C#: add store step for return statements inside async methods

2026-05-02 20:25:13 +02:00 · 2021-03-16 15:18:00 +01:00
parent c684b74b3d
commit 732ef92830
3 changed files with 75 additions and 5 deletions
--- a/csharp/ql/test/library-tests/dataflow/async/Async.cs
+++ b/csharp/ql/test/library-tests/dataflow/async/Async.cs
@@ -8,7 +8,7 @@ class Test

    public void TestNonAwait(string input)
    {
-        Sink(Return(input)); // True positive
+        Sink(Return(input));
    }

    private string Return(string x)
@@ -18,18 +18,18 @@ class Test

    public async Task TestAwait1(string input)
    {
-        Sink(await ReturnAwait(input)); // False negative
+        Sink(await ReturnAwait(input));
    }

    public async Task TestAwait2(string input)
    {
        var x = await ReturnAwait(input);
-        Sink(x); // False negative
+        Sink(x);
    }

    public void TestAwait3(string input)
    {
-        Sink(ReturnAwait(input).Result); // False negative
+        Sink(ReturnAwait(input).Result);
    }

    private async Task<string> ReturnAwait(string x)
@@ -40,7 +40,7 @@ class Test

    public void TestTask(string input)
    {
-        Sink(ReturnTask(input).Result); // True positive
+        Sink(ReturnTask(input).Result);
    }

    private Task<string> ReturnTask(string x)
--- a/csharp/ql/test/library-tests/dataflow/async/Async.expected
+++ b/csharp/ql/test/library-tests/dataflow/async/Async.expected
@@ -3,6 +3,20 @@ edges
 | Async.cs:11:21:11:25 | access to parameter input : String | Async.cs:11:14:11:26 | call to method Return |
 | Async.cs:14:34:14:34 | x : String | Async.cs:16:16:16:16 | access to parameter x : String |
 | Async.cs:16:16:16:16 | access to parameter x : String | Async.cs:11:14:11:26 | call to method Return |
+| Async.cs:19:41:19:45 | input : String | Async.cs:21:32:21:36 | access to parameter input : String |
+| Async.cs:21:20:21:37 | call to method ReturnAwait [Result] : String | Async.cs:21:14:21:37 | await ... |
+| Async.cs:21:32:21:36 | access to parameter input : String | Async.cs:21:20:21:37 | call to method ReturnAwait [Result] : String |
+| Async.cs:24:41:24:45 | input : String | Async.cs:26:35:26:39 | access to parameter input : String |
+| Async.cs:26:17:26:40 | await ... : String | Async.cs:27:14:27:14 | access to local variable x |
+| Async.cs:26:23:26:40 | call to method ReturnAwait [Result] : String | Async.cs:26:17:26:40 | await ... : String |
+| Async.cs:26:35:26:39 | access to parameter input : String | Async.cs:26:23:26:40 | call to method ReturnAwait [Result] : String |
+| Async.cs:30:35:30:39 | input : String | Async.cs:32:26:32:30 | access to parameter input : String |
+| Async.cs:32:14:32:31 | call to method ReturnAwait [Result] : String | Async.cs:32:14:32:38 | access to property Result |
+| Async.cs:32:26:32:30 | access to parameter input : String | Async.cs:32:14:32:31 | call to method ReturnAwait [Result] : String |
+| Async.cs:35:51:35:51 | x : String | Async.cs:38:16:38:16 | access to parameter x : String |
+| Async.cs:38:16:38:16 | access to parameter x : String | Async.cs:21:20:21:37 | call to method ReturnAwait [Result] : String |
+| Async.cs:38:16:38:16 | access to parameter x : String | Async.cs:26:23:26:40 | call to method ReturnAwait [Result] : String |
+| Async.cs:38:16:38:16 | access to parameter x : String | Async.cs:32:14:32:31 | call to method ReturnAwait [Result] : String |
 | Async.cs:41:33:41:37 | input : String | Async.cs:43:25:43:29 | access to parameter input : String |
 | Async.cs:43:14:43:30 | call to method ReturnTask [Result] : String | Async.cs:43:14:43:37 | access to property Result |
 | Async.cs:43:25:43:29 | access to parameter input : String | Async.cs:43:14:43:30 | call to method ReturnTask [Result] : String |
@@ -15,6 +29,21 @@ nodes
 | Async.cs:11:21:11:25 | access to parameter input : String | semmle.label | access to parameter input : String |
 | Async.cs:14:34:14:34 | x : String | semmle.label | x : String |
 | Async.cs:16:16:16:16 | access to parameter x : String | semmle.label | access to parameter x : String |
+| Async.cs:19:41:19:45 | input : String | semmle.label | input : String |
+| Async.cs:21:14:21:37 | await ... | semmle.label | await ... |
+| Async.cs:21:20:21:37 | call to method ReturnAwait [Result] : String | semmle.label | call to method ReturnAwait [Result] : String |
+| Async.cs:21:32:21:36 | access to parameter input : String | semmle.label | access to parameter input : String |
+| Async.cs:24:41:24:45 | input : String | semmle.label | input : String |
+| Async.cs:26:17:26:40 | await ... : String | semmle.label | await ... : String |
+| Async.cs:26:23:26:40 | call to method ReturnAwait [Result] : String | semmle.label | call to method ReturnAwait [Result] : String |
+| Async.cs:26:35:26:39 | access to parameter input : String | semmle.label | access to parameter input : String |
+| Async.cs:27:14:27:14 | access to local variable x | semmle.label | access to local variable x |
+| Async.cs:30:35:30:39 | input : String | semmle.label | input : String |
+| Async.cs:32:14:32:31 | call to method ReturnAwait [Result] : String | semmle.label | call to method ReturnAwait [Result] : String |
+| Async.cs:32:14:32:38 | access to property Result | semmle.label | access to property Result |
+| Async.cs:32:26:32:30 | access to parameter input : String | semmle.label | access to parameter input : String |
+| Async.cs:35:51:35:51 | x : String | semmle.label | x : String |
+| Async.cs:38:16:38:16 | access to parameter x : String | semmle.label | access to parameter x : String |
 | Async.cs:41:33:41:37 | input : String | semmle.label | input : String |
 | Async.cs:43:14:43:30 | call to method ReturnTask [Result] : String | semmle.label | call to method ReturnTask [Result] : String |
 | Async.cs:43:14:43:37 | access to property Result | semmle.label | access to property Result |
@@ -25,5 +54,11 @@ nodes
 #select
 | Async.cs:11:14:11:26 | call to method Return | Async.cs:9:37:9:41 | input : String | Async.cs:11:14:11:26 | call to method Return | $@ flows to here and is used. | Async.cs:9:37:9:41 | input | User-provided value |
 | Async.cs:11:14:11:26 | call to method Return | Async.cs:14:34:14:34 | x : String | Async.cs:11:14:11:26 | call to method Return | $@ flows to here and is used. | Async.cs:14:34:14:34 | x | User-provided value |
+| Async.cs:21:14:21:37 | await ... | Async.cs:19:41:19:45 | input : String | Async.cs:21:14:21:37 | await ... | $@ flows to here and is used. | Async.cs:19:41:19:45 | input | User-provided value |
+| Async.cs:21:14:21:37 | await ... | Async.cs:35:51:35:51 | x : String | Async.cs:21:14:21:37 | await ... | $@ flows to here and is used. | Async.cs:35:51:35:51 | x | User-provided value |
+| Async.cs:27:14:27:14 | access to local variable x | Async.cs:24:41:24:45 | input : String | Async.cs:27:14:27:14 | access to local variable x | $@ flows to here and is used. | Async.cs:24:41:24:45 | input | User-provided value |
+| Async.cs:27:14:27:14 | access to local variable x | Async.cs:35:51:35:51 | x : String | Async.cs:27:14:27:14 | access to local variable x | $@ flows to here and is used. | Async.cs:35:51:35:51 | x | User-provided value |
+| Async.cs:32:14:32:38 | access to property Result | Async.cs:30:35:30:39 | input : String | Async.cs:32:14:32:38 | access to property Result | $@ flows to here and is used. | Async.cs:30:35:30:39 | input | User-provided value |
+| Async.cs:32:14:32:38 | access to property Result | Async.cs:35:51:35:51 | x : String | Async.cs:32:14:32:38 | access to property Result | $@ flows to here and is used. | Async.cs:35:51:35:51 | x | User-provided value |
 | Async.cs:43:14:43:37 | access to property Result | Async.cs:41:33:41:37 | input : String | Async.cs:43:14:43:37 | access to property Result | $@ flows to here and is used. | Async.cs:41:33:41:37 | input | User-provided value |
 | Async.cs:43:14:43:37 | access to property Result | Async.cs:46:44:46:44 | x : String | Async.cs:43:14:43:37 | access to property Result | $@ flows to here and is used. | Async.cs:46:44:46:44 | x | User-provided value |