C#: Re-factor TaintedWebClient to use the new API.

michaelnebel · michaelnebel · commit 96f9c40fdb4f · 2023-04-13T14:28:27.000+02:00
diff --git a/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql b/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql
@@ -16,9 +16,9 @@
 
 import csharp
 import TaintedWebClientLib
-import semmle.code.csharp.dataflow.DataFlow::DataFlow::PathGraph
+import TaintedWebClient::PathGraph
 
-from TaintTrackingConfiguration c, DataFlow::PathNode source, DataFlow::PathNode sink
-where c.hasFlowPath(source, sink)
+from TaintedWebClient::PathNode source, TaintedWebClient::PathNode sink
+where TaintedWebClient::flowPath(source, sink)
 select sink.getNode(), source, sink, "A method of WebClient depepends on a $@.", source.getNode(),
   "user-provided value"
diff --git a/csharp/ql/src/experimental/CWE-099/TaintedWebClientLib.qll b/csharp/ql/src/experimental/CWE-099/TaintedWebClientLib.qll
@@ -38,9 +38,11 @@ abstract class Sink extends DataFlow::ExprNode { }
 abstract class Sanitizer extends DataFlow::ExprNode { }
 
 /**
+ * DEPRECATED: Use `TaintedWebClient` instead.
+ *
  * A taint-tracking configuration for uncontrolled data in path expression vulnerabilities.
  */
-class TaintTrackingConfiguration extends TaintTracking::Configuration {
+deprecated class TaintTrackingConfiguration extends TaintTracking::Configuration {
   TaintTrackingConfiguration() { this = "TaintedWebClientLib" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof Source }
@@ -50,6 +52,22 @@ class TaintTrackingConfiguration extends TaintTracking::Configuration {
   override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
 }
 
+/**
+ * A taint-tracking configuration for uncontrolled data in path expression vulnerabilities.
+ */
+private module TaintedWebClientConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof Source }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
+}
+
+/**
+ * A taint-tracking module for uncontrolled data in path expression vulnerabilities.
+ */
+module TaintedWebClient = TaintTracking::Global<TaintedWebClientConfig>;
+
 /** A source of remote user input. */
 class RemoteSource extends Source instanceof RemoteFlowSource { }
 
