Merge pull request github#13110 from GeekMasher/csharp-aws

[CSharp] AWS Lambda Modelling

Author: michaelnebel

csharp/ql/lib/change-notes/2023-06-22-aws-lambda-models.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Additional support for `Amazon.Lambda` SDK

csharp/ql/lib/ext/Amazon.Lambda.model.yml

@@ -0,0 +1,31 @@
+extensions:
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: sourceModel
+    data:
+      - ["Amazon.Lambda.APIGatewayEvents","APIGatewayHttpApiV2ProxyRequest",true,"get_Headers","()","","ReturnValue","remote","manual"]
+      - ["Amazon.Lambda.APIGatewayEvents","APIGatewayHttpApiV2ProxyRequest",true,"get_Body","()","","ReturnValue","remote","manual"]
+      - ["Amazon.Lambda.APIGatewayEvents","APIGatewayHttpApiV2ProxyRequest",true,"get_RawPath","()","","ReturnValue","remote","manual"]
+      - ["Amazon.Lambda.APIGatewayEvents","APIGatewayHttpApiV2ProxyRequest",true,"get_RawQueryString","()","","ReturnValue","remote","manual"]
+      - ["Amazon.Lambda.APIGatewayEvents","APIGatewayHttpApiV2ProxyRequest",true,"get_Cookies","()","","ReturnValue","remote","manual"]
+      - ["Amazon.Lambda.APIGatewayEvents","APIGatewayHttpApiV2ProxyRequest",true,"get_PathParameters","()","","ReturnValue","remote","manual"]
+
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: sinkModel
+    data:
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"Log","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogLine","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogTrace","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogDebug","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogInformation","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogWarning","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogError","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"LogCritical","(System.String)","","Argument[0]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"Log","(System.String,System.String)","","Argument[1]","log-injection","manual"]
+      - ["Amazon.Lambda.Core","ILambdaLogger",true,"Log","(Amazon.Lambda.Core.LogLevel,System.String)","","Argument[1]","log-injection","manual"]
+
+  - addsTo:
+      pack: codeql/csharp-all
+      extensible: summaryModel
+    data: []

csharp/ql/test/library-tests/frameworks/Aws/lambda.cs

@@ -0,0 +1,42 @@
+using System.Net;
+using System.Collections.Generic;
+
+using Amazon.Lambda.Core;
+using Amazon.Lambda.APIGatewayEvents;
+
+
+namespace LambdaTests {
+    public class Functions {
+        public APIGatewayProxyResponse Get(APIGatewayHttpApiV2ProxyRequest request, ILambdaContext context) {
+            string body = request.Body;  // source
+            string cookie = request.Cookies[0];  // source
+
+            string rawpath = request.RawPath;  // source
+            string rawquery = request.RawQueryString;  // source
+            request.PathParameters.TryGetValue("x", out var pathparameter);  // source
+
+            string header = request.Headers["test"];  // source
+            request.Headers.TryGetValue("test", out var header2);  // source
+
+
+            return new APIGatewayProxyResponse {
+                StatusCode = 200
+            };
+        }
+
+        public void Logging(ILambdaContext context, string data)
+        {
+            // logging
+            context.Logger.Log($"Log Data :: {data}");
+            context.Logger.LogLine($"Log Data :: {data}");
+            context.Logger.Log("Information", $"Log Data :: {data}");
+            context.Logger.Log(LogLevel.Information, $"Log Data :: {data}");
+            context.Logger.LogTrace($"Log Data :: {data}");
+            context.Logger.LogDebug($"Log Data :: {data}");
+            context.Logger.LogInformation($"Log Data :: {data}");
+            context.Logger.LogWarning($"Log Data :: {data}");
+            context.Logger.LogError($"Log Data :: {data}");
+            context.Logger.LogCritical($"Log Data :: {data}");
+        }
+    }
+}

csharp/ql/test/library-tests/frameworks/Aws/lambda.expected

@@ -0,0 +1,19 @@
+awsRemoteSources
+| lambda.cs:11:27:11:38 | access to property Body |
+| lambda.cs:12:29:12:43 | access to property Cookies |
+| lambda.cs:14:30:14:44 | access to property RawPath |
+| lambda.cs:15:31:15:52 | access to property RawQueryString |
+| lambda.cs:16:13:16:34 | access to property PathParameters |
+| lambda.cs:18:29:18:43 | access to property Headers |
+| lambda.cs:19:13:19:27 | access to property Headers |
+awsLoggingSinks
+| lambda.cs:30:32:30:52 | $"..." |
+| lambda.cs:31:36:31:56 | $"..." |
+| lambda.cs:32:47:32:67 | $"..." |
+| lambda.cs:33:54:33:74 | $"..." |
+| lambda.cs:34:37:34:57 | $"..." |
+| lambda.cs:35:37:35:57 | $"..." |
+| lambda.cs:36:43:36:63 | $"..." |
+| lambda.cs:37:39:37:59 | $"..." |
+| lambda.cs:38:37:38:57 | $"..." |
+| lambda.cs:39:40:39:60 | $"..." |

csharp/ql/test/library-tests/frameworks/Aws/lambda.ql

@@ -0,0 +1,6 @@
+import csharp
+import semmle.code.csharp.dataflow.internal.ExternalFlow
+
+query predicate awsRemoteSources(DataFlow::ExprNode node) { sourceNode(node, "remote") }
+
+query predicate awsLoggingSinks(DataFlow::ExprNode node) { sinkNode(node, "log-injection") }

csharp/ql/test/library-tests/frameworks/Aws/options

@@ -0,0 +1,3 @@
+semmle-extractor-options: /nostdlib /noconfig
+semmle-extractor-options: --load-sources-from-project:${testdir}/../../../resources/stubs/Amazon.Lambda.Core/2.2.0/Amazon.Lambda.Core.csproj
+semmle-extractor-options: --load-sources-from-project:${testdir}/../../../resources/stubs/Amazon.Lambda.APIGatewayEvents/2.7.0/Amazon.Lambda.APIGatewayEvents.csproj