diff --git a/csharp/ql/lib/ext/System.Web.model.yml b/csharp/ql/lib/ext/System.Web.model.yml index 6d05cdae75b..63c539fbe5e 100644 --- a/csharp/ql/lib/ext/System.Web.model.yml +++ b/csharp/ql/lib/ext/System.Web.model.yml @@ -29,6 +29,10 @@ extensions: - ["System.Web", "HttpUtility", False, "JavaScriptStringEncode", "(System.String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["System.Web", "HttpUtility", False, "JavaScriptStringEncode", "(System.String,System.Boolean)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["System.Web", "HttpUtility", False, "ParseQueryString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["System.Web", "HttpUtility", False, "UrlDecode", "(System.Byte[],System.Int32,System.Int32,System.Text.Encoding)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["System.Web", "HttpUtility", False, "UrlDecode", "(System.Byte[],System.Text.Encoding)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["System.Web", "HttpUtility", False, "UrlDecode", "(System.String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["System.Web", "HttpUtility", False, "UrlDecode", "(System.String,System.Text.Encoding)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["System.Web", "HttpUtility", False, "UrlEncode", "(System.Byte[])", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["System.Web", "HttpUtility", False, "UrlEncode", "(System.Byte[],System.Int32,System.Int32)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["System.Web", "HttpUtility", False, "UrlEncode", "(System.String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected index be6a2302cc3..b7ae291bf0f 100644 --- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected +++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected @@ -18591,6 +18591,10 @@ summary | System.Web;HttpUtility;JavaScriptStringEncode;(System.String,System.Boolean);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;ParseQueryString;(System.String);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;ParseQueryString;(System.String,System.Text.Encoding);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.Byte[],System.Int32,System.Int32,System.Text.Encoding);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.Byte[],System.Text.Encoding);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.String);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.String,System.Text.Encoding);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;UrlEncode;(System.Byte[]);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;UrlEncode;(System.Byte[],System.Int32,System.Int32);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;UrlEncode;(System.String);Argument[0];ReturnValue;taint;manual | diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected index c88c901bd75..8aff8d0e178 100644 --- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected +++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected @@ -14340,6 +14340,10 @@ | System.Web;HttpUtility;JavaScriptStringEncode;(System.String,System.Boolean);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;ParseQueryString;(System.String);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;ParseQueryString;(System.String,System.Text.Encoding);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.Byte[],System.Int32,System.Int32,System.Text.Encoding);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.Byte[],System.Text.Encoding);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.String);Argument[0];ReturnValue;taint;manual | +| System.Web;HttpUtility;UrlDecode;(System.String,System.Text.Encoding);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;UrlEncode;(System.Byte[]);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;UrlEncode;(System.Byte[],System.Int32,System.Int32);Argument[0];ReturnValue;taint;manual | | System.Web;HttpUtility;UrlEncode;(System.String);Argument[0];ReturnValue;taint;manual |