C#: Also consider nullable simple types (and datetime) as simple type sanitizers.

michaelnebel · michaelnebel · commit 9460c91c8c57 · 2024-01-18T12:53:29.000+01:00
diff --git a/csharp/ql/lib/semmle/code/csharp/security/Sanitizers.qll b/csharp/ql/lib/semmle/code/csharp/security/Sanitizers.qll
@@ -55,7 +55,7 @@ class UrlSanitizedExpr extends Expr {
  */
 class SimpleTypeSanitizedExpr extends DataFlow::ExprNode {
   SimpleTypeSanitizedExpr() {
-    exists(Type t | t = this.getType() |
+    exists(Type t | t = this.getType() or t = this.getType().(NullableType).getUnderlyingType() |
       t instanceof SimpleType or
       t instanceof SystemDateTimeStruct
     )

Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ class UrlSanitizedExpr extends Expr {`
`55`	`55`	`*/`
`56`	`56`	`class SimpleTypeSanitizedExpr extends DataFlow::ExprNode {`
`57`	`57`	`SimpleTypeSanitizedExpr() {`
`58`		`- exists(Type t \| t = this.getType() \|`
	`58`	`+ exists(Type t \| t = this.getType() or t = this.getType().(NullableType).getUnderlyingType() \|`
`59`	`59`	`t instanceof SimpleType or`
`60`	`60`	`t instanceof SystemDateTimeStruct`
`61`	`61`	`)`