Publishing queries to the OSS Semmle repository

2026-05-05 05:35:13 +02:00 · 2019-10-17 14:54:37 -07:00
parent c66e5dd13a
commit cb8dcf7db2
81 changed files with 3422 additions and 51 deletions
--- a/Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs
+++ b/Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs
@@ -0,0 +1,59 @@
+using System.Data.SqlClient;
+
+namespace InsecureSQLConnection
+{
+    public class Class1
+    {
+        public void StringInConstructor()
+        {
+            SqlConnection conn = new SqlConnection("Encrypt=true");
+        }
+
+        public void StringInProperty()
+        {
+            SqlConnection conn = new SqlConnection();
+            conn.ConnectionString = "Encrypt=true";
+
+        }
+
+        public void StringInBuilder()
+        {
+            SqlConnectionStringBuilder conBuilder = new SqlConnectionStringBuilder();
+            conBuilder.Encrypt = true;
+            SqlConnection conn = new SqlConnection(conBuilder.ToString());
+        }
+
+        public void StringInBuilderProperty()
+        {
+            SqlConnectionStringBuilder conBuilder = new SqlConnectionStringBuilder();
+            conBuilder.Encrypt = true;
+            SqlConnection conn = new SqlConnection();
+            conn.ConnectionString = conBuilder.ToString();
+
+        }
+
+        public void TriggerThis()
+        {
+            // BAD, Encrypt not specified
+            SqlConnection conn = new SqlConnection("Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;");
+        }
+
+        void Test4()
+        {
+            string connectString =
+                "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd";
+            // BAD, Encrypt not specified
+            SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);
+            var conn = new SqlConnection(builder.ConnectionString);
+        }
+
+        void Test5()
+        {
+            string connectString =
+                "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false";
+            // BAD, Encrypt set to false
+            SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);
+            var conn = new SqlConnection(builder.ConnectionString);
+        }
+    }
+}
--- a/Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.expected
+++ b/Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.expected
@@ -0,0 +1,13 @@
+edges
+| InsecureSQLConnection.cs:44:17:44:64 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd" | InsecureSQLConnection.cs:46:81:46:93 | access to local variable connectString |
+| InsecureSQLConnection.cs:53:17:53:78 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false" | InsecureSQLConnection.cs:55:81:55:93 | access to local variable connectString |
+nodes
+| InsecureSQLConnection.cs:38:52:38:128 | "Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;" |
+| InsecureSQLConnection.cs:44:17:44:64 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd" |
+| InsecureSQLConnection.cs:46:81:46:93 | access to local variable connectString |
+| InsecureSQLConnection.cs:53:17:53:78 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false" |
+| InsecureSQLConnection.cs:55:81:55:93 | access to local variable connectString |
+#select
+| InsecureSQLConnection.cs:38:52:38:128 | "Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;" | InsecureSQLConnection.cs:38:52:38:128 | "Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;" | InsecureSQLConnection.cs:38:52:38:128 | "Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;" | $@ flows to here and does not specify `Encrypt=True`. | InsecureSQLConnection.cs:38:52:38:128 | "Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;" | Connection string |
+| InsecureSQLConnection.cs:46:81:46:93 | access to local variable connectString | InsecureSQLConnection.cs:44:17:44:64 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd" | InsecureSQLConnection.cs:46:81:46:93 | access to local variable connectString | $@ flows to here and does not specify `Encrypt=True`. | InsecureSQLConnection.cs:44:17:44:64 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd" | Connection string |
+| InsecureSQLConnection.cs:55:81:55:93 | access to local variable connectString | InsecureSQLConnection.cs:53:17:53:78 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false" | InsecureSQLConnection.cs:55:81:55:93 | access to local variable connectString | $@ flows to here and does not specify `Encrypt=True`. | InsecureSQLConnection.cs:53:17:53:78 | "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false" | Connection string |
--- a/Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.qlref
+++ b/Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.qlref
@@ -0,0 +1 @@
+Security Features/CWE-091/XMLInjection.ql
--- a/Features/CWE-327/InsecureSQLConnection/stubs.cs
+++ b/Features/CWE-327/InsecureSQLConnection/stubs.cs
@@ -0,0 +1,71 @@
+// This file contains auto-generated code.
+
+namespace System
+{
+    namespace Data
+    {
+        // Generated from `System.Data.IDbConnection` in `System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089`
+        public interface IDbConnection : System.IDisposable
+        {
+            string ConnectionString { get; set; }
+        }
+
+        namespace Common
+        {
+            // Generated from `System.Data.Common.DbConnectionStringBuilder` in `System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089`
+            public class DbConnectionStringBuilder : System.Collections.IEnumerable, System.Collections.IDictionary, System.Collections.ICollection
+            {
+                System.Collections.IDictionaryEnumerator System.Collections.IDictionary.GetEnumerator() => throw null;
+                System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null;
+                bool System.Collections.ICollection.IsSynchronized { get => throw null; }
+                bool System.Collections.IDictionary.Contains(object keyword) => throw null;
+                object System.Collections.ICollection.SyncRoot { get => throw null; }
+                public object this[object keyword] { get => throw null; set => throw null; }
+                public bool IsReadOnly { get => throw null; }
+                public override string ToString() => throw null;
+                public string ConnectionString { get => throw null; set => throw null; }
+                public virtual System.Collections.ICollection Keys { get => throw null; }
+                public virtual System.Collections.ICollection Values { get => throw null; }
+                public virtual bool IsFixedSize { get => throw null; }
+                public virtual int Count { get => throw null; }
+                public virtual void Clear() => throw null;
+                void System.Collections.ICollection.CopyTo(System.Array array, int index) => throw null;
+                void System.Collections.IDictionary.Add(object keyword, object value) => throw null;
+                void System.Collections.IDictionary.Remove(object keyword) => throw null;
+                public void Dispose() => throw null;
+            }
+
+            // Generated from `System.Data.Common.DbConnection` in `System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089`
+            abstract public class DbConnection : System.IDisposable, System.Data.IDbConnection
+            {
+                public abstract string ConnectionString { get; set; }
+                public void Dispose() => throw null;
+            }
+
+        }
+        namespace SqlClient
+        {
+            // Generated from `System.Data.SqlClient.SqlConnectionStringBuilder` in `System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089`
+            public class SqlConnectionStringBuilder : System.Data.Common.DbConnectionStringBuilder
+            {
+                public SqlConnectionStringBuilder() => throw null;
+                public SqlConnectionStringBuilder(string connectionString) => throw null;
+                public bool Encrypt { get => throw null; set => throw null; }
+                public override System.Collections.ICollection Keys { get => throw null; }
+                public override System.Collections.ICollection Values { get => throw null; }
+                public override bool IsFixedSize { get => throw null; }
+                public override void Clear() => throw null;
+            }
+
+            // Generated from `System.Data.SqlClient.SqlConnection` in `System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089`
+            public class SqlConnection : System.Data.Common.DbConnection, System.ICloneable
+            {
+                object System.ICloneable.Clone() => throw null;
+                public SqlConnection() => throw null;
+                public SqlConnection(string connectionString) => throw null;
+                public override string ConnectionString { get => throw null; set => throw null; }
+            }
+
+        }
+    }
+}