C#: Convert System.Web.HttpUtility flow to CSV format.

michaelnebel · michaelnebel · commit 1cab177f8a94 · 2021-12-13T09:19:41.000+01:00
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
@@ -1965,24 +1965,6 @@ class SystemIOPathFlow extends LibraryTypeDataFlow, SystemIOPathClass {
   }
 }
 
-/** Data flow for `System.Web.HttpUtility`. */
-class SystemWebHttpUtilityFlow extends LibraryTypeDataFlow, SystemWebHttpUtility {
-  override predicate callableFlow(
-    CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c,
-    boolean preservesValue
-  ) {
-    (
-      c = this.getAnHtmlAttributeEncodeMethod() or
-      c = this.getAnHtmlEncodeMethod() or
-      c = this.getAJavaScriptStringEncodeMethod() or
-      c = this.getAnUrlEncodeMethod()
-    ) and
-    source = TCallableFlowSourceArg(0) and
-    sink = TCallableFlowSinkReturn() and
-    preservesValue = false
-  }
-}
-
 /**
  * Custom flow through `StringValues` library class.
  */
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll
@@ -203,6 +203,26 @@ class SystemWebHttpUtility extends SystemWebClass {
   Method getAnUrlEncodeMethod() { result = this.getAMethod("UrlEncode") }
 }
 
+/** Data flow for `System.Web.HttpUtility`. */
+private class SystemWebHttpUtilityFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Web;HttpUtility;false;HtmlAttributeEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlAttributeEncode;(System.String,System.IO.TextWriter);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlEncode;(System.Object);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlEncode;(System.String,System.IO.TextWriter);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;JavaScriptStringEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;JavaScriptStringEncode;(System.String,System.Boolean);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.Byte[]);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.Byte[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.String,System.Text.Encoding);;Argument[0];ReturnValue;taint"
+      ]
+  }
+}
+
 /** The `System.Web.HttpCookie` class. */
 class SystemWebHttpCookie extends SystemWebClass {
   SystemWebHttpCookie() { this.hasName("HttpCookie") }
