Skip to content

Commit 8866e6c

Browse files
committed
C#: Always use fully qualified names in CSV data-flow summaries
1 parent def3d6b commit 8866e6c

File tree

5 files changed

+36
-29
lines changed

5 files changed

+36
-29
lines changed

csharp/ql/src/semmle/code/csharp/dataflow/ExternalFlow.qll

Lines changed: 22 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -336,7 +336,22 @@ private UnboundValueOrRefType interpretType(string namespace, string type, boole
336336
)
337337
}
338338

339-
private string paramsStringPartA(Callable c, int i) {
339+
private Member interpretMember(
340+
string namespace, string type, boolean subtypes, string name, string signature
341+
) {
342+
elementSpec(namespace, type, subtypes, name, signature, _) and
343+
exists(UnboundValueOrRefType t |
344+
t = interpretType(namespace, type, subtypes) and
345+
result.getDeclaringType() = t and
346+
result.hasName(name)
347+
)
348+
}
349+
350+
private class InterpretedCallable extends Callable {
351+
InterpretedCallable() { this = interpretMember(_, _, _, _, _) }
352+
}
353+
354+
private string paramsStringPartA(InterpretedCallable c, int i) {
340355
i = -1 and result = "("
341356
or
342357
exists(int n |
@@ -349,23 +364,19 @@ private string paramsStringPartA(Callable c, int i) {
349364
i = 2 * c.getNumberOfParameters() and result = ")"
350365
}
351366

352-
private string paramsStringPartB(Callable c, int i, boolean fullyQualified) {
367+
private string paramsStringPartB(InterpretedCallable c, int i) {
353368
exists(int n, string p, Type t |
354369
t = c.getParameter(n).getType() and
355370
i = 2 * n and
356-
result = p
357-
|
358-
fullyQualified = true and p = t.getQualifiedName()
359-
or
360-
fullyQualified = false and p = t.toStringWithTypes()
371+
result = p and
372+
p = t.getQualifiedName()
361373
)
362374
}
363375

364-
private string paramsString(Callable c, boolean fullyQualified) {
365-
fullyQualified in [false, true] and
376+
private string paramsString(InterpretedCallable c) {
366377
result =
367378
strictconcat(int i, string s |
368-
s in [paramsStringPartA(c, i), paramsStringPartB(c, i, fullyQualified)]
379+
s in [paramsStringPartA(c, i), paramsStringPartB(c, i)]
369380
|
370381
s order by i
371382
)
@@ -383,7 +394,7 @@ private Element interpretElement0(
383394
|
384395
signature = ""
385396
or
386-
paramsString(m, _) = signature
397+
paramsString(m) = signature
387398
)
388399
or
389400
result = t and

csharp/ql/test/library-tests/dataflow/external-models/sinks.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ class SinkModelTest extends SinkModelCsv {
99
row =
1010
[
1111
//"namespace;type;overrides;name;signature;ext;spec;kind",
12-
"My.Qltest;B;false;Sink1;(object);;Argument[0];qltest",
12+
"My.Qltest;B;false;Sink1;(System.Object);;Argument[0];qltest",
1313
"My.Qltest;B;false;SinkMethod;();;ReturnValue;qltest",
1414
"My.Qltest;SinkAttribute;false;;;Attribute;ReturnValue;qltest-retval",
1515
"My.Qltest;SinkAttribute;false;;;Attribute;Argument;qltest-arg",

csharp/ql/test/library-tests/dataflow/external-models/srcs.expected

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@ invalidModelRow
44
| Sources.cs:8:17:8:22 | call to method Src1 | qltest-all-overloads |
55
| Sources.cs:9:17:9:24 | call to method Src1 | qltest |
66
| Sources.cs:9:17:9:24 | call to method Src1 | qltest-all-overloads |
7-
| Sources.cs:9:17:9:24 | call to method Src1 | qltest-alt |
87
| Sources.cs:12:17:12:26 | call to method Src2 | qltest |
98
| Sources.cs:12:17:12:26 | call to method Src2 | qltest-w-subtypes |
109
| Sources.cs:13:17:13:26 | call to method Src3 | qltest-w-subtypes |
@@ -13,8 +12,7 @@ invalidModelRow
1312
| Sources.cs:15:20:15:20 | [post] access to local variable x | qltest-argnum |
1413
| Sources.cs:17:17:17:33 | call to method TaggedSrcMethod | qltest-retval |
1514
| Sources.cs:18:17:18:30 | access to field TaggedSrcField | qltest-nospec |
16-
| Sources.cs:20:17:20:33 | call to method SrcTwoArg | qltest-longsig |
17-
| Sources.cs:20:17:20:33 | call to method SrcTwoArg | qltest-shortsig |
15+
| Sources.cs:20:17:20:33 | call to method SrcTwoArg | qltest |
1816
| Sources.cs:24:14:24:20 | this | qltest-param |
1917
| Sources.cs:24:29:24:45 | taggedMethodParam | qltest-param |
2018
| Sources.cs:28:49:28:62 | taggedSrcParam | qltest-nospec |

csharp/ql/test/library-tests/dataflow/external-models/srcs.ql

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -10,21 +10,19 @@ class SourceModelTest extends SourceModelCsv {
1010
[
1111
//"namespace;type;overrides;name;signature;ext;spec;kind",
1212
"My.Qltest;A;false;Src1;();;ReturnValue;qltest",
13-
"My.Qltest;A;false;Src1;(string);;ReturnValue;qltest",
14-
"My.Qltest;A;false;Src1;(System.String);;ReturnValue;qltest-alt",
13+
"My.Qltest;A;false;Src1;(System.String);;ReturnValue;qltest",
1514
"My.Qltest;A;false;Src1;;;ReturnValue;qltest-all-overloads",
1615
"My.Qltest;A;false;Src2;();;ReturnValue;qltest",
1716
"My.Qltest;A;false;Src3;();;ReturnValue;qltest",
1817
"My.Qltest;A;true;Src2;();;ReturnValue;qltest-w-subtypes",
1918
"My.Qltest;A;true;Src3;();;ReturnValue;qltest-w-subtypes",
20-
"My.Qltest;A;false;SrcArg;(object);;Argument[0];qltest-argnum",
21-
"My.Qltest;A;false;SrcArg;(object);;Argument;qltest-argany",
22-
"My.Qltest;A;true;SrcParam;(object);;Parameter[0];qltest-param-override",
19+
"My.Qltest;A;false;SrcArg;(System.Object);;Argument[0];qltest-argnum",
20+
"My.Qltest;A;false;SrcArg;(System.Object);;Argument;qltest-argany",
21+
"My.Qltest;A;true;SrcParam;(System.Object);;Parameter[0];qltest-param-override",
2322
"My.Qltest;SourceAttribute;false;;;Attribute;ReturnValue;qltest-retval",
2423
"My.Qltest;SourceAttribute;false;;;Attribute;Parameter;qltest-param",
2524
"My.Qltest;SourceAttribute;false;;;Attribute;;qltest-nospec",
26-
"My.Qltest;A;false;SrcTwoArg;(string,string);;ReturnValue;qltest-shortsig",
27-
"My.Qltest;A;false;SrcTwoArg;(System.String,System.String);;ReturnValue;qltest-longsig"
25+
"My.Qltest;A;false;SrcTwoArg;(System.String,System.String);;ReturnValue;qltest"
2826
]
2927
}
3028
}

csharp/ql/test/library-tests/dataflow/external-models/steps.ql

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -9,17 +9,17 @@ class SummaryModelTest extends SummaryModelCsv {
99
row =
1010
[
1111
//"namespace;type;overrides;name;signature;ext;inputspec;outputspec;kind",
12-
"My.Qltest;C;false;StepArgRes;(object);;Argument[0];ReturnValue;taint",
13-
"My.Qltest;C;false;StepArgArg;(object,object);;Argument[0];Argument[1];taint",
14-
"My.Qltest;C;false;StepArgQual;(object);;Argument[0];Argument[-1];taint",
12+
"My.Qltest;C;false;StepArgRes;(System.Object);;Argument[0];ReturnValue;taint",
13+
"My.Qltest;C;false;StepArgArg;(System.Object,System.Object);;Argument[0];Argument[1];taint",
14+
"My.Qltest;C;false;StepArgQual;(System.Object);;Argument[0];Argument[-1];taint",
1515
"My.Qltest;C;false;StepQualRes;();;Argument[-1];ReturnValue;taint",
16-
"My.Qltest;C;false;StepQualArg;(object);;Argument[-1];Argument[0];taint",
16+
"My.Qltest;C;false;StepQualArg;(System.Object);;Argument[-1];Argument[0];taint",
1717
"My.Qltest;C;false;StepFieldGetter;();;Field[My.Qltest.C.Field] of Argument[-1];ReturnValue;value",
18-
"My.Qltest;C;false;StepFieldSetter;(int);;Argument[0];Field[My.Qltest.C.Field] of Argument[-1];value",
18+
"My.Qltest;C;false;StepFieldSetter;(System.Int32);;Argument[0];Field[My.Qltest.C.Field] of Argument[-1];value",
1919
"My.Qltest;C;false;StepPropertyGetter;();;Property[My.Qltest.C.Property] of Argument[-1];ReturnValue;value",
20-
"My.Qltest;C;false;StepPropertySetter;(int);;Argument[0];Property[My.Qltest.C.Property] of Argument[-1];value",
20+
"My.Qltest;C;false;StepPropertySetter;(System.Int32);;Argument[0];Property[My.Qltest.C.Property] of Argument[-1];value",
2121
"My.Qltest;C;false;StepElementGetter;();;Element of Argument[-1];ReturnValue;value",
22-
"My.Qltest;C;false;StepElementSetter;(int);;Argument[0];Element of Argument[-1];value",
22+
"My.Qltest;C;false;StepElementSetter;(System.Int32);;Argument[0];Element of Argument[-1];value",
2323
"My.Qltest.C;Generic<>;false;StepGeneric;(T);;Argument[0];ReturnValue;value",
2424
"My.Qltest.C;Generic<>;false;StepGeneric2;(S);;Argument[0];ReturnValue;value"
2525
]

0 commit comments

Comments
 (0)