hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Autoformat.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2020-11-30 14:42:38 +01:00
parent 931322e4c5
commit 8f2094f0bf
95 changed files with 189 additions and 341 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
csharp/ql/src/Concurrency/DataMembers.qll
View File

@@ -59,8 +59,7 @@ class CollectionMember extends DataMember {
// A write of a field or property can be a method call to certain methods...
exists(MethodCall call | call = result |
call.getQualifier() = this.getAnAccess() and
call
.getTarget()
call.getTarget()
.getName()
.regexpMatch("Add.*|Append|Clear.*|Delete|" +
"(Try)?Dequeue|Enqueue|Insert.*|(Try)?Pop|Push|(Try?)Remove.*|Replace.*|SafeDelete|Set.*|")

3
csharp/ql/src/Concurrency/ThreadCreation.qll
View File

@@ -13,8 +13,7 @@ class ThreadStartingCallable extends Callable {
this.(Method).getQualifiedName() = "System.Threading.Tasks.Task.Run" or
this.(Constructor).getDeclaringType().getQualifiedName() = "System.Threading.Thread" or
this.(Method).getQualifiedName() = "System.Threading.Thread.Start" or
this
.(Constructor)
this.(Constructor)
.getDeclaringType()
.getQualifiedName()
.matches("System.Threading.Tasks.Task<%>")

6
csharp/ql/src/Likely Bugs/MishandlingJapaneseEra.ql
View File

@@ -51,12 +51,10 @@ predicate isDateFromJapaneseCalendarCreation(ObjectCreation cr) {
cr.getType().hasQualifiedName("System.DateTimeOffset")
) and
(
cr
.getArgumentForName("calendar")
cr.getArgumentForName("calendar")
.getType()
.hasQualifiedName("System.Globalization.JapaneseCalendar") or
cr
.getArgumentForName("calendar")
cr.getArgumentForName("calendar")
.getType()
.hasQualifiedName("System.Globalization.JapaneseLunisolarCalendar")
) and

3
csharp/ql/src/Security Features/CWE-016/ASPNetMaxRequestLength.ql
View File

@@ -16,8 +16,7 @@ import semmle.code.asp.WebConfig
from SystemWebXMLElement web, XMLAttribute maxReqLength
where
maxReqLength =
web
.getAChild(any(string s | s.toLowerCase() = "httpruntime"))
web.getAChild(any(string s | s.toLowerCase() = "httpruntime"))
.getAttribute(any(string s | s.toLowerCase() = "maxrequestlength")) and
maxReqLength.getValue().toInt() > 4096
select maxReqLength, "Large 'maxRequestLength' value (" + maxReqLength.getValue() + " KB)."

3
csharp/ql/src/Security Features/CWE-091/XMLInjection.ql
View File

@@ -34,8 +34,7 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
override predicate isSanitizer(DataFlow::Node node) {
exists(MethodCall mc |
mc.getTarget().hasName("Escape") and
mc
.getTarget()
mc.getTarget()
.getDeclaringType()
.getABaseType*()
.hasQualifiedName("System.Security.SecurityElement")

3
csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.ql
View File

@@ -29,8 +29,7 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
override predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc, string name, int arg |
mc.getTarget().getName().matches(name) and
mc
.getTarget()
mc.getTarget()
.getDeclaringType()
.getABaseType*()
.hasQualifiedName("System.Reflection.Assembly") and

9
csharp/ql/src/Security Features/CWE-327/DontInstallRootCert.ql
View File

@@ -18,8 +18,7 @@ class AddCertToRootStoreConfig extends DataFlow::Configuration {
override predicate isSource(DataFlow::Node source) {
exists(ObjectCreation oc | oc = source.asExpr() |
oc
.getType()
oc.getType()
.(RefType)
.hasQualifiedName("System.Security.Cryptography.X509Certificates.X509Store") and
oc.getArgument(0).(Access).getTarget().hasName("Root")
@@ -29,11 +28,9 @@ class AddCertToRootStoreConfig extends DataFlow::Configuration {
override predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc |
(
mc
.getTarget()
mc.getTarget()
.hasQualifiedName("System.Security.Cryptography.X509Certificates.X509Store", "Add") or
mc
.getTarget()
mc.getTarget()
.hasQualifiedName("System.Security.Cryptography.X509Certificates.X509Store", "AddRange")
) and
sink.asExpr() = mc.getQualifier()

3
csharp/ql/src/Security Features/HeaderCheckingDisabled.ql
View File

@@ -18,8 +18,7 @@ where
exists(Assignment a, PropertyAccess pa |
a.getLValue() = pa and
pa.getTarget().hasName("EnableHeaderChecking") and
pa
.getTarget()
pa.getTarget()
.getDeclaringType()
.hasQualifiedName("System.Web.Configuration", "HttpRuntimeSection") and
a.getRValue().getValue() = "false" and

3
csharp/ql/src/Security Features/InadequateRSAPadding.ql
View File

@@ -15,8 +15,7 @@ import csharp
from MethodCall mc, BoolLiteral b
where
mc.getTarget().hasName("Encrypt") and
mc
.getTarget()
mc.getTarget()
.getDeclaringType()
.hasQualifiedName("System.Security.Cryptography", "RSACryptoServiceProvider") and
mc.getArgument(1) = b and

9
csharp/ql/src/Security Features/InsufficientKeySize.ql
View File

@@ -15,8 +15,7 @@ predicate incorrectUseOfRC2(Assignment e, string msg) {
exists(PropertyAccess pa |
pa.getParent() = e and
pa.getTarget().hasName("EffectiveKeySize") and
pa
.getTarget()
pa.getTarget()
.getDeclaringType()
.hasQualifiedName("System.Security.Cryptography", "RC2CryptoServiceProvider")
) and
@@ -25,8 +24,7 @@ predicate incorrectUseOfRC2(Assignment e, string msg) {
}
predicate incorrectUseOfDSA(ObjectCreation e, string msg) {
e
.getTarget()
e.getTarget()
.getDeclaringType()
.hasQualifiedName("System.Security.Cryptography", "DSACryptoServiceProvider") and
exists(Expr i | e.getArgument(0) = i and i.getValue().toInt() < 2048) and
@@ -34,8 +32,7 @@ predicate incorrectUseOfDSA(ObjectCreation e, string msg) {
}
predicate incorrectUseOfRSA(ObjectCreation e, string msg) {
e
.getTarget()
e.getTarget()
.getDeclaringType()
.hasQualifiedName("System.Security.Cryptography", "RSACryptoServiceProvider") and
exists(Expr i | e.getArgument(0) = i and i.getValue().toInt() < 2048) and

3
csharp/ql/src/Security Features/WeakEncryption.ql
View File

@@ -18,8 +18,7 @@ predicate incorrectUseOfDES(ObjectCreation e, string msg) {
}
predicate incorrectUseOfTripleDES(ObjectCreation e, string msg) {
e
.getType()
e.getType()
.(Class)
.hasQualifiedName("System.Security.Cryptography", "TripleDESCryptoServiceProvider") and
msg =

3
csharp/ql/src/semmle/code/csharp/Attribute.qll
View File

@@ -30,8 +30,7 @@ class Attributable extends @attributable {
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
this
.(Element)
this.(Element)
.getLocation()
.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}

3
csharp/ql/src/semmle/code/csharp/commons/Collections.qll
View File

@@ -86,8 +86,7 @@ class CollectionType extends RefType {
exists(RefType base | base = this.getABaseType*() |
base.hasQualifiedName(collectionNamespaceName(), collectionTypeName())
or
base
.(ConstructedType)
base.(ConstructedType)
.getUnboundGeneric()
.hasQualifiedName(genericCollectionNamespaceName(), genericCollectionTypeName())
)

5
csharp/ql/src/semmle/code/csharp/commons/GeneratedCode.qll
View File

@@ -61,9 +61,8 @@ class GenericGeneratedCodeComment extends GeneratedCodeComment {
entity = "file|class|interface|art[ei]fact|module|script" and
was = "was|is|has been" and
automatically = "automatically |mechanically |auto[- ]?" and
line
.regexpMatch("(?i).*\\bThis (" + entity + ") (" + was + ") (" + automatically +
")?generated\\b.*")
line.regexpMatch("(?i).*\\bThis (" + entity + ") (" + was + ") (" + automatically +
")?generated\\b.*")
)
}
}

3
csharp/ql/src/semmle/code/csharp/controlflow/Guards.qll
View File

@@ -481,8 +481,7 @@ class CollectionExpr extends Expr {
result =
any(PropertyRead pr |
this = pr.getQualifier() and
pr
.getTarget()
pr.getTarget()
.overridesOrImplementsOrEquals(any(Property p |
p.getUnboundDeclaration() =
any(SystemCollectionsGenericICollectionInterface x).getCountProperty()

3
csharp/ql/src/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
View File

@@ -859,8 +859,7 @@ module Expressions {
c =
any(NestedCompletion nc |
nc.getInnerCompletion() = cc and
nc
.getOuterCompletion()
nc.getOuterCompletion()
.(ThrowCompletion)
.getExceptionClass()
.hasQualifiedName("System.InvalidOperationException")

5
csharp/ql/src/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
View File

@@ -414,9 +414,8 @@ private class FrameworkDataFlowAdaptor extends SummarizedCallable {
SummaryInput input, ContentList inputContents, SummaryOutput output, ContentList outputContents,
boolean preservesValue
) {
ltdf
.callableFlow(toCallableFlowSource(input), toAccessPath(inputContents),
toCallableFlowSink(output), toAccessPath(outputContents), this, preservesValue)
ltdf.callableFlow(toCallableFlowSource(input), toAccessPath(inputContents),
toCallableFlowSink(output), toAccessPath(outputContents), this, preservesValue)
}
private AccessPath getAnAccessPath() {

3
csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
View File

@@ -168,8 +168,7 @@ private module DispatchImpl {
)
or
result =
call
.(NonDelegateDataFlowCall)
call.(NonDelegateDataFlowCall)
.getDispatchCall()
.getADynamicTargetInCallContext(ctx.(NonDelegateDataFlowCall).getDispatchCall())
.getUnboundDeclaration()

11
csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
View File

@@ -760,9 +760,8 @@ private module Cached {
c instanceof ElementContent
or
exists(ForeachStmt fs, Ssa::ExplicitDefinition def |
x
.hasDefPath(fs.getIterableExpr(), node1.getControlFlowNode(), def.getADefinition(),
def.getControlFlowNode()) and
x.hasDefPath(fs.getIterableExpr(), node1.getControlFlowNode(), def.getADefinition(),
def.getControlFlowNode()) and
node2.(SsaDefinitionNode).getDefinition() = def and
c instanceof ElementContent
)
@@ -1268,8 +1267,7 @@ private module ArgumentNodes {
override DotNet::Type getTypeImpl() {
result =
c
.getParameter(delegateIndex)
c.getParameter(delegateIndex)
.getType()
.(SystemLinqExpressions::DelegateExtType)
.getDelegateType()
@@ -1583,8 +1581,7 @@ private module OutNodes {
override DotNet::Type getTypeImpl() {
result =
c
.getParameter(pos)
c.getParameter(pos)
.getType()
.(SystemLinqExpressions::DelegateExtType)
.getDelegateType()

3
csharp/ql/src/semmle/code/csharp/frameworks/EntityFramework.qll
View File

@@ -18,8 +18,7 @@ module DataAnnotations {
/** The `NotMappedAttribute` attribute. */
class NotMappedAttribute extends Attribute {
NotMappedAttribute() {
this
.getType()
this.getType()
.hasQualifiedName("System.ComponentModel.DataAnnotations.Schema.NotMappedAttribute")
}
}

3
csharp/ql/src/semmle/code/csharp/frameworks/NHibernate.qll
View File

@@ -76,8 +76,7 @@ module NHibernate {
SqlParameter() {
this.getType() instanceof StringType and
(this.getName() = "sql" or this.getName() = "sqlString" or this.getName() = "query") and
this
.getCallable()
this.getCallable()
.getDeclaringType()
.getDeclaringNamespace()
.getParent*()

3
csharp/ql/src/semmle/code/csharp/frameworks/Sql.qll
View File

@@ -69,8 +69,7 @@ class MySqlHelperMethodCallSqlExpr extends SqlExpr, MethodCall {
/** A `Microsoft.ApplicationBlocks.Data.SqlHelper` method. */
class MicrosoftSqlHelperMethodCallSqlExpr extends SqlExpr, MethodCall {
MicrosoftSqlHelperMethodCallSqlExpr() {
this
.getQualifier()
this.getQualifier()
.getType()
.(Class)
.hasQualifiedName("Microsoft.ApplicationBlocks.Data", "SqlHelper")

3
csharp/ql/src/semmle/code/csharp/frameworks/system/data/Entity.qll
View File

@@ -97,8 +97,7 @@ module SystemDataEntityInfrastructure {
/** A class that extends or is constructed from `System.Entity.Data.Infrastructure.DbRawSqlQuery`. */
class DbRawSqlQuery extends Class {
DbRawSqlQuery() {
this
.getABaseType*()
this.getABaseType*()
.getUnboundDeclaration()
.(csharp::UnboundGenericClass)
.getNameWithoutBrackets() = "DbRawSqlQuery"

5
csharp/ql/src/semmle/code/csharp/security/cryptography/HardcodedSymmetricEncryptionKey.qll
View File

@@ -70,9 +70,8 @@ module HardcodedSymmetricEncryptionKey {
CreateSymmetricKeySink() {
exists(MethodCall mc, Method m |
mc.getTarget() = m and
m
.hasQualifiedName("Windows.Security.Cryptography.Core.SymmetricKeyAlgorithmProvider",
"CreateSymmetricKey") and
m.hasQualifiedName("Windows.Security.Cryptography.Core.SymmetricKeyAlgorithmProvider",
"CreateSymmetricKey") and
this.asExpr() = mc.getArgumentForName("keyMaterial")
)
}

3
csharp/ql/src/semmle/code/csharp/security/dataflow/ReDoS.qll
View File

@@ -56,8 +56,7 @@ module ReDoS {
s.getValue().regexpMatch(".*\\([^()*+\\]]+\\]?(\\*|\\+)\\.?\\)(\\*|\\+).*")
or
// Example: (([a-z])?([a-z]+.))+
s
.getValue()
s.getValue()
.regexpMatch(".*\\((\\([^()]+\\)\\?)?\\([^()*+\\]]+\\]?(\\*|\\+)\\.?\\)\\)(\\*|\\+).*")
or
// Example: (([a-z])+.)+

3
csharp/ql/src/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
View File

@@ -191,8 +191,7 @@ class AspNetCoreQueryRemoteFlowSource extends AspNetCoreRemoteFlowSource, DataFl
)
or
exists(Call c |
c
.getTarget()
c.getTarget()
.getDeclaringType()
.hasQualifiedName("Microsoft.AspNetCore.Http", "IQueryCollection") and
c.getTarget().getName() = "TryGetValue" and

20
csharp/ql/src/semmle/code/csharp/serialization/Deserializers.qll
View File

@@ -11,21 +11,17 @@ abstract class UnsafeDeserializer extends Callable { }
/** An unsafe deserializer method in the `System.*` namespace. */
class SystemDeserializer extends UnsafeDeserializer {
SystemDeserializer() {
this
.hasQualifiedName("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter",
"Deserialize")
this.hasQualifiedName("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter",
"Deserialize")
or
this
.hasQualifiedName("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter",
"UnsafeDeserialize")
this.hasQualifiedName("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter",
"UnsafeDeserialize")
or
this
.hasQualifiedName("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter",
"UnsafeDeserializeMethodResponse")
this.hasQualifiedName("System.Runtime.Serialization.Formatters.Binary.BinaryFormatter",
"UnsafeDeserializeMethodResponse")
or
this
.hasQualifiedName("System.Runtime.Deserialization.Formatters.Soap.SoapFormatter",
"Deserialize")
this.hasQualifiedName("System.Runtime.Deserialization.Formatters.Soap.SoapFormatter",
"Deserialize")
or
this.hasQualifiedName("System.Web.UI.ObjectStateFormatter", "Deserialize")
or