Skip to content

Commit d60b90a

Browse files
michaelnebelmichaelnebel
committed
C#: Manual update of System.String and System.Convert flow summaries.
1 parent e879ca7 commit d60b90a

File tree

3 files changed

+99
-75
lines changed

3 files changed

+99
-75
lines changed

csharp/ql/lib/semmle/code/csharp/frameworks/System.qll

Lines changed: 33 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -120,19 +120,21 @@ private class SystemConvertFlowModelCsv extends SummaryModelCsv {
120120
"System;Convert;false;ChangeType;(System.Object,System.Type,System.IFormatProvider);;Argument[0];ReturnValue;taint",
121121
"System;Convert;false;ChangeType;(System.Object,System.TypeCode);;Argument[0];ReturnValue;taint",
122122
"System;Convert;false;ChangeType;(System.Object,System.TypeCode,System.IFormatProvider);;Argument[0];ReturnValue;taint",
123-
"System;Convert;false;FromBase64CharArray;(System.Char[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
124-
"System;Convert;false;FromBase64String;(System.String);;Argument[0];ReturnValue;taint",
125-
"System;Convert;false;FromHexString;(System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
126-
"System;Convert;false;FromHexString;(System.String);;Argument[0];ReturnValue;taint",
123+
"System;Convert;false;FromBase64CharArray;(System.Char[],System.Int32,System.Int32);;Element of Argument[0];Element of ReturnValue;taint",
124+
"System;Convert;false;FromBase64String;(System.String);;Argument[0];Element of ReturnValue;taint",
125+
"System;Convert;false;FromHexString;(System.ReadOnlySpan<System.Char>);;Element of Argument[0];Element of ReturnValue;taint",
126+
"System;Convert;false;FromHexString;(System.String);;Argument[0];Element of ReturnValue;taint",
127127
"System;Convert;false;GetTypeCode;(System.Object);;Argument[0];ReturnValue;taint",
128128
"System;Convert;false;IsDBNull;(System.Object);;Argument[0];ReturnValue;taint",
129-
"System;Convert;false;ToBase64CharArray;(System.Byte[],System.Int32,System.Int32,System.Char[],System.Int32);;Argument[0];ReturnValue;taint",
130-
"System;Convert;false;ToBase64CharArray;(System.Byte[],System.Int32,System.Int32,System.Char[],System.Int32,System.Base64FormattingOptions);;Argument[0];ReturnValue;taint",
131-
"System;Convert;false;ToBase64String;(System.Byte[]);;Argument[0];ReturnValue;taint",
132-
"System;Convert;false;ToBase64String;(System.Byte[],System.Base64FormattingOptions);;Argument[0];ReturnValue;taint",
133-
"System;Convert;false;ToBase64String;(System.Byte[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
134-
"System;Convert;false;ToBase64String;(System.Byte[],System.Int32,System.Int32,System.Base64FormattingOptions);;Argument[0];ReturnValue;taint",
135-
"System;Convert;false;ToBase64String;(System.ReadOnlySpan<System.Byte>,System.Base64FormattingOptions);;Argument[0];ReturnValue;taint",
129+
"System;Convert;false;ToBase64CharArray;(System.Byte[],System.Int32,System.Int32,System.Char[],System.Int32,System.Base64FormattingOptions);;Element of Argument[0];ReturnValue;taint",
130+
"System;Convert;false;ToBase64CharArray;(System.Byte[],System.Int32,System.Int32,System.Char[],System.Int32,System.Base64FormattingOptions);;Element of Argument[0];Element of Argument[3];taint",
131+
"System;Convert;false;ToBase64CharArray;(System.Byte[],System.Int32,System.Int32,System.Char[],System.Int32);;Element of Argument[0];ReturnValue;taint",
132+
"System;Convert;false;ToBase64CharArray;(System.Byte[],System.Int32,System.Int32,System.Char[],System.Int32);;Element of Argument[0];Element of Argument[3];taint",
133+
"System;Convert;false;ToBase64String;(System.Byte[]);;Element of Argument[0];ReturnValue;taint",
134+
"System;Convert;false;ToBase64String;(System.Byte[],System.Base64FormattingOptions);;Element of Argument[0];ReturnValue;taint",
135+
"System;Convert;false;ToBase64String;(System.Byte[],System.Int32,System.Int32);;Element of Argument[0];ReturnValue;taint",
136+
"System;Convert;false;ToBase64String;(System.Byte[],System.Int32,System.Int32,System.Base64FormattingOptions);;Element of Argument[0];ReturnValue;taint",
137+
"System;Convert;false;ToBase64String;(System.ReadOnlySpan<System.Byte>,System.Base64FormattingOptions);;Element of Argument[0];ReturnValue;taint",
136138
"System;Convert;false;ToBoolean;(System.Boolean);;Argument[0];ReturnValue;taint",
137139
"System;Convert;false;ToBoolean;(System.Byte);;Argument[0];ReturnValue;taint",
138140
"System;Convert;false;ToBoolean;(System.Char);;Argument[0];ReturnValue;taint",
@@ -242,9 +244,9 @@ private class SystemConvertFlowModelCsv extends SummaryModelCsv {
242244
"System;Convert;false;ToDouble;(System.UInt16);;Argument[0];ReturnValue;taint",
243245
"System;Convert;false;ToDouble;(System.UInt32);;Argument[0];ReturnValue;taint",
244246
"System;Convert;false;ToDouble;(System.UInt64);;Argument[0];ReturnValue;taint",
245-
"System;Convert;false;ToHexString;(System.Byte[]);;Argument[0];ReturnValue;taint",
246-
"System;Convert;false;ToHexString;(System.Byte[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
247-
"System;Convert;false;ToHexString;(System.ReadOnlySpan<System.Byte>);;Argument[0];ReturnValue;taint",
247+
"System;Convert;false;ToHexString;(System.Byte[]);;Element of Argument[0];ReturnValue;taint",
248+
"System;Convert;false;ToHexString;(System.Byte[],System.Int32,System.Int32);;Element of Argument[0];ReturnValue;taint",
249+
"System;Convert;false;ToHexString;(System.ReadOnlySpan<System.Byte>);;Element of Argument[0];ReturnValue;taint",
248250
"System;Convert;false;ToInt16;(System.Boolean);;Argument[0];ReturnValue;taint",
249251
"System;Convert;false;ToInt16;(System.Byte);;Argument[0];ReturnValue;taint",
250252
"System;Convert;false;ToInt16;(System.Char);;Argument[0];ReturnValue;taint",
@@ -432,9 +434,15 @@ private class SystemConvertFlowModelCsv extends SummaryModelCsv {
432434
"System;Convert;false;ToUInt64;(System.UInt16);;Argument[0];ReturnValue;taint",
433435
"System;Convert;false;ToUInt64;(System.UInt32);;Argument[0];ReturnValue;taint",
434436
"System;Convert;false;ToUInt64;(System.UInt64);;Argument[0];ReturnValue;taint",
435-
"System;Convert;false;TryFromBase64Chars;(System.ReadOnlySpan<System.Char>,System.Span<System.Byte>,System.Int32);;Argument[0];ReturnValue;taint",
437+
"System;Convert;false;TryFromBase64Chars;(System.ReadOnlySpan<System.Char>,System.Span<System.Byte>,System.Int32);;Element of Argument[0];ReturnValue;taint",
438+
"System;Convert;false;TryFromBase64Chars;(System.ReadOnlySpan<System.Char>,System.Span<System.Byte>,System.Int32);;Element of Argument[0];Element of Argument[1];taint",
439+
"System;Convert;false;TryFromBase64Chars;(System.ReadOnlySpan<System.Char>,System.Span<System.Byte>,System.Int32);;Element of Argument[0];Argument[2];taint",
436440
"System;Convert;false;TryFromBase64String;(System.String,System.Span<System.Byte>,System.Int32);;Argument[0];ReturnValue;taint",
437-
"System;Convert;false;TryToBase64Chars;(System.ReadOnlySpan<System.Byte>,System.Span<System.Char>,System.Int32,System.Base64FormattingOptions);;Argument[0];ReturnValue;taint",
441+
"System;Convert;false;TryFromBase64String;(System.String,System.Span<System.Byte>,System.Int32);;Argument[0];Element of Argument[1];taint",
442+
"System;Convert;false;TryFromBase64String;(System.String,System.Span<System.Byte>,System.Int32);;Argument[0];Argument[2];taint",
443+
"System;Convert;false;TryToBase64Chars;(System.ReadOnlySpan<System.Byte>,System.Span<System.Char>,System.Int32,System.Base64FormattingOptions);;Element of Argument[0];ReturnValue;taint",
444+
"System;Convert;false;TryToBase64Chars;(System.ReadOnlySpan<System.Byte>,System.Span<System.Char>,System.Int32,System.Base64FormattingOptions);;Element of Argument[0];Element of Argument[1];taint",
445+
"System;Convert;false;TryToBase64Chars;(System.ReadOnlySpan<System.Byte>,System.Span<System.Char>,System.Int32,System.Base64FormattingOptions);;Element of Argument[0];Argument[2];taint",
438446
]
439447
}
440448
}
@@ -862,15 +870,15 @@ private class SystemStringFlowModelCsv extends SummaryModelCsv {
862870
"System;String;false;Concat;(System.Object,System.Object,System.Object);;Argument[1];ReturnValue;taint",
863871
"System;String;false;Concat;(System.Object,System.Object,System.Object);;Argument[2];ReturnValue;taint",
864872
"System;String;false;Concat;(System.Object[]);;Element of Argument[0];ReturnValue;taint",
865-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
866-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[1];ReturnValue;taint",
867-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
868-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[1];ReturnValue;taint",
869-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[2];ReturnValue;taint",
870-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[0];ReturnValue;taint",
871-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[1];ReturnValue;taint",
872-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[2];ReturnValue;taint",
873-
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Argument[3];ReturnValue;taint",
873+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[0];ReturnValue;taint",
874+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[1];ReturnValue;taint",
875+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[0];ReturnValue;taint",
876+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[1];ReturnValue;taint",
877+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[2];ReturnValue;taint",
878+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[0];ReturnValue;taint",
879+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[1];ReturnValue;taint",
880+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[2];ReturnValue;taint",
881+
"System;String;false;Concat;(System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>,System.ReadOnlySpan<System.Char>);;Element of Argument[3];ReturnValue;taint",
874882
"System;String;false;Concat;(System.String,System.String);;Argument[0];ReturnValue;taint",
875883
"System;String;false;Concat;(System.String,System.String);;Argument[1];ReturnValue;taint",
876884
"System;String;false;Concat;(System.String,System.String,System.String);;Argument[0];ReturnValue;taint",

0 commit comments

Comments
 (0)