public RuleResult CheckMethod(MethodDefinition method)
{
// rule does not apply if there's no IL code
// or if it was generated by the compiler or tools
if (!method.HasBody || method.IsGeneratedCode())
{
return(RuleResult.DoesNotApply);
}
// is there a Newobj *and* a Throw instruction in this method
if (!bitmask.IsSubsetOf(OpCodeEngine.GetBitmask(method)))
{
return(RuleResult.DoesNotApply);
}
int n = 0;
bool cond_branch = false;
foreach (Instruction inst in method.Body.Instructions)
{
// check if the code is linear or with branches
if (FlowControl.Cond_Branch == inst.OpCode.FlowControl)
{
cond_branch = true;
}
// if there are branch and it's long enough then assume it is implemented
if (cond_branch && (++n > 10))
{
break;
}
// check for "throw new NotImplementedException (...)"
if (inst.OpCode.Code != Code.Newobj)
{
continue;
}
MethodReference ctor = (MethodReference)inst.Operand;
if (!ctor.DeclaringType.IsNamed("System", "NotImplementedException"))
{
continue;
}
if (inst.Next.OpCode.Code != Code.Throw)
{
continue;
}
// the defect is more severe if the method is visible outside it's assembly
Severity severity = method.IsPublic ? Severity.High : Severity.Medium;
Runner.Report(method, severity, Confidence.Normal);
return(RuleResult.Failure);
}
return(RuleResult.Success);
}
public RuleResult CheckMethod(MethodDefinition method)
{
if (!method.HasBody)
{
return(RuleResult.DoesNotApply);
}
// check if the method contains a Isinst, Ldnull *and* Ceq instruction
if (!bitmask.IsSubsetOf(OpCodeEngine.GetBitmask(method)))
{
return(RuleResult.DoesNotApply);
}
IList <Instruction> instructions = method.Body.Instructions;
int n = instructions.Count - 2;
for (int i = 0; i < n; i++)
{
Code code0 = instructions [i].OpCode.Code;
if (code0 != Code.Isinst)
{
continue;
}
Code code1 = instructions [i + 1].OpCode.Code;
if (code1 != Code.Ldnull)
{
continue;
}
Code code2 = instructions [i + 2].OpCode.Code;
if (code2 != Code.Ceq)
{
continue;
}
Runner.Report(method, instructions[i], Severity.High, Confidence.High);
}
return(Runner.CurrentRuleResult);
}
public RuleResult CheckMethod(MethodDefinition method)
{
// rule only applies to methods with IL...
if (!method.HasBody)
{
return(RuleResult.DoesNotApply);
}
// and when the IL contains both a isinst and ldnull
if (!mask.IsSubsetOf(OpCodeEngine.GetBitmask(method)))
{
return(RuleResult.DoesNotApply);
}
foreach (Instruction ins in method.Body.Instructions)
{
bool detected = false;
switch (ins.OpCode.Code)
{
case Code.Brfalse_S:
case Code.Brfalse:
detected = CheckFalseBranch(ins);
break;
case Code.Brtrue_S:
case Code.Brtrue:
detected = CheckTrueBranch(ins);
break;
}
if (detected)
{
Runner.Report(method, ins, Severity.Medium, Confidence.Normal);
}
}
return(Runner.CurrentRuleResult);
}
