C#: Introduce Csv validation for kind.

michaelnebel · michaelnebel · commit c88355ea13c9 · 2022-01-05T12:48:24.000+01:00
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
@@ -348,6 +348,24 @@ module CsvValidation {
         msg = "Invalid boolean \"" + b + "\" in " + pred + " model."
       )
     )
+    or
+    exists(string row, string kind | summaryModel(row) |
+      kind = row.splitAt(";", 8) and
+      not kind = ["taint", "value"] and
+      msg = "Invalid kind \"" + kind + "\" in summary model."
+    )
+    or
+    exists(string row, string kind | sinkModel(row) |
+      kind = row.splitAt(";", 7) and
+      not kind = ["code", "sql", "xss", "remote", "html"] and
+      msg = "Invalid kind \"" + kind + "\" in sink model."
+    )
+    or
+    exists(string row, string kind | sourceModel(row) |
+      kind = row.splitAt(";", 7) and
+      not kind = "local" and
+      msg = "Invalid kind \"" + kind + "\" in sink model."
+    )
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -348,6 +348,24 @@ module CsvValidation {`
`348`	`348`	`msg = "Invalid boolean \"" + b + "\" in " + pred + " model."`
`349`	`349`	`)`
`350`	`350`	`)`
	`351`	`+ or`
	`352`	`+ exists(string row, string kind \| summaryModel(row) \|`
	`353`	`+ kind = row.splitAt(";", 8) and`
	`354`	`+ not kind = ["taint", "value"] and`
	`355`	`+ msg = "Invalid kind \"" + kind + "\" in summary model."`
	`356`	`+ )`
	`357`	`+ or`
	`358`	`+ exists(string row, string kind \| sinkModel(row) \|`
	`359`	`+ kind = row.splitAt(";", 7) and`
	`360`	`+ not kind = ["code", "sql", "xss", "remote", "html"] and`
	`361`	`+ msg = "Invalid kind \"" + kind + "\" in sink model."`
	`362`	`+ )`
	`363`	`+ or`
	`364`	`+ exists(string row, string kind \| sourceModel(row) \|`
	`365`	`+ kind = row.splitAt(";", 7) and`
	`366`	`+ not kind = "local" and`
	`367`	`+ msg = "Invalid kind \"" + kind + "\" in sink model."`
	`368`	`+ )`
`351`	`369`	`}`
`352`	`370`	`}`
`353`	`371`