public void /* DangerousMethodsShouldBeAvoided(System.Web.HttpServerUtility.Transfer) */ MethodWithTransfer(/**/)
{
HttpServerUtility obj = new HttpServerUtility();
obj.Transfer("/new/path");
}
public void /* DangerousMethodsShouldBeAvoided(System.Threading.Tasks.TaskFactory.StartNew) */ MethodWithTaskFactoryStartNew(/**/)
{
System.Threading.Tasks.Task.Factory.StartNew(() => { });
}
public void /* DangerousMethodsShouldBeAvoided(System.Threading.Tasks.TaskFactory.StartNew) */ MethodWithGenericTaskFactoryStartNew(/**/)
{
System.Threading.Tasks.Task <int> .Factory.StartNew(() => 1);
}
public void /* DangerousMethodsShouldBeAvoided(System.Threading.Thread.Sleep) */ MethodWithThreadSleepInt(/**/)
public void /* DangerousMethodsShouldBeAvoided(System.Web.HttpServerUtility.Transfer) */ MethodWithTransfer(/**/)
{
HttpServerUtility obj = new HttpServerUtility();
obj.Transfer("/new/path");
}
public void /* DangerousMethodsShouldBeAvoided(System.Threading.Tasks.TaskFactory.StartNew) */ MethodWithTaskFactoryStartNew(/**/)
{
System.Threading.Tasks.Task.Factory.StartNew(() => { });
}
public void /* DangerousMethodsShouldBeAvoided(System.Threading.Tasks.TaskFactory.StartNew) */ MethodWithGenericTaskFactoryStartNew(/**/)
{
System.Threading.Tasks.Task <int> .Factory.StartNew(() => 1);
}
}
internal sealed class AuditedUsages {
[DangerousMethodUsage.Audited(typeof(PropertyInfo), "SetValue")]
public AuditedUsages()
{
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
}
[DangerousMethodUsage.Audited(typeof(PropertyInfo), "SetValue")]
public void Method()
{
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
}
[DangerousMethodUsage.Audited(typeof(Task), "Run")]
public void AsyncMethod()
{
Task.Run <int>(() => Task.FromResult(7));
}
public int PropertyGetter {
[DangerousMethodUsage.Audited(typeof(PropertyInfo), "SetValue")]
get {
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
return(1);
}
}
public int PropertySetter {
[DangerousMethodUsage.Audited(typeof(PropertyInfo), "SetValue")]
set {
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", value, null);
}
}
[DangerousMethodUsage.Audited(typeof(PropertyInfo), "SetValue")]
public void DelegateInsideMethod()
{
Action hacker = () => {
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
};
}
[DangerousMethodUsage.Audited(typeof(HostingEnvironment), "MapPath")]
public void MethodWithMapPath()
{
HostingEnvironment.MapPath("/d2l");
}
[DangerousMethodUsage.Audited(typeof(HttpServerUtility), "Transfer")]
public void MethodWithTransfer()
{
HttpServerUtility obj = new HttpServerUtility();
obj.Transfer("/new/path");
}
}
internal sealed class UnauditedUsages {
[DangerousMethodUsage.Unaudited(typeof(PropertyInfo), "SetValue")]
public UnauditedUsages()
{
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
}
[DangerousMethodUsage.Unaudited(typeof(PropertyInfo), "SetValue")]
public void Method()
{
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
}
[DangerousMethodUsage.Unaudited(typeof(Task), "Run")]
public void AsyncMethod()
{
Task.Run <int>(() => Task.FromResult(7));
}
public int PropertyGetter {
[DangerousMethodUsage.Unaudited(typeof(PropertyInfo), "SetValue")]
get {
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
return(1);
}
}
public int PropertySetter {
[DangerousMethodUsage.Unaudited(typeof(PropertyInfo), "SetValue")]
set {
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", value, null);
}
}
[DangerousMethodUsage.Unaudited(typeof(PropertyInfo), "SetValue")]
public void DelegateInsideMethod()
{
Action hacker = () => {
PropertyInfo p = typeof(string).GetProperty(nameof(string.Length));
p.SetValue("str", 7, null);
};
}
[DangerousMethodUsage.Unaudited(typeof(HostingEnvironment), "MapPath")]
public void MethodWithMapPath()
{
HostingEnvironment.MapPath("/d2l");
}
[DangerousMethodUsage.Unaudited(typeof(HttpServerUtility), "Transfer")]
public void MethodWithTransfer()
{
HttpServerUtility obj = new HttpServerUtility();
obj.Transfer("/new/path");
}
}
internal sealed class MismatchedAuditedUsages {
[DangerousMethodUsage.Audited(null, "SetValue")]
public void /* DangerousMethodsShouldBeAvoided(System.Reflection.PropertyInfo.SetValue) */ NullDeclaringType(/**/)
