mirror of
https://github.com/github/codeql.git
synced 2026-07-03 18:45:34 +02:00
Convert to inline expectations test
This commit is contained in:
@@ -1,3 +1,16 @@
|
||||
#select
|
||||
| Test.cs:14:13:14:57 | (...) => ... | Test.cs:14:13:14:57 | (...) => ... | Test.cs:14:13:14:57 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:14:13:14:57 | (...) => ... | uses a callback |
|
||||
| Test.cs:22:13:25:13 | (...) => ... | Test.cs:22:13:25:13 | (...) => ... | Test.cs:22:13:25:13 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:22:13:25:13 | (...) => ... | uses a callback |
|
||||
| Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | This TLS certificate validation $@, which trusts any certificate. | Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | uses a callback |
|
||||
| Test.cs:40:13:40:56 | (...) => ... | Test.cs:40:13:40:56 | (...) => ... | Test.cs:40:13:40:56 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:40:13:40:56 | (...) => ... | uses a callback |
|
||||
| Test.cs:47:13:47:61 | (...) => ... | Test.cs:47:13:47:61 | (...) => ... | Test.cs:47:13:47:61 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:47:13:47:61 | (...) => ... | uses a callback |
|
||||
| Test.cs:49:68:49:87 | (...) => ... | Test.cs:49:68:49:87 | (...) => ... | Test.cs:49:68:49:87 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:49:68:49:87 | (...) => ... | uses a callback |
|
||||
| Test.cs:51:68:51:92 | delegate(...) { ... } | Test.cs:51:68:51:92 | delegate(...) { ... } | Test.cs:51:68:51:92 | delegate(...) { ... } | This TLS certificate validation $@, which trusts any certificate. | Test.cs:51:68:51:92 | delegate(...) { ... } | uses a callback |
|
||||
| Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | This TLS certificate validation $@, which trusts any certificate. | Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | uses a callback |
|
||||
| Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | This TLS certificate validation $@, which trusts any certificate. | Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | uses a callback |
|
||||
| Test.cs:83:13:83:56 | (...) => ... | Test.cs:83:13:83:56 | (...) => ... | Test.cs:83:13:83:56 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:83:13:83:56 | (...) => ... | uses a callback |
|
||||
| Test.cs:89:13:89:56 | (...) => ... | Test.cs:89:13:89:56 | (...) => ... | Test.cs:89:13:89:56 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:89:13:89:56 | (...) => ... | uses a callback |
|
||||
| Test.cs:91:48:91:55 | access to local variable callback | Test.cs:89:13:89:56 | (...) => ... : (...) => ... | Test.cs:91:48:91:55 | access to local variable callback | This TLS certificate validation $@, which trusts any certificate. | Test.cs:89:13:89:56 | (...) => ... | uses a callback |
|
||||
edges
|
||||
| Test.cs:88:45:88:52 | access to local variable callback : (...) => ... | Test.cs:91:48:91:55 | access to local variable callback | provenance | |
|
||||
| Test.cs:89:13:89:56 | (...) => ... : (...) => ... | Test.cs:88:45:88:52 | access to local variable callback : (...) => ... | provenance | |
|
||||
@@ -17,16 +30,3 @@ nodes
|
||||
| Test.cs:89:13:89:56 | (...) => ... : (...) => ... | semmle.label | (...) => ... : (...) => ... |
|
||||
| Test.cs:91:48:91:55 | access to local variable callback | semmle.label | access to local variable callback |
|
||||
subpaths
|
||||
#select
|
||||
| Test.cs:14:13:14:57 | (...) => ... | Test.cs:14:13:14:57 | (...) => ... | Test.cs:14:13:14:57 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:14:13:14:57 | (...) => ... | uses a callback |
|
||||
| Test.cs:22:13:25:13 | (...) => ... | Test.cs:22:13:25:13 | (...) => ... | Test.cs:22:13:25:13 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:22:13:25:13 | (...) => ... | uses a callback |
|
||||
| Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | This TLS certificate validation $@, which trusts any certificate. | Test.cs:33:13:33:74 | access to property DangerousAcceptAnyServerCertificateValidator | uses a callback |
|
||||
| Test.cs:40:13:40:56 | (...) => ... | Test.cs:40:13:40:56 | (...) => ... | Test.cs:40:13:40:56 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:40:13:40:56 | (...) => ... | uses a callback |
|
||||
| Test.cs:47:13:47:61 | (...) => ... | Test.cs:47:13:47:61 | (...) => ... | Test.cs:47:13:47:61 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:47:13:47:61 | (...) => ... | uses a callback |
|
||||
| Test.cs:49:68:49:87 | (...) => ... | Test.cs:49:68:49:87 | (...) => ... | Test.cs:49:68:49:87 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:49:68:49:87 | (...) => ... | uses a callback |
|
||||
| Test.cs:51:68:51:92 | delegate(...) { ... } | Test.cs:51:68:51:92 | delegate(...) { ... } | Test.cs:51:68:51:92 | delegate(...) { ... } | This TLS certificate validation $@, which trusts any certificate. | Test.cs:51:68:51:92 | delegate(...) { ... } | uses a callback |
|
||||
| Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | This TLS certificate validation $@, which trusts any certificate. | Test.cs:69:67:69:75 | delegate creation of type RemoteCertificateValidationCallback | uses a callback |
|
||||
| Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | This TLS certificate validation $@, which trusts any certificate. | Test.cs:76:13:76:76 | delegate creation of type RemoteCertificateValidationCallback | uses a callback |
|
||||
| Test.cs:83:13:83:56 | (...) => ... | Test.cs:83:13:83:56 | (...) => ... | Test.cs:83:13:83:56 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:83:13:83:56 | (...) => ... | uses a callback |
|
||||
| Test.cs:89:13:89:56 | (...) => ... | Test.cs:89:13:89:56 | (...) => ... | Test.cs:89:13:89:56 | (...) => ... | This TLS certificate validation $@, which trusts any certificate. | Test.cs:89:13:89:56 | (...) => ... | uses a callback |
|
||||
| Test.cs:91:48:91:55 | access to local variable callback | Test.cs:89:13:89:56 | (...) => ... : (...) => ... | Test.cs:91:48:91:55 | access to local variable callback | This TLS certificate validation $@, which trusts any certificate. | Test.cs:89:13:89:56 | (...) => ... | uses a callback |
|
||||
|
||||
@@ -1 +1,2 @@
|
||||
Security Features/CWE-295/AcceptAnyCertificate.ql
|
||||
query: Security Features/CWE-295/AcceptAnyCertificate.ql
|
||||
postprocess: utils/test/InlineExpectationsTestQuery.ql
|
||||
|
||||
@@ -11,7 +11,7 @@ public class CertificateValidationTests
|
||||
var handler = new HttpClientHandler();
|
||||
// BAD: always trusts any certificate.
|
||||
handler.ServerCertificateCustomValidationCallback =
|
||||
(request, certificate, chain, errors) => true;
|
||||
(request, certificate, chain, errors) => true; // $ Alert
|
||||
}
|
||||
|
||||
public void HttpClientHandlerBlockBodyBad()
|
||||
@@ -22,7 +22,7 @@ public class CertificateValidationTests
|
||||
(request, certificate, chain, errors) =>
|
||||
{
|
||||
return true;
|
||||
};
|
||||
}; // $ Alert
|
||||
}
|
||||
|
||||
public void HttpClientHandlerDangerousBad()
|
||||
@@ -30,25 +30,25 @@ public class CertificateValidationTests
|
||||
var handler = new HttpClientHandler();
|
||||
// BAD: built-in callback that accepts any certificate.
|
||||
handler.ServerCertificateCustomValidationCallback =
|
||||
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
|
||||
HttpClientHandler.DangerousAcceptAnyServerCertificateValidator; // $ Alert
|
||||
}
|
||||
|
||||
public void ServicePointManagerBad()
|
||||
{
|
||||
// BAD: always trusts any certificate.
|
||||
ServicePointManager.ServerCertificateValidationCallback =
|
||||
(sender, certificate, chain, errors) => true;
|
||||
(sender, certificate, chain, errors) => true; // $ Alert
|
||||
}
|
||||
|
||||
public void ServicePointManagerCompoundBad()
|
||||
{
|
||||
// BAD: always trusts any certificate (compound assignment).
|
||||
ServicePointManager.ServerCertificateValidationCallback +=
|
||||
(sender, cert, chain, errors) => { return true; };
|
||||
(sender, cert, chain, errors) => { return true; }; // $ Alert
|
||||
// BAD
|
||||
ServicePointManager.ServerCertificateValidationCallback += (a, b, c, d) => true;
|
||||
ServicePointManager.ServerCertificateValidationCallback += (a, b, c, d) => true; // $ Alert
|
||||
// BAD: parameterless anonymous method.
|
||||
ServicePointManager.ServerCertificateValidationCallback += delegate { return true; };
|
||||
ServicePointManager.ServerCertificateValidationCallback += delegate { return true; }; // $ Alert
|
||||
}
|
||||
|
||||
private static bool AcceptAll(object sender, X509Certificate certificate, X509Chain chain,
|
||||
@@ -66,29 +66,29 @@ public class CertificateValidationTests
|
||||
public void MethodGroupBad()
|
||||
{
|
||||
// BAD: the referenced static method always returns true.
|
||||
ServicePointManager.ServerCertificateValidationCallback = AcceptAll;
|
||||
ServicePointManager.ServerCertificateValidationCallback = AcceptAll; // $ Alert
|
||||
}
|
||||
|
||||
public void MethodGroupNonStaticBad()
|
||||
{
|
||||
// BAD: the referenced instance method always returns true.
|
||||
ServicePointManager.ServerCertificateValidationCallback =
|
||||
new RemoteCertificateValidationCallback(this.AcceptAllNonStatic);
|
||||
new RemoteCertificateValidationCallback(this.AcceptAllNonStatic); // $ Alert
|
||||
}
|
||||
|
||||
public void SslStreamBad(Stream stream)
|
||||
{
|
||||
// BAD: the validation callback always returns true.
|
||||
var ssl = new SslStream(stream, false,
|
||||
(sender, certificate, chain, errors) => true);
|
||||
(sender, certificate, chain, errors) => true); // $ Alert
|
||||
}
|
||||
|
||||
public void IndirectBad(Stream stream)
|
||||
{
|
||||
RemoteCertificateValidationCallback callback =
|
||||
(sender, certificate, chain, errors) => true;
|
||||
(sender, certificate, chain, errors) => true; // $ Source Alert
|
||||
// BAD: the callback flowing here always returns true.
|
||||
var ssl = new SslStream(stream, false, callback);
|
||||
var ssl = new SslStream(stream, false, callback); // $ Alert
|
||||
}
|
||||
|
||||
public void HttpClientHandlerGood()
|
||||
|
||||
Reference in New Issue
Block a user