C#: Remove reference to the deleted api.

2025-12-16 16:53:25 +01:00 · 2024-12-03 15:41:51 +01:00
parent a66de28d8e
commit dbb260dfd2
9 changed files with 0 additions and 65 deletions
--- a/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
+++ b/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
@@ -8,7 +8,6 @@

 import csharp
 private import DataFlow
-private import semmle.code.csharp.dataflow.TaintTracking2

 predicate maybeANonCryptographicHash(
  Callable callable, Variable v, Expr xor, Expr mul, LoopStmt loop
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll
@@ -5,7 +5,6 @@
 import csharp
 private import semmle.code.csharp.frameworks.System
 private import semmle.code.csharp.frameworks.system.Text
-private import semmle.code.csharp.dataflow.DataFlow2

 /** A method that formats a string, for example `string.Format()`. */
 class FormatMethod extends Method {
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll
@@ -6,7 +6,6 @@ private import semmle.code.csharp.frameworks.system.data.SqlClient
 private import semmle.code.csharp.frameworks.EntityFramework
 private import semmle.code.csharp.frameworks.NHibernate
 private import semmle.code.csharp.frameworks.Dapper
-private import semmle.code.csharp.dataflow.DataFlow4

 /** An expression containing a SQL command. */
 abstract class SqlExpr extends Expr {
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll
@@ -2,7 +2,6 @@

 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.DataFlow3

 /** The `System.Xml` namespace. */
 class SystemXmlNamespace extends Namespace {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ReDoSQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ReDoSQuery.qll
@@ -4,7 +4,6 @@
 */

 import csharp
-private import semmle.code.csharp.dataflow.DataFlow2
 private import semmle.code.csharp.security.dataflow.flowsinks.FlowSinks
 private import semmle.code.csharp.security.dataflow.flowsources.FlowSources
 private import semmle.code.csharp.frameworks.system.text.RegularExpressions
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
@@ -5,7 +5,6 @@

 import csharp
 private import semmle.code.csharp.serialization.Deserializers
-private import semmle.code.csharp.dataflow.TaintTracking2
 private import semmle.code.csharp.security.dataflow.flowsinks.FlowSinks
 private import semmle.code.csharp.security.dataflow.flowsources.FlowSources

--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSQuery.qll
@@ -7,8 +7,6 @@ import csharp
 private import XSSSinks
 private import semmle.code.csharp.security.Sanitizers
 private import semmle.code.csharp.security.dataflow.flowsources.FlowSources
-private import semmle.code.csharp.dataflow.DataFlow2
-private import semmle.code.csharp.dataflow.TaintTracking2

 /**
 * Holds if there is tainted flow from `source` to `sink` that may lead to a
--- a/csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll
@@ -150,8 +150,6 @@ module XmlSettings {

 /** Provides predicates related to `System.Xml.XmlReader`. */
 module XmlReader {
-  private import semmle.code.csharp.dataflow.DataFlow2
-
  private class InsecureXmlReaderCreate extends InsecureXmlProcessing, MethodCall {
    InsecureXmlReaderCreate() {
      this.getTarget().hasFullyQualifiedName("System.Xml.XmlReader", "Create")
--- a/csharp/ql/src/experimental/dataflow/flowsources/AuthCookie.qll
+++ b/csharp/ql/src/experimental/dataflow/flowsources/AuthCookie.qll
@@ -114,61 +114,6 @@ Expr getAValueForProp(ObjectCreation create, Assignment a, string prop) {
 */
 predicate isPropertySet(ObjectCreation oc, string prop) { exists(getAValueForProp(oc, _, prop)) }

-/**
- * Tracks if a callback used in `OnAppendCookie` sets a cookie property to `true`.
- */
-abstract deprecated private class OnAppendCookieTrackingConfig extends DataFlow::Configuration {
-  bindingset[this]
-  OnAppendCookieTrackingConfig() { any() }
-
-  /**
-   * Specifies the cookie property name to track.
-   */
-  abstract string propertyName();
-
-  override predicate isSource(DataFlow::Node source) {
-    exists(PropertyWrite pw, Assignment delegateAssign, Callable c |
-      pw.getProperty().getName() = "OnAppendCookie" and
-      pw.getProperty().getDeclaringType() instanceof MicrosoftAspNetCoreBuilderCookiePolicyOptions and
-      delegateAssign.getLValue() = pw and
-      (
-        exists(LambdaExpr lambda |
-          delegateAssign.getRValue() = lambda and
-          lambda = c
-        )
-        or
-        exists(DelegateCreation delegate |
-          delegateAssign.getRValue() = delegate and
-          delegate.getArgument().(CallableAccess).getTarget() = c
-        )
-      ) and
-      c.getParameter(0) = source.asParameter()
-    )
-  }
-
-  override predicate isSink(DataFlow::Node sink) {
-    exists(PropertyWrite pw, Assignment a |
-      pw.getProperty().getDeclaringType() instanceof MicrosoftAspNetCoreHttpCookieOptions and
-      pw.getProperty().getName() = this.propertyName() and
-      a.getLValue() = pw and
-      exists(Expr val |
-        DataFlow::localExprFlow(val, a.getRValue()) and
-        val.getValue() = "true"
-      ) and
-      sink.asExpr() = pw.getQualifier()
-    )
-  }
-
-  override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-    node2.asExpr() =
-      any(PropertyRead pr |
-        pr.getQualifier() = node1.asExpr() and
-        pr.getProperty().getDeclaringType() instanceof
-          MicrosoftAspNetCoreCookiePolicyAppendCookieContext
-      )
-  }
-}
-
 private signature string propertyName();

 /**