C#: Convert System.Text.StringBuilder flow to CSV format.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll

@@ -537,69 +537,6 @@ class SystemIOStringReaderFlow extends LibraryTypeDataFlow, SystemIOStringReader
 
 /** Data flow for `System.Text.StringBuilder`. */
 class SystemTextStringBuilderFlow extends LibraryTypeDataFlow, SystemTextStringBuilderClass {
-  override predicate callableFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    SourceDeclarationCallable c, boolean preservesValue
-  ) {
-    (
-      this.constructorFlow(source, sourceAp, sink, sinkAp, c) and
-      preservesValue = true
-      or
-      this.methodFlow(source, sourceAp, sink, sinkAp, c, preservesValue)
-    )
-  }
-
-  private predicate constructorFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    Constructor c
-  ) {
-    c = this.getAMember() and
-    c.getParameter(0).getType() instanceof StringType and
-    source = TCallableFlowSourceArg(0) and
-    sourceAp = AccessPath::empty() and
-    sink = TCallableFlowSinkReturn() and
-    sinkAp = AccessPath::element()
-  }
-
-  private predicate methodFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    SourceDeclarationMethod m, boolean preservesValue
-  ) {
-    exists(string name | m = this.getAMethod() and m.hasUndecoratedName(name) |
-      name = "ToString" and
-      source = TCallableFlowSourceQualifier() and
-      sourceAp = AccessPath::element() and
-      sink = TCallableFlowSinkReturn() and
-      sinkAp = AccessPath::empty() and
-      preservesValue = false
-      or
-      name.regexpMatch("Append(Format|Line|Join)?") and
-      preservesValue = true and
-      (
-        exists(int i, Type t |
-          t = m.getParameter(i).getType() and
-          source = TCallableFlowSourceArg(i) and
-          sink = TCallableFlowSinkQualifier() and
-          sinkAp = AccessPath::element()
-        |
-          (
-            t instanceof StringType or
-            t instanceof ObjectType
-          ) and
-          sourceAp = AccessPath::empty()
-          or
-          isCollectionType(t) and
-          sourceAp = AccessPath::element()
-        )
-        or
-        source = TCallableFlowSourceQualifier() and
-        sourceAp = AccessPath::empty() and
-        sink = TCallableFlowSinkReturn() and
-        sinkAp = AccessPath::empty()
-      )
-    )
-  }
-
   override predicate clearsContent(
     CallableFlowSource source, Content content, SourceDeclarationCallable callable
   ) {

csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll

@@ -2,6 +2,7 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
+private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Text` namespace. */
 class SystemTextNamespace extends Namespace {
@@ -24,6 +25,97 @@ class SystemTextStringBuilderClass extends SystemTextClass {
   Method getAppendFormatMethod() { result = this.getAMethod("AppendFormat") }
 }
 
+/** Data flow for `System.Text.StringBuilder`. */
+private class SystemTextStringBuilderFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Text;StringBuilder;false;Append;(System.Boolean);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Byte);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Char);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Char*,System.Int32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Char,System.Int32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Char[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Char[]);;Element of Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;Append;(System.Char[],System.Int32,System.Int32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Char[],System.Int32,System.Int32);;Element of Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;Append;(System.Decimal);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Double);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Int16);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Int32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Int64);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Object);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;Append;(System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.ReadOnlyMemory<System.Char>);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.ReadOnlySpan<System.Char>);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.SByte);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Single);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.String);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;Append;(System.String);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.String,System.Int32,System.Int32);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;Append;(System.String,System.Int32,System.Int32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Text.StringBuilder);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.Text.StringBuilder,System.Int32,System.Int32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.UInt16);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.UInt32);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;Append;(System.UInt64);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object);;Argument[2];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[2];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[3];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[2];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[3];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[4];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object,System.Object,System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object[]);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.IFormatProvider,System.String,System.Object[]);;Element of Argument[2];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object);;Argument[2];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object,System.Object);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object,System.Object);;Argument[2];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object,System.Object);;Argument[3];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object,System.Object,System.Object);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object[]);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendFormat;(System.String,System.Object[]);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.Char,System.Object[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.Char,System.Object[]);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.Char,System.String[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.Char,System.String[]);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.String,System.Object[]);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.String,System.Object[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.String,System.Object[]);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.String,System.String[]);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.String,System.String[]);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendJoin;(System.String,System.String[]);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin<>;(System.Char,System.Collections.Generic.IEnumerable<T>);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendJoin<>;(System.Char,System.Collections.Generic.IEnumerable<T>);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin<>;(System.String,System.Collections.Generic.IEnumerable<T>);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendJoin<>;(System.String,System.Collections.Generic.IEnumerable<T>);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendJoin<>;(System.String,System.Collections.Generic.IEnumerable<T>);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendLine;();;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;AppendLine;(System.String);;Argument[0];Element of Argument[-1];value",
+        "System.Text;StringBuilder;false;AppendLine;(System.String);;Argument[-1];ReturnValue;value",
+        "System.Text;StringBuilder;false;StringBuilder;(System.String);;Argument[0];Element of ReturnValue;value",
+        "System.Text;StringBuilder;false;StringBuilder;(System.String,System.Int32);;Argument[0];Element of ReturnValue;value",
+        "System.Text;StringBuilder;false;StringBuilder;(System.String,System.Int32,System.Int32,System.Int32);;Argument[0];Element of ReturnValue;value",
+        "System.Text;StringBuilder;false;ToString;();;Element of Argument[-1];ReturnValue;taint",
+        "System.Text;StringBuilder;false;ToString;(System.Int32,System.Int32);;Element of Argument[-1];ReturnValue;taint",
+      ]
+  }
+}
+
 /** The `System.Text.Encoding` class. */
 class SystemTextEncodingClass extends SystemTextClass {
   SystemTextEncodingClass() { this.hasName("Encoding") }