C#: Always use fully qualified names in CSV data-flow summaries

csharp/ql/src/semmle/code/csharp/dataflow/ExternalFlow.qll

@@ -336,7 +336,22 @@ private UnboundValueOrRefType interpretType(string namespace, string type, boole
   )
 }
 
-private string paramsStringPartA(Callable c, int i) {
+private Member interpretMember(
+  string namespace, string type, boolean subtypes, string name, string signature
+) {
+  elementSpec(namespace, type, subtypes, name, signature, _) and
+  exists(UnboundValueOrRefType t |
+    t = interpretType(namespace, type, subtypes) and
+    result.getDeclaringType() = t and
+    result.hasName(name)
+  )
+}
+
+private class InterpretedCallable extends Callable {
+  InterpretedCallable() { this = interpretMember(_, _, _, _, _) }
+}
+
+private string paramsStringPartA(InterpretedCallable c, int i) {
   i = -1 and result = "("
   or
   exists(int n |
@@ -349,23 +364,19 @@ private string paramsStringPartA(Callable c, int i) {
   i = 2 * c.getNumberOfParameters() and result = ")"
 }
 
-private string paramsStringPartB(Callable c, int i, boolean fullyQualified) {
+private string paramsStringPartB(InterpretedCallable c, int i) {
   exists(int n, string p, Type t |
     t = c.getParameter(n).getType() and
     i = 2 * n and
-    result = p
-  |
-    fullyQualified = true and p = t.getQualifiedName()
-    or
-    fullyQualified = false and p = t.toStringWithTypes()
+    result = p and
+    p = t.getQualifiedName()
   )
 }
 
-private string paramsString(Callable c, boolean fullyQualified) {
-  fullyQualified in [false, true] and
+private string paramsString(InterpretedCallable c) {
   result =
     strictconcat(int i, string s |
-      s in [paramsStringPartA(c, i), paramsStringPartB(c, i, fullyQualified)]
+      s in [paramsStringPartA(c, i), paramsStringPartB(c, i)]
     |
       s order by i
     )
@@ -383,7 +394,7 @@ private Element interpretElement0(
     |
       signature = ""
       or
-      paramsString(m, _) = signature
+      paramsString(m) = signature
     )
     or
     result = t and

csharp/ql/test/library-tests/dataflow/external-models/sinks.ql

@@ -9,7 +9,7 @@ class SinkModelTest extends SinkModelCsv {
     row =
       [
         //"namespace;type;overrides;name;signature;ext;spec;kind",
-        "My.Qltest;B;false;Sink1;(object);;Argument[0];qltest",
+        "My.Qltest;B;false;Sink1;(System.Object);;Argument[0];qltest",
         "My.Qltest;B;false;SinkMethod;();;ReturnValue;qltest",
         "My.Qltest;SinkAttribute;false;;;Attribute;ReturnValue;qltest-retval",
         "My.Qltest;SinkAttribute;false;;;Attribute;Argument;qltest-arg",

csharp/ql/test/library-tests/dataflow/external-models/srcs.expected

@@ -4,7 +4,6 @@ invalidModelRow
 | Sources.cs:8:17:8:22 | call to method Src1 | qltest-all-overloads |
 | Sources.cs:9:17:9:24 | call to method Src1 | qltest |
 | Sources.cs:9:17:9:24 | call to method Src1 | qltest-all-overloads |
-| Sources.cs:9:17:9:24 | call to method Src1 | qltest-alt |
 | Sources.cs:12:17:12:26 | call to method Src2 | qltest |
 | Sources.cs:12:17:12:26 | call to method Src2 | qltest-w-subtypes |
 | Sources.cs:13:17:13:26 | call to method Src3 | qltest-w-subtypes |
@@ -13,8 +12,7 @@ invalidModelRow
 | Sources.cs:15:20:15:20 | [post] access to local variable x | qltest-argnum |
 | Sources.cs:17:17:17:33 | call to method TaggedSrcMethod | qltest-retval |
 | Sources.cs:18:17:18:30 | access to field TaggedSrcField | qltest-nospec |
-| Sources.cs:20:17:20:33 | call to method SrcTwoArg | qltest-longsig |
-| Sources.cs:20:17:20:33 | call to method SrcTwoArg | qltest-shortsig |
+| Sources.cs:20:17:20:33 | call to method SrcTwoArg | qltest |
 | Sources.cs:24:14:24:20 | this | qltest-param |
 | Sources.cs:24:29:24:45 | taggedMethodParam | qltest-param |
 | Sources.cs:28:49:28:62 | taggedSrcParam | qltest-nospec |

csharp/ql/test/library-tests/dataflow/external-models/srcs.ql

@@ -10,21 +10,19 @@ class SourceModelTest extends SourceModelCsv {
       [
         //"namespace;type;overrides;name;signature;ext;spec;kind",
         "My.Qltest;A;false;Src1;();;ReturnValue;qltest",
-        "My.Qltest;A;false;Src1;(string);;ReturnValue;qltest",
-        "My.Qltest;A;false;Src1;(System.String);;ReturnValue;qltest-alt",
+        "My.Qltest;A;false;Src1;(System.String);;ReturnValue;qltest",
         "My.Qltest;A;false;Src1;;;ReturnValue;qltest-all-overloads",
         "My.Qltest;A;false;Src2;();;ReturnValue;qltest",
         "My.Qltest;A;false;Src3;();;ReturnValue;qltest",
         "My.Qltest;A;true;Src2;();;ReturnValue;qltest-w-subtypes",
         "My.Qltest;A;true;Src3;();;ReturnValue;qltest-w-subtypes",
-        "My.Qltest;A;false;SrcArg;(object);;Argument[0];qltest-argnum",
-        "My.Qltest;A;false;SrcArg;(object);;Argument;qltest-argany",
-        "My.Qltest;A;true;SrcParam;(object);;Parameter[0];qltest-param-override",
+        "My.Qltest;A;false;SrcArg;(System.Object);;Argument[0];qltest-argnum",
+        "My.Qltest;A;false;SrcArg;(System.Object);;Argument;qltest-argany",
+        "My.Qltest;A;true;SrcParam;(System.Object);;Parameter[0];qltest-param-override",
         "My.Qltest;SourceAttribute;false;;;Attribute;ReturnValue;qltest-retval",
         "My.Qltest;SourceAttribute;false;;;Attribute;Parameter;qltest-param",
         "My.Qltest;SourceAttribute;false;;;Attribute;;qltest-nospec",
-        "My.Qltest;A;false;SrcTwoArg;(string,string);;ReturnValue;qltest-shortsig",
-        "My.Qltest;A;false;SrcTwoArg;(System.String,System.String);;ReturnValue;qltest-longsig"
+        "My.Qltest;A;false;SrcTwoArg;(System.String,System.String);;ReturnValue;qltest"
       ]
   }
 }

csharp/ql/test/library-tests/dataflow/external-models/steps.ql

@@ -9,17 +9,17 @@ class SummaryModelTest extends SummaryModelCsv {
     row =
       [
         //"namespace;type;overrides;name;signature;ext;inputspec;outputspec;kind",
-        "My.Qltest;C;false;StepArgRes;(object);;Argument[0];ReturnValue;taint",
-        "My.Qltest;C;false;StepArgArg;(object,object);;Argument[0];Argument[1];taint",
-        "My.Qltest;C;false;StepArgQual;(object);;Argument[0];Argument[-1];taint",
+        "My.Qltest;C;false;StepArgRes;(System.Object);;Argument[0];ReturnValue;taint",
+        "My.Qltest;C;false;StepArgArg;(System.Object,System.Object);;Argument[0];Argument[1];taint",
+        "My.Qltest;C;false;StepArgQual;(System.Object);;Argument[0];Argument[-1];taint",
         "My.Qltest;C;false;StepQualRes;();;Argument[-1];ReturnValue;taint",
-        "My.Qltest;C;false;StepQualArg;(object);;Argument[-1];Argument[0];taint",
+        "My.Qltest;C;false;StepQualArg;(System.Object);;Argument[-1];Argument[0];taint",
         "My.Qltest;C;false;StepFieldGetter;();;Field[My.Qltest.C.Field] of Argument[-1];ReturnValue;value",
-        "My.Qltest;C;false;StepFieldSetter;(int);;Argument[0];Field[My.Qltest.C.Field] of Argument[-1];value",
+        "My.Qltest;C;false;StepFieldSetter;(System.Int32);;Argument[0];Field[My.Qltest.C.Field] of Argument[-1];value",
         "My.Qltest;C;false;StepPropertyGetter;();;Property[My.Qltest.C.Property] of Argument[-1];ReturnValue;value",
-        "My.Qltest;C;false;StepPropertySetter;(int);;Argument[0];Property[My.Qltest.C.Property] of Argument[-1];value",
+        "My.Qltest;C;false;StepPropertySetter;(System.Int32);;Argument[0];Property[My.Qltest.C.Property] of Argument[-1];value",
         "My.Qltest;C;false;StepElementGetter;();;Element of Argument[-1];ReturnValue;value",
-        "My.Qltest;C;false;StepElementSetter;(int);;Argument[0];Element of Argument[-1];value",
+        "My.Qltest;C;false;StepElementSetter;(System.Int32);;Argument[0];Element of Argument[-1];value",
         "My.Qltest.C;Generic<>;false;StepGeneric;(T);;Argument[0];ReturnValue;value",
         "My.Qltest.C;Generic<>;false;StepGeneric2;(S);;Argument[0];ReturnValue;value"
       ]