C#: Update test because we now have a flow summary the string indexer for NameValueCollection.

Author: michaelnebel

csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.expected

@@ -1,13 +1,22 @@
 edges
+| TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:10:23:10:53 | access to indexer : String |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:12:50:12:53 | access to local variable path |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:17:51:17:54 | access to local variable path |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:25:30:25:33 | access to local variable path |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:31:30:31:33 | access to local variable path |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:36:25:36:31 | access to local variable badPath |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:38:49:38:55 | access to local variable badPath |
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | TaintedPath.cs:51:26:51:29 | access to local variable path |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:12:50:12:53 | access to local variable path |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:17:51:17:54 | access to local variable path |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:25:30:25:33 | access to local variable path |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:31:30:31:33 | access to local variable path |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:36:25:36:31 | access to local variable badPath |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:38:49:38:55 | access to local variable badPath |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | TaintedPath.cs:51:26:51:29 | access to local variable path |
 nodes
 | TaintedPath.cs:10:23:10:45 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| TaintedPath.cs:10:23:10:53 | access to indexer : String | semmle.label | access to indexer : String |
 | TaintedPath.cs:12:50:12:53 | access to local variable path | semmle.label | access to local variable path |
 | TaintedPath.cs:17:51:17:54 | access to local variable path | semmle.label | access to local variable path |
 | TaintedPath.cs:25:30:25:33 | access to local variable path | semmle.label | access to local variable path |

csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/XSS.expected

@@ -7,13 +7,24 @@ edges
 | XSS.cs:26:32:26:40 | access to local variable userInput [element] : String | XSS.cs:26:32:26:51 | call to method ToString |
 | XSS.cs:27:29:27:37 | access to local variable userInput [element] : String | XSS.cs:27:29:27:48 | call to method ToString |
 | XSS.cs:28:26:28:34 | access to local variable userInput [element] : String | XSS.cs:28:26:28:45 | call to method ToString |
+| XSS.cs:37:27:37:53 | access to property QueryString : NameValueCollection | XSS.cs:37:27:37:61 | access to indexer : String |
 | XSS.cs:37:27:37:53 | access to property QueryString : NameValueCollection | XSS.cs:38:36:38:39 | access to local variable name |
+| XSS.cs:37:27:37:61 | access to indexer : String | XSS.cs:38:36:38:39 | access to local variable name |
+| XSS.cs:57:27:57:65 | access to property QueryString : NameValueCollection | XSS.cs:57:27:57:73 | access to indexer : String |
 | XSS.cs:57:27:57:65 | access to property QueryString : NameValueCollection | XSS.cs:59:22:59:25 | access to local variable name |
+| XSS.cs:57:27:57:73 | access to indexer : String | XSS.cs:59:22:59:25 | access to local variable name |
+| XSS.cs:75:27:75:53 | access to property QueryString : NameValueCollection | XSS.cs:75:27:75:61 | access to indexer : String |
 | XSS.cs:75:27:75:53 | access to property QueryString : NameValueCollection | XSS.cs:76:36:76:39 | access to local variable name |
+| XSS.cs:75:27:75:61 | access to indexer : String | XSS.cs:76:36:76:39 | access to local variable name |
 | XSS.cs:78:28:78:42 | access to property Request : HttpRequestBase | XSS.cs:79:36:79:40 | access to local variable name2 |
+| XSS.cs:85:27:85:53 | access to property QueryString : NameValueCollection | XSS.cs:85:27:85:61 | access to indexer : String |
 | XSS.cs:85:27:85:53 | access to property QueryString : NameValueCollection | XSS.cs:86:28:86:31 | access to local variable name |
 | XSS.cs:85:27:85:53 | access to property QueryString : NameValueCollection | XSS.cs:87:31:87:34 | access to local variable name |
+| XSS.cs:85:27:85:61 | access to indexer : String | XSS.cs:86:28:86:31 | access to local variable name |
+| XSS.cs:85:27:85:61 | access to indexer : String | XSS.cs:87:31:87:34 | access to local variable name |
+| XSS.cs:94:27:94:53 | access to property QueryString : NameValueCollection | XSS.cs:94:27:94:61 | access to indexer : String |
 | XSS.cs:94:27:94:53 | access to property QueryString : NameValueCollection | XSS.cs:95:31:95:34 | access to local variable name |
+| XSS.cs:94:27:94:61 | access to indexer : String | XSS.cs:95:31:95:34 | access to local variable name |
 | script.aspx:12:1:12:14 | <%= ... %> | script.aspx:12:1:12:14 | <%= ... %> |
 | script.aspx:16:1:16:34 | <%= ... %> | script.aspx:16:1:16:34 | <%= ... %> |
 | script.aspx:20:1:20:41 | <%= ... %> | script.aspx:20:1:20:41 | <%= ... %> |
@@ -28,17 +39,22 @@ nodes
 | XSS.cs:28:26:28:34 | access to local variable userInput [element] : String | semmle.label | access to local variable userInput [element] : String |
 | XSS.cs:28:26:28:45 | call to method ToString | semmle.label | call to method ToString |
 | XSS.cs:37:27:37:53 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| XSS.cs:37:27:37:61 | access to indexer : String | semmle.label | access to indexer : String |
 | XSS.cs:38:36:38:39 | access to local variable name | semmle.label | access to local variable name |
 | XSS.cs:57:27:57:65 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| XSS.cs:57:27:57:73 | access to indexer : String | semmle.label | access to indexer : String |
 | XSS.cs:59:22:59:25 | access to local variable name | semmle.label | access to local variable name |
 | XSS.cs:75:27:75:53 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| XSS.cs:75:27:75:61 | access to indexer : String | semmle.label | access to indexer : String |
 | XSS.cs:76:36:76:39 | access to local variable name | semmle.label | access to local variable name |
 | XSS.cs:78:28:78:42 | access to property Request : HttpRequestBase | semmle.label | access to property Request : HttpRequestBase |
 | XSS.cs:79:36:79:40 | access to local variable name2 | semmle.label | access to local variable name2 |
 | XSS.cs:85:27:85:53 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| XSS.cs:85:27:85:61 | access to indexer : String | semmle.label | access to indexer : String |
 | XSS.cs:86:28:86:31 | access to local variable name | semmle.label | access to local variable name |
 | XSS.cs:87:31:87:34 | access to local variable name | semmle.label | access to local variable name |
 | XSS.cs:94:27:94:53 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| XSS.cs:94:27:94:61 | access to indexer : String | semmle.label | access to indexer : String |
 | XSS.cs:95:31:95:34 | access to local variable name | semmle.label | access to local variable name |
 | XSS.cs:134:20:134:33 | access to property RawUrl | semmle.label | access to property RawUrl |
 | script.aspx:12:1:12:14 | <%= ... %> | semmle.label | <%= ... %> |

csharp/ql/test/query-tests/Security Features/CWE-079/XSS/XSS.expected

@@ -1,6 +1,9 @@
 edges
+| XSSAspNet.cs:19:25:19:43 | access to property QueryString : NameValueCollection | XSSAspNet.cs:19:25:19:52 | access to indexer : String |
 | XSSAspNet.cs:19:25:19:43 | access to property QueryString : NameValueCollection | XSSAspNet.cs:26:30:26:34 | access to local variable sayHi |
 | XSSAspNet.cs:19:25:19:43 | access to property QueryString : NameValueCollection | XSSAspNet.cs:36:40:36:44 | access to local variable sayHi |
+| XSSAspNet.cs:19:25:19:52 | access to indexer : String | XSSAspNet.cs:26:30:26:34 | access to local variable sayHi |
+| XSSAspNet.cs:19:25:19:52 | access to indexer : String | XSSAspNet.cs:36:40:36:44 | access to local variable sayHi |
 | XSSAspNet.cs:43:28:43:46 | access to property QueryString : NameValueCollection | XSSAspNet.cs:43:28:43:55 | access to indexer |
 | XSSAspNetCore.cs:21:52:21:64 | access to property Query : IQueryCollection | XSSAspNetCore.cs:21:52:21:76 | call to operator implicit conversion |
 | XSSAspNetCore.cs:40:56:40:58 | foo : String | XSSAspNetCore.cs:44:51:44:53 | access to parameter foo |
@@ -12,6 +15,7 @@ edges
 | XSSAspNetCore.cs:72:51:72:65 | access to property Headers : IHeaderDictionary | XSSAspNetCore.cs:72:51:72:72 | call to operator implicit conversion |
 nodes
 | XSSAspNet.cs:19:25:19:43 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| XSSAspNet.cs:19:25:19:52 | access to indexer : String | semmle.label | access to indexer : String |
 | XSSAspNet.cs:26:30:26:34 | access to local variable sayHi | semmle.label | access to local variable sayHi |
 | XSSAspNet.cs:36:40:36:44 | access to local variable sayHi | semmle.label | access to local variable sayHi |
 | XSSAspNet.cs:43:28:43:46 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |

csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.expected

@@ -1,12 +1,20 @@
 edges
+| LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:11:27:11:61 | access to indexer : String |
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:14:54:14:78 | ... + ... |
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:16:21:16:45 | ... + ... |
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:23:21:23:45 | ... + ... |
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:24:53:24:77 | ... + ... |
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:27:48:27:70 | ... + ... |
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | LDAPInjection.cs:29:20:29:42 | ... + ... |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | LDAPInjection.cs:14:54:14:78 | ... + ... |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | LDAPInjection.cs:16:21:16:45 | ... + ... |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | LDAPInjection.cs:23:21:23:45 | ... + ... |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | LDAPInjection.cs:24:53:24:77 | ... + ... |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | LDAPInjection.cs:27:48:27:70 | ... + ... |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | LDAPInjection.cs:29:20:29:42 | ... + ... |
 nodes
 | LDAPInjection.cs:11:27:11:49 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| LDAPInjection.cs:11:27:11:61 | access to indexer : String | semmle.label | access to indexer : String |
 | LDAPInjection.cs:14:54:14:78 | ... + ... | semmle.label | ... + ... |
 | LDAPInjection.cs:16:21:16:45 | ... + ... | semmle.label | ... + ... |
 | LDAPInjection.cs:23:21:23:45 | ... + ... | semmle.label | ... + ... |

csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.expected

@@ -1,8 +1,12 @@
 edges
+| CodeInjection.cs:23:23:23:45 | access to property QueryString : NameValueCollection | CodeInjection.cs:23:23:23:53 | access to indexer : String |
 | CodeInjection.cs:23:23:23:45 | access to property QueryString : NameValueCollection | CodeInjection.cs:29:64:29:67 | access to local variable code |
 | CodeInjection.cs:23:23:23:45 | access to property QueryString : NameValueCollection | CodeInjection.cs:40:36:40:39 | access to local variable code |
+| CodeInjection.cs:23:23:23:53 | access to indexer : String | CodeInjection.cs:29:64:29:67 | access to local variable code |
+| CodeInjection.cs:23:23:23:53 | access to indexer : String | CodeInjection.cs:40:36:40:39 | access to local variable code |
 nodes
 | CodeInjection.cs:23:23:23:45 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| CodeInjection.cs:23:23:23:53 | access to indexer : String | semmle.label | access to indexer : String |
 | CodeInjection.cs:29:64:29:67 | access to local variable code | semmle.label | access to local variable code |
 | CodeInjection.cs:40:36:40:39 | access to local variable code | semmle.label | access to local variable code |
 | CodeInjection.cs:56:36:56:44 | access to property Text | semmle.label | access to property Text |

csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.expected

@@ -1,8 +1,12 @@
 edges
+| ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:8:27:8:61 | access to indexer : String |
 | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:11:57:11:72 | access to local variable connectionString |
 | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | ResourceInjection.cs:13:42:13:57 | access to local variable connectionString |
+| ResourceInjection.cs:8:27:8:61 | access to indexer : String | ResourceInjection.cs:11:57:11:72 | access to local variable connectionString |
+| ResourceInjection.cs:8:27:8:61 | access to indexer : String | ResourceInjection.cs:13:42:13:57 | access to local variable connectionString |
 nodes
 | ResourceInjection.cs:8:27:8:49 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| ResourceInjection.cs:8:27:8:61 | access to indexer : String | semmle.label | access to indexer : String |
 | ResourceInjection.cs:11:57:11:72 | access to local variable connectionString | semmle.label | access to local variable connectionString |
 | ResourceInjection.cs:13:42:13:57 | access to local variable connectionString | semmle.label | access to local variable connectionString |
 subpaths

csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.expected

@@ -1,16 +1,23 @@
 edges
+| MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:12:34:12:75 | access to indexer : String |
 | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:16:43:16:57 | access to local variable userProvidedXml : String |
 | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:21:43:21:57 | access to local variable userProvidedXml : String |
 | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:27:43:27:57 | access to local variable userProvidedXml : String |
 | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:35:43:35:57 | access to local variable userProvidedXml : String |
 | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | MissingXMLValidation.cs:45:43:45:57 | access to local variable userProvidedXml : String |
+| MissingXMLValidation.cs:12:34:12:75 | access to indexer : String | MissingXMLValidation.cs:16:43:16:57 | access to local variable userProvidedXml : String |
+| MissingXMLValidation.cs:12:34:12:75 | access to indexer : String | MissingXMLValidation.cs:21:43:21:57 | access to local variable userProvidedXml : String |
+| MissingXMLValidation.cs:12:34:12:75 | access to indexer : String | MissingXMLValidation.cs:27:43:27:57 | access to local variable userProvidedXml : String |
+| MissingXMLValidation.cs:12:34:12:75 | access to indexer : String | MissingXMLValidation.cs:35:43:35:57 | access to local variable userProvidedXml : String |
+| MissingXMLValidation.cs:12:34:12:75 | access to indexer : String | MissingXMLValidation.cs:45:43:45:57 | access to local variable userProvidedXml : String |
 | MissingXMLValidation.cs:16:43:16:57 | access to local variable userProvidedXml : String | MissingXMLValidation.cs:16:26:16:58 | object creation of type StringReader |
 | MissingXMLValidation.cs:21:43:21:57 | access to local variable userProvidedXml : String | MissingXMLValidation.cs:21:26:21:58 | object creation of type StringReader |
 | MissingXMLValidation.cs:27:43:27:57 | access to local variable userProvidedXml : String | MissingXMLValidation.cs:27:26:27:58 | object creation of type StringReader |
 | MissingXMLValidation.cs:35:43:35:57 | access to local variable userProvidedXml : String | MissingXMLValidation.cs:35:26:35:58 | object creation of type StringReader |
 | MissingXMLValidation.cs:45:43:45:57 | access to local variable userProvidedXml : String | MissingXMLValidation.cs:45:26:45:58 | object creation of type StringReader |
 nodes
 | MissingXMLValidation.cs:12:34:12:56 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| MissingXMLValidation.cs:12:34:12:75 | access to indexer : String | semmle.label | access to indexer : String |
 | MissingXMLValidation.cs:16:26:16:58 | object creation of type StringReader | semmle.label | object creation of type StringReader |
 | MissingXMLValidation.cs:16:43:16:57 | access to local variable userProvidedXml : String | semmle.label | access to local variable userProvidedXml : String |
 | MissingXMLValidation.cs:21:26:21:58 | object creation of type StringReader | semmle.label | object creation of type StringReader |

csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected

@@ -1,8 +1,12 @@
 edges
+| LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:17:27:17:61 | access to indexer : String |
 | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:20:21:20:43 | ... + ... |
 | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:26:50:26:72 | ... + ... |
+| LogForging.cs:17:27:17:61 | access to indexer : String | LogForging.cs:20:21:20:43 | ... + ... |
+| LogForging.cs:17:27:17:61 | access to indexer : String | LogForging.cs:26:50:26:72 | ... + ... |
 nodes
 | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
+| LogForging.cs:17:27:17:61 | access to indexer : String | semmle.label | access to indexer : String |
 | LogForging.cs:20:21:20:43 | ... + ... | semmle.label | ... + ... |
 | LogForging.cs:26:50:26:72 | ... + ... | semmle.label | ... + ... |
 subpaths