Skip to content

Commit 0219cee

Browse files
egregius313egregius313
committed
Fix AddCommandLine models and add/fix tests
1 parent 44a9599 commit 0219cee

File tree

8 files changed

+64
-7
lines changed

8 files changed

+64
-7
lines changed

csharp/ql/lib/ext/Microsoft.Extensions.Configuration.model.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,5 +11,5 @@ extensions:
1111
data:
1212
- ["Microsoft.Extensions.Configuration", "IConfiguration", True, "get_Item", "(System.String)", "", "Argument[this]", "ReturnValue", "taint", "manual"]
1313
- ["Microsoft.Extensions.Configuration", "IConfigurationBuilder", True, "Build", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
14-
- ["Microsoft.Extensions.Configuration", "CommandLineConfigurationExtensions", False, "AddCommandLine", "(Microsoft.Extensions.Configuration.IConfigurationBuilder,System.String[])", "", "Argument[1]", "ReturnValue", "taint", "manual"]
15-
- ["Microsoft.Extensions.Configuration", "CommandLineConfigurationExtensions", False, "AddCommandLine", "(Microsoft.Extensions.Configuration.IConfigurationBuilder,System.String[],System.Collections.Generic.IDictionary<System.String,System.String>)", "", "Argument[1..2]", "ReturnValue", "taint", "manual"]
14+
- ["Microsoft.Extensions.Configuration", "CommandLineConfigurationExtensions", False, "AddCommandLine", "", "", "Argument[1..2]", "Argument[0]", "taint", "manual"]
15+
- ["Microsoft.Extensions.Configuration", "CommandLineConfigurationExtensions", False, "AddCommandLine", "", "", "Argument[1..2]", "ReturnValue", "taint", "manual"]

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandArgs.cs

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,10 @@
11
using System;
2+
using System.Collections.Generic;
3+
using Microsoft.Extensions.Configuration;
24

35
namespace CommandArgs
46
{
5-
class CommandArgsUse
7+
public class CommandArgsUse
68
{
79
public static void M1()
810
{
@@ -13,5 +15,25 @@ public static void M2()
1315
{
1416
string result = Environment.CommandLine;
1517
}
18+
19+
public static void Main(string[] args)
20+
{
21+
var builder = new ConfigurationBuilder();
22+
builder.AddCommandLine(args);
23+
var config = builder.Build();
24+
var arg1 = config["arg1"];
25+
Sink(arg1);
26+
}
27+
28+
public static void AddCommandLine2()
29+
{
30+
var config = new ConfigurationBuilder()
31+
.AddCommandLine(Environment.GetCommandLineArgs())
32+
.Build();
33+
var arg1 = config["arg1"];
34+
Sink(arg1);
35+
}
36+
37+
static void Sink(object o) { }
1638
}
1739
}

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandArgs.expected

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,4 @@
1-
| CommandArgs.cs:9:29:9:60 | call to method GetCommandLineArgs |
2-
| CommandArgs.cs:14:29:14:51 | access to property CommandLine |
1+
| CommandArgs.cs:11:29:11:60 | call to method GetCommandLineArgs |
2+
| CommandArgs.cs:16:29:16:51 | access to property CommandLine |
3+
| CommandArgs.cs:19:42:19:45 | args |
4+
| CommandArgs.cs:31:33:31:64 | call to method GetCommandLineArgs |

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandArgs.ext.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
3+
- addsTo:
4+
pack: codeql/threat-models
5+
extensible: threatModelConfiguration
6+
data:
7+
- ["commandargs", true, 0]

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandArgs.ql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import csharp
2-
import semmle.code.csharp.dataflow.internal.ExternalFlow
2+
import semmle.code.csharp.security.dataflow.flowsources.FlowSources
33

44
from DataFlow::Node source
5-
where sourceNode(source, "commandargs")
5+
where source instanceof ThreatModelFlowSource
66
select source

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandLineFlow.ext.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
3+
- addsTo:
4+
pack: codeql/threat-models
5+
extensible: threatModelConfiguration
6+
data:
7+
- ["commandargs", true, 0]

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandLineFlow.ql

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
import csharp
2+
import semmle.code.csharp.security.dataflow.flowsources.FlowSources
3+
4+
module CommandLineFlowConfig implements DataFlow::ConfigSig {
5+
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
6+
7+
predicate isSink(DataFlow::Node sink) {
8+
exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
9+
}
10+
}
11+
12+
module CommandLineFlow = TaintTracking::Global<CommandLineFlowConfig>;
13+
14+
from DataFlow::Node source, DataFlow::Node sink
15+
where CommandLineFlow::flow(source, sink)
16+
select sink, source

csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/options

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
semmle-extractor-options: /nostdlib /noconfig
2+
semmle-extractor-options: --load-sources-from-project:${testdir}/../../../../../resources/stubs/_frameworks/Microsoft.AspNetCore.App/Microsoft.AspNetCore.App.csproj
3+
semmle-extractor-options: ${testdir}/../../../../../resources/stubs/System.Web.cs

0 commit comments

Comments
 (0)