C#: Convert at least System.Collection.[Generic.]IList flow to CSV format.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll

@@ -86,6 +86,7 @@ private import internal.FlowSummaryImplSpecific
 private module Frameworks {
   private import semmle.code.csharp.frameworks.EntityFramework
   private import semmle.code.csharp.frameworks.JsonNET
+  private import semmle.code.csharp.frameworks.microsoft.VisualBasic
   private import semmle.code.csharp.frameworks.ServiceStack
   private import semmle.code.csharp.frameworks.Sql
   private import semmle.code.csharp.frameworks.System
@@ -96,6 +97,7 @@ private module Frameworks {
   private import semmle.code.csharp.frameworks.system.collections.ObjectModel
   private import semmle.code.csharp.frameworks.system.collections.Specialized
   private import semmle.code.csharp.frameworks.system.ComponentModel
+  private import semmle.code.csharp.frameworks.system.componentmodel.Design
   private import semmle.code.csharp.frameworks.system.Data
   private import semmle.code.csharp.frameworks.system.data.Common
   private import semmle.code.csharp.frameworks.system.Diagnostics
@@ -106,11 +108,15 @@ private module Frameworks {
   private import semmle.code.csharp.frameworks.system.IO
   private import semmle.code.csharp.frameworks.system.io.Compression
   private import semmle.code.csharp.frameworks.system.runtime.CompilerServices
+  private import semmle.code.csharp.frameworks.system.security.cryptography.X509Certificates
   private import semmle.code.csharp.frameworks.system.Text
+  private import semmle.code.csharp.frameworks.system.text.RegularExpressions
   private import semmle.code.csharp.frameworks.system.threading.Tasks
   private import semmle.code.csharp.frameworks.system.Web
   private import semmle.code.csharp.frameworks.system.web.ui.WebControls
   private import semmle.code.csharp.frameworks.system.Xml
+  private import semmle.code.csharp.frameworks.system.xml.Schema
+  private import semmle.code.csharp.frameworks.system.xml.Serialization
   private import semmle.code.csharp.security.dataflow.flowsinks.Html
   private import semmle.code.csharp.security.dataflow.flowsources.Local
   private import semmle.code.csharp.security.dataflow.XSSSinks

csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll

@@ -624,56 +624,6 @@ class ICollectionFlow extends LibraryTypeDataFlow, RefType {
   }
 }
 
-/** Data flow for `System.Collections.[Generic.]IList` (and sub types). */
-class IListFlow extends LibraryTypeDataFlow, RefType {
-  IListFlow() {
-    exists(Interface i | i = this.getABaseType*().getUnboundDeclaration() |
-      i instanceof SystemCollectionsIListInterface
-      or
-      i instanceof SystemCollectionsGenericIListInterface
-    )
-  }
-
-  override predicate callableFlow(
-    CallableFlowSource source, AccessPath sourceAp, CallableFlowSink sink, AccessPath sinkAp,
-    SourceDeclarationCallable c, boolean preservesValue
-  ) {
-    preservesValue = true and
-    (
-      exists(string name, int arity |
-        name = c.getName() and
-        arity = c.getNumberOfParameters() and
-        c = this.getAMethod()
-      |
-        name = "Insert" and
-        arity = 2 and
-        source = TCallableFlowSourceArg(1) and
-        sourceAp = AccessPath::empty() and
-        sink instanceof CallableFlowSinkQualifier and
-        sinkAp = AccessPath::element()
-        or
-        name.regexpMatch("FixedSize|GetRange") and
-        source = TCallableFlowSourceArg(0) and
-        sourceAp = AccessPath::element() and
-        sink = TCallableFlowSinkReturn() and
-        sinkAp = AccessPath::element()
-      )
-      or
-      c = this.getAnIndexer().getSetter() and
-      source = TCallableFlowSourceArg(1) and
-      sourceAp = AccessPath::empty() and
-      sink instanceof CallableFlowSinkQualifier and
-      sinkAp = AccessPath::element()
-      or
-      c = this.getAnIndexer().getGetter() and
-      source instanceof CallableFlowSourceQualifier and
-      sourceAp = AccessPath::element() and
-      sink instanceof CallableFlowSinkReturn and
-      sinkAp = AccessPath::empty()
-    )
-  }
-}
-
 abstract private class SyntheticTaskField extends SyntheticField {
   bindingset[this]
   SyntheticTaskField() { any() }

csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll

@@ -271,4 +271,26 @@ module JsonNET {
         ]
     }
   }
+
+  /** Data flow for `Newtonsoft.JSon.Linq.JArray` */
+  private class NewtonsoftJsonLinqJArrayFlowModelCsv extends SummaryModelCsv {
+    override predicate row(string row) {
+      row =
+        [
+          "Newtonsoft.Json.Linq;JArray;false;get_Item;(System.Object);;Element of Argument[-1];ReturnValue;value",
+          "Newtonsoft.Json.Linq;JArray;false;set_Item;(System.Object,Newtonsoft.Json.Linq.JToken);;Argument[1];Element of Argument[-1];value",
+        ]
+    }
+  }
+
+  /** Data flow for `Newtonsoft.JSon.Linq.JConstructor` */
+  private class NewtonsoftJsonLinqJConstructorFlowModelCsv extends SummaryModelCsv {
+    override predicate row(string row) {
+      row =
+        [
+          "Newtonsoft.Json.Linq;JConstructor;false;get_Item;(System.Object);;Element of Argument[-1];ReturnValue;value",
+          "Newtonsoft.Json.Linq;JConstructor;false;set_Item;(System.Object,Newtonsoft.Json.Linq.JToken);;Argument[1];Element of Argument[-1];value",
+        ]
+    }
+  }
 }

csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/VisualBasic.qll

@@ -0,0 +1,16 @@
+/** Provides definitions related to the `Microsoft.VisualBasic` namespace. */
+
+private import semmle.code.csharp.dataflow.ExternalFlow
+
+/** Data flow for `Microsoft.VisualBasic.Collection`. */
+private class MicrosoftVisualBasicCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "Microsoft.VisualBasic;Collection;false;GetEnumerator;();;Element of Argument[-1];Property[System.Collections.IEnumerator.Current] of ReturnValue;value",
+        "Microsoft.VisualBasic;Collection;false;get_Item;(System.Int32);;Element of Argument[-1];ReturnValue;value",
+        "Microsoft.VisualBasic;Collection;false;get_Item;(System.Object);;Element of Argument[-1];ReturnValue;value",
+        "Microsoft.VisualBasic;Collection;false;get_Item;(System.String);;Element of Argument[-1];ReturnValue;value",
+      ]
+  }
+}

csharp/ql/lib/semmle/code/csharp/frameworks/system/Collections.qll

@@ -67,6 +67,19 @@ class SystemCollectionsIListInterface extends SystemCollectionsInterface {
   SystemCollectionsIListInterface() { this.hasName("IList") }
 }
 
+/** Data flow for `System.Collections.IList`. */
+private class SystemCollectionsIListFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Collections;IList;true;Add;(System.Object);;Argument[0];Element of Argument[-1];value",
+        "System.Collections;IList;true;Insert;(System.Int32,System.Object);;Argument[1];Element of Argument[-1];value",
+        "System.Collections;IList;true;get_Item;(System.Int32);;Element of Argument[-1];ReturnValue;value",
+        "System.Collections;IList;true;set_Item;(System.Int32,System.Object);;Argument[1];Element of Argument[-1];value",
+      ]
+  }
+}
+
 /** The `System.Collections.IDictionary` interface. */
 class SystemCollectionsIDictionaryInterface extends SystemCollectionsInterface {
   SystemCollectionsIDictionaryInterface() { this.hasName("IDictionary") }
@@ -125,3 +138,22 @@ private class SystemCollectionsSortedListFlowModelCsv extends SummaryModelCsv {
       ]
   }
 }
+
+/** Data flow for `System.Collections.ArrayList`. */
+private class SystemCollectionsArrayListFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Collections;ArrayList;false;AddRange;(System.Collections.ICollection);;Element of Argument[0];Element of Argument[-1];value",
+        "System.Collections;ArrayList;false;Clone;();;Element of Argument[0];Element of ReturnValue;value",
+        "System.Collections;ArrayList;false;FixedSize;(System.Collections.ArrayList);;Element of Argument[0];Element of ReturnValue;value",
+        "System.Collections;ArrayList;false;FixedSize;(System.Collections.IList);;Element of Argument[0];Element of ReturnValue;value",
+        "System.Collections;ArrayList;false;GetEnumerator;(System.Int32,System.Int32);;Element of Argument[-1];Property[System.Collections.IEnumerator.Current] of ReturnValue;value",
+        "System.Collections;ArrayList;false;GetRange;(System.Int32,System.Int32);;Element of Argument[0];Element of ReturnValue;value",
+        "System.Collections;ArrayList;false;InsertRange;(System.Int32,System.Collections.ICollection);;Element of Argument[1];Element of Argument[-1];value",
+        "System.Collections;ArrayList;false;Repeat;(System.Object,System.Int32);;Argument[0];Element of ReturnValue;value",
+        "System.Collections;ArrayList;false;Reverse;();;Element of Argument[0];Element of ReturnValue;value",
+        "System.Collections;ArrayList;false;Reverse;(System.Int32,System.Int32);;Element of Argument[0];Element of ReturnValue;value",
+      ]
+  }
+}

csharp/ql/lib/semmle/code/csharp/frameworks/system/ComponentModel.qll

@@ -30,3 +30,29 @@ private class SystemComponentModelPropertyDescriptorCollectionFlowModelCsv exten
       ]
   }
 }
+
+/** Data flow for `System.ComponentModel.EventDescriptorCollection`. */
+private class SystemComponentModelEventDescriptorCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.ComponentModel;EventDescriptorCollection;false;Add;(System.ComponentModel.EventDescriptor);;Argument[0];Element of Argument[-1];value",
+        "System.ComponentModel;EventDescriptorCollection;false;Find;(System.String,System.Boolean);;Element of Argument[-1];ReturnValue;value",
+        "System.ComponentModel;EventDescriptorCollection;false;GetEnumerator;();;Element of Argument[-1];Property[System.Collections.IEnumerator.Current] of ReturnValue;value",
+        "System.ComponentModel;EventDescriptorCollection;false;Insert;(System.Int32,System.ComponentModel.EventDescriptor);;Argument[1];Element of Argument[-1];value",
+        "System.ComponentModel;EventDescriptorCollection;false;get_Item;(System.Int32);;Element of Argument[-1];ReturnValue;value",
+        "System.ComponentModel;EventDescriptorCollection;false;get_Item;(System.String);;Element of Argument[-1];ReturnValue;value",
+      ]
+  }
+}
+
+/** Data flow for `System.ComponentModel.ListSortDescriptionCollection`. */
+private class SystemComponentModelListSortDescriptionCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.ComponentModel;ListSortDescriptionCollection;false;get_Item;(System.Int32);;Element of Argument[-1];ReturnValue;value",
+        "System.ComponentModel;ListSortDescriptionCollection;false;set_Item;(System.Int32,System.ComponentModel.ListSortDescription);;Argument[1];Element of Argument[-1];value",
+      ]
+  }
+}

csharp/ql/lib/semmle/code/csharp/frameworks/system/Data.qll

@@ -97,3 +97,48 @@ private class SystemDataTypedTableBaseExtensionsFlowModelCsv extends SummaryMode
       ]
   }
 }
+
+/** Data flow for `System.Data.DataView`. */
+private class SystemDataDataViewFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Data;DataView;false;Find;(System.Object);;Element of Argument[-1];ReturnValue;value",
+        "System.Data;DataView;false;Find;(System.Object[]);;Element of Argument[-1];ReturnValue;value",
+        "System.Data;DataView;false;get_Item;(System.Int32);;Element of Argument[-1];ReturnValue;value",
+      ]
+  }
+}
+
+/** Data flow for `System.Data.IColumnMappingCollection`. */
+private class SystemDataIColumnMappingCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Data;IColumnMappingCollection;true;get_Item;(System.String);;Element of Argument[-1];ReturnValue;value",
+        "System.Data;IColumnMappingCollection;true;set_Item;(System.String,System.Object);;Argument[1];Element of Argument[-1];value",
+      ]
+  }
+}
+
+/** Data flow for `System.Data.IDataParameterCollection`. */
+private class SystemDataIDataParameterCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Data;IDataParameterCollection;true;get_Item;(System.String);;Element of Argument[-1];ReturnValue;value",
+        "System.Data;IDataParameterCollection;true;set_Item;(System.String,System.Object);;Argument[1];Element of Argument[-1];value",
+      ]
+  }
+}
+
+/** Data flow for `System.Data.ITableMappingCollection`. */
+private class SystemDataITableMappingCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Data;ITableMappingCollection;true;get_Item;(System.String);;Element of Argument[-1];ReturnValue;value",
+        "System.Data;ITableMappingCollection;true;set_Item;(System.String,System.Object);;Argument[1];Element of Argument[-1];value",
+      ]
+  }
+}

csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll

@@ -94,3 +94,20 @@ private class SystemDiagnosticsActivityTagsCollectionFlowModelCsv extends Summar
       ]
   }
 }
+
+/** Data flow for `System.Diagnostics.TraceListenerCollection`. */
+private class SystemDiagnosticsTraceListenerCollectionFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Diagnostics;TraceListenerCollection;false;Add;(System.Diagnostics.TraceListener);;Argument[0];Element of Argument[-1];value",
+        "System.Diagnostics;TraceListenerCollection;false;AddRange;(System.Diagnostics.TraceListenerCollection);;Element of Argument[0];Element of Argument[-1];value",
+        "System.Diagnostics;TraceListenerCollection;false;AddRange;(System.Diagnostics.TraceListener[]);;Element of Argument[0];Element of Argument[-1];value",
+        "System.Diagnostics;TraceListenerCollection;false;CopyTo;(System.Diagnostics.TraceListener[],System.Int32);;Element of Argument[-1];Element of Argument[0];value",
+        "System.Diagnostics;TraceListenerCollection;false;Insert;(System.Int32,System.Diagnostics.TraceListener);;Argument[1];Element of Argument[-1];value",
+        "System.Diagnostics;TraceListenerCollection;false;get_Item;(System.Int32);;Element of Argument[-1];ReturnValue;value",
+        "System.Diagnostics;TraceListenerCollection;false;get_Item;(System.String);;Element of Argument[-1];ReturnValue;value",
+        "System.Diagnostics;TraceListenerCollection;false;set_Item;(System.Int32,System.Diagnostics.TraceListener);;Argument[1];Element of Argument[-1];value",
+      ]
+  }
+}