:39:28:39:44 | access to property InnerException | exception information |
| ExceptionInformationExposure.cs:40:28:40:40 | access to property StackTrace | ExceptionInformationExposure.cs:40:28:40:29 | access to local variable ex : Exception | ExceptionInformationExposure.cs:40:28:40:40 | access to property StackTrace | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:40:28:40:29 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:41:28:41:40 | call to method ToString | ExceptionInformationExposure.cs:41:28:41:29 | access to local variable ex : Exception | ExceptionInformationExposure.cs:41:28:41:40 | call to method ToString | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:41:28:41:29 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:47:28:47:55 | call to method ToString | ExceptionInformationExposure.cs:47:28:47:44 | object creation of type MyException : MyException | ExceptionInformationExposure.cs:47:28:47:55 | call to method ToString | Information exposed to the user depends on $@. | ExceptionInformationExposure.cs:47:28:47:44 | object creation of type MyException | exception information |
| ExceptionInformationExposure.cs:19:32:19:44 | call to method ToString | ExceptionInformationExposure.cs:19:32:19:33 | access to local variable ex : Exception | ExceptionInformationExposure.cs:19:32:19:44 | call to method ToString | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:19:32:19:33 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:21:32:21:33 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:23:32:23:44 | access to property StackTrace | ExceptionInformationExposure.cs:23:32:23:33 | access to local variable ex : Exception | ExceptionInformationExposure.cs:23:32:23:44 | access to property StackTrace | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:23:32:23:33 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:39:28:39:55 | access to property StackTrace | ExceptionInformationExposure.cs:39:28:39:44 | access to property InnerException : Exception | ExceptionInformationExposure.cs:39:28:39:55 | access to property StackTrace | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:39:28:39:44 | access to property InnerException | exception information |
| ExceptionInformationExposure.cs:40:28:40:40 | access to property StackTrace | ExceptionInformationExposure.cs:40:28:40:29 | access to local variable ex : Exception | ExceptionInformationExposure.cs:40:28:40:40 | access to property StackTrace | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:40:28:40:29 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:41:28:41:40 | call to method ToString | ExceptionInformationExposure.cs:41:28:41:29 | access to local variable ex : Exception | ExceptionInformationExposure.cs:41:28:41:40 | call to method ToString | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:41:28:41:29 | access to local variable ex | exception information |
| ExceptionInformationExposure.cs:47:28:47:55 | call to method ToString | ExceptionInformationExposure.cs:47:28:47:44 | object creation of type MyException : MyException | ExceptionInformationExposure.cs:47:28:47:55 | call to method ToString | This information exposed to the user depends on $@. | ExceptionInformationExposure.cs:47:28:47:44 | object creation of type MyException | exception information |

6
csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.expected
View File

@@ -11,6 +11,6 @@ nodes
| Test.cs:73:13:73:17 | access to local variable store | semmle.label | access to local variable store |
subpaths
#select
| Test.cs:18:13:18:17 | access to local variable store | Test.cs:15:31:15:59 | object creation of type X509Store : X509Store | Test.cs:18:13:18:17 | access to local variable store | Certificate is added to the root certificate store. |
| Test.cs:28:13:28:17 | access to local variable store | Test.cs:25:31:25:86 | object creation of type X509Store : X509Store | Test.cs:28:13:28:17 | access to local variable store | Certificate is added to the root certificate store. |
| Test.cs:73:13:73:17 | access to local variable store | Test.cs:70:31:70:86 | object creation of type X509Store : X509Store | Test.cs:73:13:73:17 | access to local variable store | Certificate is added to the root certificate store. |
| Test.cs:18:13:18:17 | access to local variable store | Test.cs:15:31:15:59 | object creation of type X509Store : X509Store | Test.cs:18:13:18:17 | access to local variable store | This certificate is added to the root certificate store. |
| Test.cs:28:13:28:17 | access to local variable store | Test.cs:25:31:25:86 | object creation of type X509Store : X509Store | Test.cs:28:13:28:17 | access to local variable store | This certificate is added to the root certificate store. |
| Test.cs:73:13:73:17 | access to local variable store | Test.cs:70:31:70:86 | object creation of type X509Store : X509Store | Test.cs:73:13:73:17 | access to local variable store | This certificate is added to the root certificate store. |

2
csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.expected
View File

@@ -5,4 +5,4 @@ nodes
| Test.cs:11:50:11:84 | access to indexer | semmle.label | access to indexer |
subpaths
#select
| Test.cs:11:50:11:84 | access to indexer | Test.cs:11:50:11:72 | access to property QueryString : NameValueCollection | Test.cs:11:50:11:84 | access to indexer | Insecure XML processing depends on a $@ (DTD processing is enabled with an insecure resolver). | Test.cs:11:50:11:72 | access to property QueryString | user-provided value |
| Test.cs:11:50:11:84 | access to indexer | Test.cs:11:50:11:72 | access to property QueryString : NameValueCollection | Test.cs:11:50:11:84 | access to indexer | This insecure XML processing depends on a $@ (DTD processing is enabled with an insecure resolver). | Test.cs:11:50:11:72 | access to property QueryString | user-provided value |

8
csharp/ql/test/query-tests/Security Features/CWE-643/StoredXPathInjection.expected
View File

@@ -10,7 +10,7 @@ nodes
| StoredXPathInjection.cs:28:41:28:144 | ... + ... | semmle.label | ... + ... |
subpaths
#select
| StoredXPathInjection.cs:25:45:25:148 | ... + ... | StoredXPathInjection.cs:22:39:22:65 | call to method GetString : String | StoredXPathInjection.cs:25:45:25:148 | ... + ... | XPath expression depends on a $@. | StoredXPathInjection.cs:22:39:22:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:25:45:25:148 | ... + ... | StoredXPathInjection.cs:23:39:23:65 | call to method GetString : String | StoredXPathInjection.cs:25:45:25:148 | ... + ... | XPath expression depends on a $@. | StoredXPathInjection.cs:23:39:23:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:28:41:28:144 | ... + ... | StoredXPathInjection.cs:22:39:22:65 | call to method GetString : String | StoredXPathInjection.cs:28:41:28:144 | ... + ... | XPath expression depends on a $@. | StoredXPathInjection.cs:22:39:22:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:28:41:28:144 | ... + ... | StoredXPathInjection.cs:23:39:23:65 | call to method GetString : String | StoredXPathInjection.cs:28:41:28:144 | ... + ... | XPath expression depends on a $@. | StoredXPathInjection.cs:23:39:23:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:25:45:25:148 | ... + ... | StoredXPathInjection.cs:22:39:22:65 | call to method GetString : String | StoredXPathInjection.cs:25:45:25:148 | ... + ... | This XPath expression depends on a $@. | StoredXPathInjection.cs:22:39:22:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:25:45:25:148 | ... + ... | StoredXPathInjection.cs:23:39:23:65 | call to method GetString : String | StoredXPathInjection.cs:25:45:25:148 | ... + ... | This XPath expression depends on a $@. | StoredXPathInjection.cs:23:39:23:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:28:41:28:144 | ... + ... | StoredXPathInjection.cs:22:39:22:65 | call to method GetString : String | StoredXPathInjection.cs:28:41:28:144 | ... + ... | This XPath expression depends on a $@. | StoredXPathInjection.cs:22:39:22:65 | call to method GetString | stored (potentially user-provided) value |
| StoredXPathInjection.cs:28:41:28:144 | ... + ... | StoredXPathInjection.cs:23:39:23:65 | call to method GetString : String | StoredXPathInjection.cs:28:41:28:144 | ... + ... | This XPath expression depends on a $@. | StoredXPathInjection.cs:23:39:23:65 | call to method GetString | stored (potentially user-provided) value |

28
csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.expected
View File

@@ -43,17 +43,17 @@ nodes
| XPathInjection.cs:52:21:52:21 | access to local variable s | semmle.label | access to local variable s |
subpaths
#select
| XPathInjection.cs:16:33:16:33 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:16:33:16:33 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:16:33:16:33 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:16:33:16:33 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:19:29:19:29 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:19:29:19:29 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:19:29:19:29 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:19:29:19:29 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:28:20:28:20 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:28:20:28:20 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:28:20:28:20 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:28:20:28:20 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:34:30:34:30 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:34:30:34:30 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:34:30:34:30 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:34:30:34:30 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:40:21:40:21 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:40:21:40:21 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:40:21:40:21 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:40:21:40:21 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:46:22:46:22 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:46:22:46:22 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:46:22:46:22 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:46:22:46:22 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:52:21:52:21 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:52:21:52:21 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:52:21:52:21 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:52:21:52:21 | access to local variable s | XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:16:33:16:33 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:16:33:16:33 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:16:33:16:33 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:16:33:16:33 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:19:29:19:29 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:19:29:19:29 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:19:29:19:29 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:19:29:19:29 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:28:20:28:20 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:28:20:28:20 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:28:20:28:20 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:28:20:28:20 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:34:30:34:30 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:34:30:34:30 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:34:30:34:30 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:34:30:34:30 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:40:21:40:21 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:40:21:40:21 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:40:21:40:21 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:40:21:40:21 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:46:22:46:22 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:46:22:46:22 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:46:22:46:22 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:46:22:46:22 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:52:21:52:21 | access to local variable s | XPathInjection.cs:10:27:10:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:52:21:52:21 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:10:27:10:49 | access to property QueryString | user-provided value |
| XPathInjection.cs:52:21:52:21 | access to local variable s | XPathInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | XPathInjection.cs:52:21:52:21 | access to local variable s | This XPath expression depends on a $@. | XPathInjection.cs:11:27:11:49 | access to property QueryString | user-provided value |