C#: Replace more uses of getQualifiedName/0.

Author: michaelnebel

csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll

@@ -4,6 +4,7 @@
  */
 
 import csharp
+private import semmle.code.csharp.commons.QualifiedName
 private import semmle.code.csharp.dataflow.flowsources.Remote
 private import semmle.code.csharp.frameworks.System
 private import semmle.code.csharp.dataflow.FlowSummary
@@ -70,8 +71,21 @@ class ExternalApiDataNode extends DataFlow::Node {
   /** Gets the index which is passed untrusted data (where -1 indicates the qualifier). */
   int getIndex() { result = i }
 
-  /** Gets the description of the callable being called. */
-  string getCallableDescription() { result = this.getCallable().getQualifiedName() }
+  /** Holds if the callable being use has name `name` and is defined in namespace `namespace`. */
+  predicate hasQualifiedName(string namespace, string name) {
+    this.getCallable().hasQualifiedName(namespace, name)
+  }
+
+  /**
+   * DEPRECATED: Use hasQualifiedName/2 instead.
+   *
+   * Gets the description of the callable being called.
+   */
+  deprecated string getCallableDescription() {
+    exists(string namespace, string name |
+      this.hasQualifiedName(namespace, name) and result = printQualifiedName(namespace, name)
+    )
+  }
 }
 
 /** DEPRECATED: Alias for ExternalApiDataNode */

csharp/ql/src/Security Features/CWE-020/UntrustedDataToExternalAPI.ql

@@ -10,11 +10,16 @@
  */
 
 import csharp
+import semmle.code.csharp.commons.QualifiedName
 import semmle.code.csharp.security.dataflow.ExternalAPIsQuery
 import DataFlow::PathGraph
 
-from UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
+from
+  UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink,
+  string namespace, string name
+where
+  config.hasFlowPath(source, sink) and
+  sink.getNode().(ExternalApiDataNode).hasQualifiedName(namespace, name)
 select sink, source, sink,
-  "Call to " + sink.getNode().(ExternalApiDataNode).getCallableDescription() +
-    " with untrusted data from $@.", source, source.toString()
+  "Call to " + printQualifiedName(namespace, name) + " with untrusted data from $@.", source,
+  source.toString()

csharp/ql/test/library-tests/cil/typeAnnotations/typeAnnotations.ql

@@ -1,26 +1,42 @@
 import cil
+import semmle.code.csharp.commons.QualifiedName
 import semmle.code.cil.Type
 
 private string elementType(Element e, string toString) {
-  toString = e.(Method).getQualifiedName() and result = "method"
-  or
-  toString = e.(Property).getQualifiedName() and result = "property"
+  exists(string namespace, string type, string name |
+    toString = printQualifiedName(namespace, type, name)
+  |
+    e.(Method).hasQualifiedName(namespace, type, name) and result = "method"
+    or
+    e.(Property).hasQualifiedName(namespace, type, name) and result = "property"
+  )
   or
   e =
     any(Parameter p |
-      toString = "Parameter " + p.getIndex() + " of " + p.getDeclaringElement().getQualifiedName()
+      exists(string namespace, string name |
+        p.getDeclaringElement().hasQualifiedName(namespace, name)
+      |
+        toString = "Parameter " + p.getIndex() + " of " + printQualifiedName(namespace, name)
+      )
     ) and
   result = "parameter"
   or
   e =
     any(LocalVariable v |
-      toString =
-        "Local variable " + v.getIndex() + " of method " +
-          v.getImplementation().getMethod().getQualifiedName()
+      exists(string namespace, string type, string name |
+        v.getImplementation().getMethod().hasQualifiedName(namespace, type, name)
+      |
+        toString =
+          "Local variable " + v.getIndex() + " of method " +
+            printQualifiedName(namespace, type, name)
+      )
     ) and
   result = "local"
   or
-  toString = e.(FunctionPointerType).getQualifiedName() and result = "fnptr"
+  exists(string namespace, string name | e.(FunctionPointerType).hasQualifiedName(namespace, name) |
+    toString = printQualifiedName(namespace, name)
+  ) and
+  result = "fnptr"
   or
   not e instanceof Method and
   not e instanceof Property and
@@ -53,7 +69,9 @@ where
   (
     not e instanceof Parameter
     or
-    e.(Parameter).getDeclaringElement().(Method).getDeclaringType().getQualifiedName() !=
-      "System.Environment" // There are OS specific methods in this class
+    not exists(Type t |
+      t = e.(Parameter).getDeclaringElement().(Method).getDeclaringType() and
+      t.hasQualifiedName("System", "Environment")
+    ) // There are OS specific methods in this class
   )
 select toString, type, i

csharp/ql/test/library-tests/commons/Disposal/DisposedFields.ql

@@ -1,8 +1,10 @@
 import cil
 import semmle.code.csharp.commons.Disposal
+import semmle.code.csharp.commons.QualifiedName
 
-from CIL::Field field
+from CIL::Field field, string namespace, string name
 where
   mayBeDisposed(field) and
-  field.getDeclaringType().hasQualifiedName("DisposalTests", "Class1")
-select field.getQualifiedName()
+  field.getDeclaringType().hasQualifiedName("DisposalTests", "Class1") and
+  field.hasQualifiedName(namespace, name)
+select printQualifiedName(namespace, name)

csharp/ql/test/library-tests/commons/Disposal/DisposedParameter.ql

@@ -5,5 +5,5 @@ from DotNet::Callable c, DotNet::Parameter param, int p
 where
   mayBeDisposed(param) and
   param = c.getParameter(p) and
-  c.getDeclaringType().getQualifiedName() = "DisposalTests.Class1"
+  c.getDeclaringType().hasQualifiedName("DisposalTests", "Class1")
 select c.toStringWithTypes(), p

csharp/ql/test/library-tests/commons/Disposal/UndisposedParameter.ql

@@ -6,5 +6,5 @@ from DotNet::Callable c, DotNet::Parameter param, int p
 where
   not mayBeDisposed(param) and
   param = c.getParameter(p) and
-  c.getDeclaringType().getQualifiedName() = "DisposalTests.Class1"
+  c.getDeclaringType().hasQualifiedName("DisposalTests", "Class1")
 select c.toStringWithTypes(), p

csharp/ql/test/library-tests/constructors/Destructors1.ql

@@ -3,9 +3,11 @@
  */
 
 import csharp
+import semmle.code.csharp.commons.QualifiedName
 
-from Destructor c
+from Destructor c, string namespace, string name
 where
-  c.getDeclaringType().getName() = "Class" and
-  c.getDeclaringType().getNamespace().getQualifiedName() = "Constructors"
+  c.getDeclaringType().hasQualifiedName(namespace, name) and
+  namespace = "Constructors" and
+  name = "Class"
 select c, c.getDeclaringType().getQualifiedName()

csharp/ql/test/library-tests/csharp9/covariantReturn.ql

@@ -1,8 +1,13 @@
 import csharp
+import semmle.code.csharp.commons.QualifiedName
 
-from Method m, Method overrider
+from
+  Method m, Method overrider, string mnamespace, string mtype, string mname, string onamespace,
+  string otype, string oname
 where
   m.getAnOverrider() = overrider and
-  m.getFile().getStem() = "CovariantReturn"
-select m.getQualifiedName(), m.getReturnType().toString(), overrider.getQualifiedName(),
-  overrider.getReturnType().toString()
+  m.getFile().getStem() = "CovariantReturn" and
+  m.hasQualifiedName(mnamespace, mtype, mname) and
+  overrider.hasQualifiedName(onamespace, otype, oname)
+select printQualifiedName(mnamespace, mtype, mname), m.getReturnType().toString(),
+  printQualifiedName(onamespace, otype, oname), overrider.getReturnType().toString()

csharp/ql/test/library-tests/csharp9/foreach.ql

@@ -1,4 +1,5 @@
 import csharp
+import semmle.code.csharp.commons.QualifiedName
 
 private string getLocation(Member m) {
   if m.fromSource() then result = m.getALocation().(SourceLocation).toString() else result = "-"
@@ -8,8 +9,13 @@ private string getIsAsync(ForeachStmt f) {
   if f.isAsync() then result = "async" else result = "sync"
 }
 
-from ForeachStmt f
-select f, f.getElementType().toString(), getIsAsync(f),
-  f.getGetEnumerator().getDeclaringType().getQualifiedName(), getLocation(f.getGetEnumerator()),
-  f.getCurrent().getDeclaringType().getQualifiedName(), getLocation(f.getCurrent()),
-  f.getMoveNext().getDeclaringType().getQualifiedName(), getLocation(f.getMoveNext())
+from
+  ForeachStmt f, string namespace1, string type1, string namespace2, string type2,
+  string namespace3, string type3
+where
+  f.getGetEnumerator().getDeclaringType().hasQualifiedName(namespace1, type1) and
+  f.getCurrent().getDeclaringType().hasQualifiedName(namespace2, type2) and
+  f.getMoveNext().getDeclaringType().hasQualifiedName(namespace3, type3)
+select f, f.getElementType().toString(), getIsAsync(f), printQualifiedName(namespace1, type1),
+  getLocation(f.getGetEnumerator()), printQualifiedName(namespace2, type2),
+  getLocation(f.getCurrent()), printQualifiedName(namespace3, type3), getLocation(f.getMoveNext())

csharp/ql/test/library-tests/csharp9/record.ql

@@ -1,4 +1,5 @@
 import csharp
+import semmle.code.csharp.commons.QualifiedName
 
 query predicate records(RecordClass t, string i, RecordCloneMethod clone) {
   t.getABaseInterface().toStringWithTypes() = i and
@@ -7,7 +8,9 @@ query predicate records(RecordClass t, string i, RecordCloneMethod clone) {
 }
 
 private string getMemberName(Member m) {
-  result = m.getDeclaringType().getQualifiedName() + "." + m.toStringWithTypes()
+  exists(string namespace, string name | m.getDeclaringType().hasQualifiedName(namespace, name) |
+    result = printQualifiedName(namespace, name) + "." + m.toStringWithTypes()
+  )
 }
 
 query predicate members(RecordClass t, string ms, string l) {