public override void Initialize(AnalysisContext analysisContext)
{
// TODO: Make analyzer thread-safe
//analysisContext.EnableConcurrentExecution();
// Security analyzer - analyze and report diagnostics in generated code.
analysisContext.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.Analyze | GeneratedCodeAnalysisFlags.ReportDiagnostics);
analysisContext.RegisterCompilationStartAction(
(context) =>
{
Compilation compilation = context.Compilation;
var xmlTypes = new CompilationSecurityTypes(compilation);
if (ReferencesAnyTargetType(xmlTypes))
{
Version version = SecurityDiagnosticHelpers.GetDotNetFrameworkVersion(compilation);
if (version != null)
{
context.RegisterOperationBlockStartAction(
(c) =>
{
RegisterAnalyzer(c, xmlTypes, version);
});
}
}
});
}
protected override Analyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes)
{
Analyzer analyzer = new Analyzer(cryptTypes);
context.RegisterSyntaxNodeAction(analyzer.AnalyzeNode,
SyntaxKind.InvocationExpression,
SyntaxKind.ObjectCreationExpression);
return analyzer;
}
private static bool ReferencesAnyTargetType(CompilationSecurityTypes types)
{
return types.DES != null
|| types.DSA != null
|| types.DSASignatureFormatter != null
|| types.HMACMD5 != null
|| types.RC2 != null
|| types.TripleDES != null
|| types.RIPEMD160 != null
|| types.HMACRIPEMD160 != null;
}
public override void Initialize(AnalysisContext analysisContext)
{
analysisContext.RegisterCompilationStartAction(
(context) =>
{
var cryptTypes = new CompilationSecurityTypes(context.Compilation);
if (ReferencesAnyTargetType(cryptTypes))
{
GetAnalyzer(context, cryptTypes);
}
});
}
private void RegisterAnalyzer(OperationBlockStartAnalysisContext context, CompilationSecurityTypes types, Version frameworkVersion)
{
var analyzer = new OperationAnalyzer(types, frameworkVersion);
context.RegisterOperationAction(
analyzer.AnalyzeOperation,
OperationKind.InvocationExpression,
OperationKind.AssignmentExpression,
OperationKind.VariableDeclaration,
OperationKind.ObjectCreationExpression,
OperationKind.FieldInitializerAtDeclaration
);
context.RegisterOperationBlockEndAction(
analyzer.AnalyzeOperationBlock
);
}
public override void Initialize(AnalysisContext analysisContext)
{
analysisContext.EnableConcurrentExecution();
// Security analyzer - analyze and report diagnostics in generated code.
analysisContext.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.Analyze | GeneratedCodeAnalysisFlags.ReportDiagnostics);
analysisContext.RegisterCompilationStartAction(
(context) =>
{
var cryptTypes = new CompilationSecurityTypes(context.Compilation);
if (ReferencesAnyTargetType(cryptTypes))
{
GetAnalyzer(context, cryptTypes);
}
});
}
public override void Initialize(AnalysisContext analysisContext)
{
analysisContext.EnableConcurrentExecution();
analysisContext.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.Analyze);
analysisContext.RegisterCompilationStartAction(compilationStartAnalysisContext =>
{
var compilationTypes = new CompilationSecurityTypes(compilationStartAnalysisContext.Compilation);
if (compilationTypes.HandleProcessCorruptedStateExceptionsAttribute == null)
{
return;
}
compilationStartAnalysisContext.RegisterOperationBlockAction(operationBlockAnalysisContext =>
{
if (operationBlockAnalysisContext.OwningSymbol.Kind != SymbolKind.Method)
{
return;
}
var method = (IMethodSymbol) operationBlockAnalysisContext.OwningSymbol;
if (!ContainsHandleProcessCorruptedStateExceptionsAttribute(method, compilationTypes))
{
return;
}
foreach (var operation in operationBlockAnalysisContext.OperationBlocks)
{
var walker = new EmptyThrowInsideCatchAllWalker(compilationTypes);
walker.Visit(operation);
foreach (var catchClause in walker.CatchAllCatchClausesWithoutEmptyThrow)
{
operationBlockAnalysisContext.ReportDiagnostic(catchClause.Syntax.CreateDiagnostic(Rule,
method.ToDisplayString()));
}
}
});
});
}
public override void Initialize(AnalysisContext analysisContext)
{
analysisContext.RegisterCompilationStartAction(
(context) =>
{
Compilation compilation = context.Compilation;
var xmlTypes = new CompilationSecurityTypes(compilation);
if (ReferencesAnyTargetType(xmlTypes))
{
Version version = SecurityDiagnosticHelpers.GetDotNetFrameworkVersion(compilation);
if (version != null)
{
context.RegisterOperationBlockStartAction(
(c) =>
{
RegisterAnalyzer(c, xmlTypes, version);
});
}
}
});
}
protected abstract SyntaxNodeAnalyzer GetAnalyzer(CodeBlockStartAnalysisContext <TLanguageKindEnum> context, CompilationSecurityTypes types);
protected abstract Analyzer GetAnalyzer(CompilationSecurityTypes compilationTypes, ISymbol owningSymbol, SyntaxNode codeBlock);
public static bool IsXsltSettingsTrustedXsltProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.TrustedXslt));
}
public static bool IsXmlTextReaderCtorDerived(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return method != null
&& method.MatchMethodDerivedByName(xmlTypes.XmlTextReader, WellKnownMemberNames.InstanceConstructorName);
}
public static bool IsXmlReaderSettingsDtdProcessingProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.DtdProcessing);
}
public Analyzer(CompilationSecurityTypes cryptTypes)
{
_cryptTypes = cryptTypes;
}
public static bool IsXmlReaderType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes)
{
return symbol != null
&& symbol.DerivesFrom(xmlTypes.XmlReader, baseTypesOnly: true);
}
public OperationAnalyzer(CompilationSecurityTypes xmlTypes, Version targetFrameworkVersion)
{
_xmlTypes = xmlTypes;
_isFrameworkSecure = targetFrameworkVersion == null ? false : targetFrameworkVersion >= s_minSecureFxVersion;
}
protected abstract SyntaxNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes);
protected override SymbolAndNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes types, Version targetFrameworkVersion)
{
SymbolAndNodeAnalyzer analyzer = new SymbolAndNodeAnalyzer(types, CSharpSyntaxNodeHelper.Default, targetFrameworkVersion);
context.RegisterSyntaxNodeAction(analyzer.AnalyzeNode, SyntaxKind.MethodDeclaration, SyntaxKind.ConstructorDeclaration);
return(analyzer);
}
public static bool IsXsltSettingsEnableScriptProperty(IPropertySymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableScript));
}
public static int GetXmlReaderSettingsParameterIndex(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(GetSpecifiedParameterIndex(method, xmlTypes, IsXmlReaderSettingsType));
}
public static bool IsXslCompiledTransformLoad(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return method != null
&& method.MatchMethodByName(xmlTypes.XslCompiledTransform, SecurityMemberNames.Load);
}
private static bool ReferencesAnyTargetType(CompilationSecurityTypes types)
{
return types.XmlDocument != null
|| types.XmlNode != null
|| types.XmlReader != null
|| types.XmlTextReader != null
|| types.XPathDocument != null
|| types.XmlSchema != null
|| types.DataSet != null
|| types.DataTable != null
|| types.DataViewManager != null
|| types.XmlSerializer != null;
}
public static bool IsXmlReaderSettingsType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes)
{
return symbol == xmlTypes.XmlReaderSettings;
}
public SyntaxNodeAnalyzer(CompilationSecurityTypes cryptTypes)
{
_cryptTypes = cryptTypes;
}
private static int HasSpecifiedParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes, Func<ITypeSymbol, CompilationSecurityTypes, bool> func)
{
int index = -1;
if (method == null)
{
return index;
}
for (int i = 0; i < method.Parameters.Length; i++)
{
ITypeSymbol parameter = method.Parameters[i].Type;
if (func(parameter, xmlTypes))
{
index = i;
break;
}
}
return index;
}
protected override SyntaxNodeAnalyzer GetAnalyzer(CodeBlockStartAnalysisContext <SyntaxKind> context, CompilationSecurityTypes types)
{
SyntaxNodeAnalyzer analyzer = new SyntaxNodeAnalyzer(types, CSharpSyntaxNodeHelper.Default);
context.RegisterSyntaxNodeAction(
analyzer.AnalyzeNode,
SyntaxKind.InvocationExpression,
SyntaxKind.ObjectCreationExpression,
SyntaxKind.SimpleAssignmentExpression,
SyntaxKind.VariableDeclarator);
return(analyzer);
}
public static bool IsXmlTextReaderXmlResolverProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedProperty(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.XmlResolver);
}
public static bool IsXsltSettingsEnableScriptProperty(IPropertySymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableScript);
}
public static bool IsXsltSettingsCtor(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return method != null
&& method.MatchMethodByName(xmlTypes.XsltSettings, WellKnownMemberNames.InstanceConstructorName);
}
protected abstract SymbolAndNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes types, Version targetFrameworkVersion);
public static bool IsXsltSettingsCtor(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(method != null &&
method.MatchMethodByName(xmlTypes.XsltSettings, WellKnownMemberNames.InstanceConstructorName));
}
protected abstract SyntaxNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes);
protected override Analyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes)
{
Analyzer analyzer = new Analyzer(cryptTypes);
context.RegisterSyntaxNodeAction(analyzer.AnalyzeNode,
SyntaxKind.InvocationExpression,
SyntaxKind.ObjectCreationExpression);
return(analyzer);
}
protected abstract void RegisterAnalyzer(CodeBlockStartAnalysisContext <TLanguageKindEnum> context, CompilationSecurityTypes types, Version targetFrameworkVersion);
public static int GetXmlReaderSettingsParameterIndex(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return GetSpecifiedParameterIndex(method, xmlTypes, IsXmlReaderSettingsType);
}
public static bool IsXslCompiledTransformLoad(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(method != null &&
method.MatchMethodByName(xmlTypes.XslCompiledTransform, SecurityMemberNames.Load));
}
private static bool ReferencesAnyTargetType(CompilationSecurityTypes types)
{
return(types.XmlDocument != null ||
types.XmlTextReader != null);
}
public static bool IsXsltSettingsEnableDocumentFunctionProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableDocumentFunction));
}
public SymbolAndNodeAnalyzer(CompilationSecurityTypes xmlTypes, SyntaxNodeHelper helper, Version targetFrameworkVersion)
{
_xmlTypes = xmlTypes;
_syntaxNodeHelper = helper;
_isFrameworkSecure = targetFrameworkVersion == null ? false : targetFrameworkVersion >= SymbolAndNodeAnalyzer.s_minSecureFxVersion;
}
public static bool IsXmlReaderSettingsType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(symbol == xmlTypes.XmlReaderSettings);
}
public SyntaxNodeAnalyzer(CompilationSecurityTypes cryptTypes)
{
_cryptTypes = cryptTypes;
}
public static int HasXsltSettingsParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(HasSpecifiedParameter(method, xmlTypes, IsXsltSettingsType));
}
public SyntaxNodeAnalyzer(CompilationSecurityTypes xmlTypes, SyntaxNodeHelper helper)
{
_xmlTypes = xmlTypes;
_syntaxNodeHelper = helper;
}
public static bool IsXmlReaderType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(symbol != null &&
symbol.DerivesFrom(xmlTypes.XmlReader, baseTypesOnly: true));
}
public static bool IsXsltSettingsEnableDocumentFunctionProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableDocumentFunction);
}
public static int HasXmlReaderParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(HasSpecifiedParameter(method, xmlTypes, IsXmlReaderType));
}
public static int HasXsltSettingsParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return HasSpecifiedParameter(method, xmlTypes, IsXsltSettingsType);
}
public static bool IsXmlDocumentXmlResolverPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlDocument, SecurityMemberNames.XmlResolver));
}
public static int HasXmlReaderParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return HasSpecifiedParameter(method, xmlTypes, IsXmlReaderType);
}
public static bool IsXmlTextReaderCtorDerived(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(method != null &&
method.MatchMethodDerivedByName(xmlTypes.XmlTextReader, WellKnownMemberNames.InstanceConstructorName));
}
public static bool IsXmlDocumentXmlResolverPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlDocument, SecurityMemberNames.XmlResolver);
}
public static bool IsXmlTextReaderDtdProcessingPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.DtdProcessing));
}
public static bool IsXmlTextReaderDtdProcessingPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.DtdProcessing);
}
public static bool IsXmlTextReaderXmlResolverProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedProperty(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.XmlResolver));
}
public static bool IsXmlReaderCreate(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return method != null
&& method.MatchMethodByName(xmlTypes.XmlReader, SecurityMemberNames.Create);
}
public static bool IsXmlReaderCreate(IMethodSymbol method, CompilationSecurityTypes xmlTypes)
{
return(method != null &&
method.MatchMethodByName(xmlTypes.XmlReader, SecurityMemberNames.Create));
}
public static bool IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.MaxCharactersFromEntities);
}
public static bool IsXmlReaderSettingsDtdProcessingProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.DtdProcessing));
}
public static bool IsXsltSettingsTrustedXsltProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.TrustedXslt);
}
public static bool IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes)
{
return(IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.MaxCharactersFromEntities));
}
