public override VisualBasicSyntaxNode VisitAssignmentExpression(CSS.AssignmentExpressionSyntax node)
{
var kind = ConvertToken(CS.CSharpExtensions.Kind(node), TokenContext.Local);
if (node.Parent is CSS.ExpressionStatementSyntax)
{
return(SyntaxFactory.AssignmentStatement(
kind,
(ExpressionSyntax)node.Left.Accept(this),
SyntaxFactory.Token(VBUtil.GetBinaryExpressionOperatorTokenKind(kind)),
(ExpressionSyntax)node.Right.Accept(this)
));
}
else
{
MarkPatchInlineAssignHelper(node);
return(SyntaxFactory.InvocationExpression(
SyntaxFactory.IdentifierName("__InlineAssignHelper"),
SyntaxFactory.ArgumentList(
SyntaxFactory.SeparatedList(
new ArgumentSyntax[] {
SyntaxFactory.SimpleArgument((ExpressionSyntax)node.Left.Accept(this)),
SyntaxFactory.SimpleArgument((ExpressionSyntax)node.Right.Accept(this))
}
)
)
));
}
}
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node,
ExecutionState state,
MethodBehavior behavior,
ISymbol symbol,
VariableState variableRightState)
{
if (behavior != null || //Unknown API
symbol == null ||
variableRightState.Taint != VariableTaint.Constant ||
Microsoft.CodeAnalysis.CSharp.CSharpExtensions.Kind(variableRightState.Node) != SyntaxKind.StringLiteralExpression ||
!IsPasswordField(symbol))
{
return;
}
var constValue = state.AnalysisContext.SemanticModel.GetConstantValue(variableRightState.Node);
if (constValue.HasValue && constValue.Value.Equals(""))
{
return;
}
var varSymbol = state.GetSymbol(variableRightState.Node);
if (varSymbol != null && varSymbol.IsType("System.String.Empty"))
{
return;
}
var diagnostic = Diagnostic.Create(Rule, node.GetLocation());
state.AnalysisContext.ReportDiagnostic(diagnostic);
}
public virtual void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node,
ExecutionState state,
MethodBehavior behavior,
ISymbol symbol,
VariableState variableRightState)
{
}
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node,
ExecutionState state,
MethodBehavior behavior,
ISymbol symbol,
VariableState variableRightState)
{
Analyzer.VisitAssignment(symbol, variableRightState);
}
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState)
{
var assignment = node;
if (assignment is CSharpSyntax.AssignmentExpressionSyntax)
{
TagVariables(symbol, variableRightState);
}
}
public static glsl.AssignmentExpressionSyntax Translate(this cs.AssignmentExpressionSyntax node)
{
return(new glsl.AssignmentExpressionSyntax().Update
(
node.Left.Translate(),
node.OperatorToken,
node.Right.Translate()
));
}
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState)
{
if (behavior == null && //Unknown API
(symbol != null && IsPasswordField(symbol)) &&
variableRightState.taint == VariableTaint.CONSTANT //Only constant
)
{
var diagnostic = Diagnostic.Create(Rule, node.GetLocation());
state.AnalysisContext.ReportDiagnostic(diagnostic);
}
}
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState)
{
//Looking for Assigment to Secure or HttpOnly property
if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", "Secure"))
{
variableRightState.AddTag(VariableTag.HttpCookieSecure);
}
else if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", "HttpOnly"))
{
variableRightState.AddTag(VariableTag.HttpCookieHttpOnly);
}
}
private static void VisitAssignmentExpression(SyntaxNodeAnalysisContext ctx)
{
SyntaxNode n, right, left;
if (ctx.Node.Language == LanguageNames.CSharp)
{
CSharpSyntax.AssignmentExpressionSyntax node = ctx.Node as CSharpSyntax.AssignmentExpressionSyntax;
n = node;
right = node.Right;
left = node.Left;
}
else
{
if (ctx.Node is VBSyntax.AssignmentStatementSyntax)
{
VBSyntax.AssignmentStatementSyntax node = ctx.Node as VBSyntax.AssignmentStatementSyntax;
n = node;
right = node.Right;
left = node.Left;
}
else
{
VBSyntax.NamedFieldInitializerSyntax node = ctx.Node as VBSyntax.NamedFieldInitializerSyntax;
n = node;
right = node.Expression;
left = node.Name;
}
}
var symbol = ctx.SemanticModel.GetSymbolInfo(left).Symbol;
var content = right.GetText().ToString();
// Only if it is the RequiredLength property of a PasswordValidator
if (AnalyzerUtil.SymbolMatch(symbol, type: "PasswordValidator", name: "RequiredLength") && content != String.Empty)
{
int numericValue;
// Validates that the value is an int and that it is over the minimum value required
if (int.TryParse(right.GetText().ToString(), out numericValue) && numericValue < Constants.PasswordValidatorRequiredLength)
{
var diagnostic = Diagnostic.Create(RulePasswordLength, n.GetLocation());
ctx.ReportDiagnostic(diagnostic);
}
}
}
