@@ -42,6 +42,11 @@ public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
4242
4343 List < String > passwords = new List < String > ( ) { "Password" , "Passphrase" } ;
4444 List < String > usernames = new List < String > ( ) { "Username" , "User" } ;
45+ Type [ ] typeWhiteList = { typeof ( CredentialAttribute ) ,
46+ typeof ( PSCredential ) ,
47+ typeof ( System . Security . SecureString ) ,
48+ typeof ( SwitchParameter ) ,
49+ typeof ( Boolean ) } ;
4550
4651 foreach ( FunctionDefinitionAst funcAst in functionAsts )
4752 {
@@ -50,32 +55,18 @@ public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
5055
5156 // Finds all ParamAsts.
5257 IEnumerable < Ast > paramAsts = funcAst . FindAll ( testAst => testAst is ParameterAst , true ) ;
53-
5458 ParameterAst usernameAst = null ;
5559 ParameterAst passwordAst = null ;
5660 // Iterates all ParamAsts and check if their names are on the list.
5761 foreach ( ParameterAst paramAst in paramAsts )
5862 {
59- // this will be null if there is no [pscredential] attached to the parameter
60- var psCredentialType = paramAst . Attributes . FirstOrDefault ( paramAttribute =>
61- ( paramAttribute . TypeName . IsArray && ( paramAttribute . TypeName as ArrayTypeName ) . ElementType . GetReflectionType ( ) == typeof ( PSCredential ) )
62- || paramAttribute . TypeName . GetReflectionType ( ) == typeof ( PSCredential ) ) ;
63-
64- // this will be null if there are no [credential()] attribute attached
65- var credentialAttribute = paramAst . Attributes . FirstOrDefault ( paramAttribute => paramAttribute . TypeName . GetReflectionType ( ) == typeof ( CredentialAttribute ) ) ;
66-
67- // this will be null if there are no [securestring] attached to the parameter
68- var secureStringType = paramAst . Attributes . FirstOrDefault ( paramAttribute =>
69- ( paramAttribute . TypeName . IsArray && ( paramAttribute . TypeName as ArrayTypeName ) . ElementType . GetReflectionType ( ) == typeof ( System . Security . SecureString ) )
70- || paramAttribute . TypeName . GetReflectionType ( ) == typeof ( System . Security . SecureString ) ) ;
71-
63+ var attributes = typeWhiteList . Select ( x => GetAttributeOfType ( paramAst . Attributes , x ) ) ;
7264 String paramName = paramAst . Name . VariablePath . ToString ( ) ;
7365 foreach ( String password in passwords )
7466 {
7567 if ( paramName . IndexOf ( password , StringComparison . OrdinalIgnoreCase ) != - 1 )
7668 {
77- // if this is a secure string, pscredential or credential attribute, don't count
78- if ( secureStringType != null || credentialAttribute != null || psCredentialType != null )
69+ if ( attributes . Any ( x => x != null ) )
7970 {
8071 continue ;
8172 }
@@ -106,6 +97,20 @@ public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
10697 }
10798 }
10899
100+ private AttributeBaseAst GetAttributeOfType ( IEnumerable < AttributeBaseAst > attributeAsts , Type type )
101+ {
102+ return attributeAsts . FirstOrDefault ( x => IsAttributeOfType ( x , type ) ) ;
103+ }
104+
105+ private bool IsAttributeOfType ( AttributeBaseAst attributeAst , Type type )
106+ {
107+ var arrayType = attributeAst . TypeName as ArrayTypeName ;
108+ if ( arrayType != null )
109+ {
110+ return arrayType . ElementType . GetReflectionType ( ) == type ;
111+ }
112+ return attributeAst . TypeName . GetReflectionType ( ) == type ;
113+ }
109114 /// <summary>
110115 /// Returns script extent of username and password parameters
111116 /// </summary>
0 commit comments