private bool IsInsecureBaseAlgorithmCreationFactoryCall(IMethodSymbol methodSymbol, TInvocationExpressionSyntax invocationExpression)
{
var argumentList = ArgumentList(invocationExpression);
if (argumentList == null || methodSymbol.ContainingType == null)
{
return(false);
}
var methodFullName = $"{methodSymbol.ContainingType}.{methodSymbol.Name}";
if (Arguments(argumentList).Count == 0)
{
return(AlgorithmParameterlessFactoryMethods.Contains(methodFullName));
}
if (Arguments(argumentList).Count > 1 || !IsStringLiteralArgument(Arguments(argumentList).First()))
{
return(false);
}
if (!AlgorithmParameterizedFactoryMethods.Contains(methodFullName))
{
return(false);
}
return(FactoryParameterNames.Any(alg => alg.Equals(StringLiteralValue(Arguments(argumentList).First()), StringComparison.Ordinal)));
}
private bool IsInsecureBaseAlgorithmCreationFactoryCall(IMethodSymbol methodSymbol,
ArgumentListSyntax argumentList)
{
if (argumentList == null || methodSymbol.ContainingType == null)
{
return(false);
}
var methodFullName = $"{methodSymbol.ContainingType}.{methodSymbol.Name}";
if (argumentList.Arguments.Count == 0)
{
return(AlgorithmParameterlessFactoryMethods.Contains(methodFullName));
}
if (argumentList.Arguments.Count > 1 || !argumentList.Arguments.First().Expression.IsKind(SyntaxKind.StringLiteralExpression))
{
return(false);
}
if (!AlgorithmParameterizedFactoryMethods.Contains(methodFullName))
{
return(false);
}
var literalExpressionSyntax = (LiteralExpressionSyntax)argumentList.Arguments.First().Expression;
return(FactoryParameterNames.Any(alg => alg.Equals(literalExpressionSyntax.Token.ValueText, StringComparison.Ordinal)));
}
