public async Task DetectJSonSerializerTypeNameHandlingAllWithNamespace()
{
var cSharpTest = @"
namespace VulnerableApp
{
class Test
{
static void TestDeserialization()
{
var settings = new Newtonsoft.Json.JsonSerializerSettings
{
TypeNameHandling = Newtonsoft.Json.TypeNameHandling.All
};
}
}
}
";
var visualBasicTest = @"
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization()
Dim settings = New Newtonsoft.Json.JsonSerializerSettings With _
{
.TypeNameHandling = Newtonsoft.Json.TypeNameHandling.All
}
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 10, 40)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 7, 41)).ConfigureAwait(false);
}
public async Task DetectDataContractJsonSerializerReadObjectMethods(string inputType, string additionalParams)
{
var cSharpTest = $@"
using System.Runtime.Serialization.Json;
namespace VulnerableApp
{{
class Test
{{
static void TestDeserialization({inputType} input)
{{
var formatter = new DataContractJsonSerializer(typeof(Test));
formatter.ReadObject(input{additionalParams});
}}
}}
}}
";
var visualBasicTest = $@"
Imports System.Runtime.Serialization.Json
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(input As {inputType})
Dim formatter = New DataContractJsonSerializer(GetType(Test))
formatter.ReadObject(input{additionalParams})
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 11)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 8)).ConfigureAwait(false);
}
public async Task DetectJSonSerializerTypeNameHandlingAllAfterSettingsConstruction()
{
var cSharpTest = @"
using Newtonsoft.Json;
namespace VulnerableApp
{
class Test
{
static void TestDeserialization()
{
var settings = new JsonSerializerSettings();
settings.TypeNameHandling = TypeNameHandling.All;
}
}
}
";
var visualBasicTest = @"
Imports Newtonsoft.Json
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization()
Dim settings = New JsonSerializerSettings()
settings.TypeNameHandling = TypeNameHandling.All
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 11, 42)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 8, 42)).ConfigureAwait(false);
}
public async Task DetectServiceStackTypeSerializerDeserializeMethods(string method, string firstParam, string secondParam)
{
var cSharpTest = $@"
using ServiceStack.Text;
namespace VulnerableApp
{{
class Test
{{
static void TestDeserialization({firstParam} param1, {secondParam} param2)
{{
TypeSerializer.{method}(param1, param2);
}}
}}
}}
";
Console.WriteLine(cSharpTest);
var visualBasicTest = $@"
Imports ServiceStack.Text
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(param1 As {firstParam}, param2 as {secondParam})
TypeSerializer.{method}(param1, param2)
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, new[] { expected.WithLocation("Test0.cs", 10), expected.WithLocation("Test0.cs", 10) }).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, new[] { expected.WithLocation("Test0.vb", 7), expected.WithLocation("Test0.vb", 7) }).ConfigureAwait(false);
}
public async Task CsrfDetectMissingToken()
{
var cSharpTest = $@"
using {Namespace};
namespace VulnerableApp
{{
public class TestController
{{
[HttpPost]
public ActionResult ControllerMethod(string input)
{{
return null;
}}
}}
}}
";
var visualBasicTest = $@"
Imports {Namespace}
Namespace VulnerableApp
Public Class TestController
<HttpPost> _
Public Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = CsrfTokenAnalyzer.DiagnosticId,
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 9, 29)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 7, 25)).ConfigureAwait(false);
}
public async Task DetectLosFormatterDeserializeMethod(string inputType)
{
var cSharpTest = $@"
using System.Web.UI;
namespace VulnerableApp
{{
class Test
{{
static void TestDeserialization({inputType} input)
{{
var formatter = new LosFormatter();
formatter.Deserialize(input);
}}
}}
}}
";
var visualBasicTest = $@"
Imports System.Web.UI
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(input As {inputType})
Dim formatter = New LosFormatter()
formatter.Deserialize(input)
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 11)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 8)).ConfigureAwait(false);
}
public async Task DetectXmlMessageFormatterReadMethod()
{
var cSharpTest = @"
using System.Messaging;
namespace VulnerableApp
{
class Test
{
static void TestDeserialization(Message input)
{
var formatter = new XmlMessageFormatter();
formatter.Read(input);
}
}
}
";
var visualBasicTest = @"
Imports System.Messaging
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(input As Message)
Dim formatter = New XmlMessageFormatter()
formatter.Read(input)
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 11)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 8)).ConfigureAwait(false);
}
public async Task DetectXmlSerializerConstructor()
{
var cSharpTest = @"
using System;
using System.Xml.Serialization;
namespace VulnerableApp
{
class Test
{
static void TestDeserialization(Type objectType)
{
var formatter = new XmlSerializer(objectType);
}
}
}
";
var visualBasicTest = @"
Imports System
Imports System.Xml.Serialization
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(objectType as Type)
Dim formatter = New XmlSerializer(objectType)
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 11)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 8)).ConfigureAwait(false);
}
public async Task CsrfValidateWrongAntiForgeryTokenPresent2()
{
var cSharpTest = @"
namespace VulnerableApp
{
public class TestController : System.Web.Mvc.Controller
{
[System.Web.Mvc.HttpPost]
[Microsoft.AspNetCore.Mvc.ValidateAntiForgeryToken]
public System.Web.Mvc.ActionResult ControllerMethod(string input)
{
return null;
}
}
}
";
var visualBasicTest = @"
Namespace VulnerableApp
Public Class TestController
Inherits System.Web.Mvc.Controller
<System.Web.Mvc.HttpPost> _
<Microsoft.AspNetCore.Mvc.ValidateAntiForgeryToken> _
Public Function ControllerMethod(input As String) As System.Web.Mvc.ActionResult
Return Nothing
End Function
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = CsrfTokenDiagnosticAnalyzer.DiagnosticId,
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation(8, 44)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation(8, 25)).ConfigureAwait(false);
}
public async Task WeakCertVulnerable1()
{
var cSharpTest = @"
using System.Net;
class WeakCert {
public void DoGetRequest1()
{
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
string url = ""https://hack.me/"";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.GetResponse();
}
}
";
var visualBsicTest = @"
Imports System.Net
Class WeakCert
Public Sub DoGetRequest1() '
ServicePointManager.ServerCertificateValidationCallback = Function(sender, cert, chain, sslPolicyErrors)
Return True
End Function
Dim url As String = ""https://hack.me/""
Dim request As HttpWebRequest = DirectCast(WebRequest.Create(url), HttpWebRequest)
request.GetResponse()
End Sub
End Class
";
await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(7)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBsicTest, Expected.WithLocation(6)).ConfigureAwait(false);
}
public async Task DetectInlineValidateInputAttribute()
{
var cSharpTest = @"
using System.Web.Mvc;
namespace VulnerableApp
{
public class TestController
{
[HttpPost, ValidateInput(false)]
public ActionResult ControllerMethod(string input) {
return null;
}
}
}
";
var visualBasicTest = @"
Imports System.Web.Mvc
Namespace VulnerableApp
Public Class TestController
<HttpPost, ValidateInput(False)> _
Public Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = "SCS0017",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 8, 34)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 6, 34)).ConfigureAwait(false);
}
public async Task DetectJSONToObjectGenericMethod()
{
var cSharpTest = @"
using fastJSON;
namespace VulnerableApp
{
class Test
{
static void TestDeserialization(string input)
{
JSON.ToObject<Test>(input);
}
}
}
";
var visualBasicTest = @"
Imports fastJSON
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(input As String)
JSON.ToObject(Of Test)(input)
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation(10)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation(7)).ConfigureAwait(false);
}
public async Task DetectAllowHtmlAttributeWithNamespace()
{
var cSharpTest = @"
namespace VulnerableApp
{
public class TestModel
{
[System.Web.Mvc.AllowHtml]
public string TestProperty { get; set; }
}
}
";
var visualBasicTest = @"
Namespace VulnerableApp
Public Class TestModel
<System.Web.Mvc.AllowHtml>
Public Property TestProperty As String
Get
Return ""Test""
End Get
Set(value As String)
End Set
End Property
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = "SCS0017",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation("Test0.cs", 6, 10)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation("Test0.vb", 5, 10)).ConfigureAwait(false);
}
public async Task DetectResourceReaderCreations(string inputType)
{
var cSharpTest = $@"
using System.Resources;
namespace VulnerableApp
{{
class Test
{{
static void TestDeserialization({inputType} input)
{{
var formatter = new ResourceReader(input);
}}
}}
}}
";
var visualBasicTest = $@"
Imports System.Resources
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(input As {inputType})
Dim formatter = New ResourceReader(input)
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult()
{
Id = "SCS0028",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation(10)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation(7)).ConfigureAwait(false);
}
public async Task CsrfDetectMissingToken()
{
var cSharpTest = $@"
using {Namespace};
namespace VulnerableApp
{{
public class TestController : Controller
{{
[HttpPost]
public ActionResult ControllerMethod(string input)
{{
return null;
}}
}}
}}
";
var visualBasicTest = $@"
Imports {Namespace}
Namespace VulnerableApp
Public Class TestController
Inherits Controller
<HttpPost> _
Public Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(9, 29)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(9, 25)).ConfigureAwait(false);
}
public async Task TestHandlesEndOfFileAsync()
{
var testCode = @"namespace TestNamespace
{";
DiagnosticResult expected = new DiagnosticResult
{
Id = "CS1513",
Message = "} expected",
Severity = DiagnosticSeverity.Error,
};
expected = expected.WithLocation(2, 2);
await this.VerifyCSharpDiagnosticAsync(testCode, expected, CancellationToken.None).ConfigureAwait(false);
}
public async Task Generator_NoCandidates_AddAttributeUnconditionally()
{
string code = @"
using System;
using Roslyn.Generated;
namespace Tests
{
internal static partial class Greeter
{
public static partial string {|#0:GetHelloWorld_0|}();
[Placeholder]
public static partial string {|#1:GetHelloWorld_1|}();
[HelloWorld]
public static partial string {|#2:GetHelloWorld_2|}(object obj);
[HelloWorld]
public static string {|#3:GetHelloWorld_3|}();
[HelloWorld]
public static partial void {|#4:GetHelloWorld_4|}();
}
[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
internal sealed class PlaceholderAttribute : Attribute
{
}
}
";
DiagnosticResult cs0501 = VerifyCS.Diagnostic("CS0501", DiagnosticSeverity.Error);
DiagnosticResult cs8795 = VerifyCS.Diagnostic("CS8795", DiagnosticSeverity.Error);
DiagnosticResult[] diagnostics =
{
cs8795.WithLocation(0).WithArguments("Tests.Greeter.GetHelloWorld_0()"),
cs8795.WithLocation(1).WithArguments("Tests.Greeter.GetHelloWorld_1()"),
cs8795.WithLocation(2).WithArguments("Tests.Greeter.GetHelloWorld_2(object)"),
cs0501.WithLocation(3).WithArguments("Tests.Greeter.GetHelloWorld_3()"),
cs8795.WithLocation(4).WithArguments("Tests.Greeter.GetHelloWorld_4()"),
};
await VerifyCS.VerifyGeneratorAsync(code, diagnostics, ("HelloWorldAttribute.g.cs", Attribute));
}
public async Task Test1()
{
var test = @"
using Lazy;
class Test
{
[Lazy]
public Test {|#0:Property|} => new Test();
}";
var results = new[]
{
CA1822.WithLocation(0).WithIsSuppressed(true)
};
await VerifyCS.VerifyAnalyzerAsync(test, results);
}
public async Task DetectValidateInputAttribute()
{
const string cSharpTest = @"
using System.Web.Mvc;
namespace VulnerableApp
{
public class TestController
{
[HttpPost]
[ValidateInput(false)]
public ActionResult ControllerMethod(string input) {
return null;
}
}
}
";
const string visualBasicTest = @"
Imports System.Web.Mvc
Namespace VulnerableApp
Public Class TestController
<HttpPost> _
<ValidateInput(False)> _
Public Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(9, 24)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(7, 24)).ConfigureAwait(false);
}
public async Task IgnoreOverridenValidateInputAttributeWasSetOnOverridenMethod()
{
var cSharpTest = @"
using System.Web.Mvc;
namespace VulnerableApp
{
public class TestControllerBase : Controller
{
[HttpPost]
[ValidateInput(false)]
public virtual ActionResult ControllerMethod(string input) {
return null;
}
}
public class TestController : TestControllerBase
{
[ValidateInput(true)]
public override ActionResult ControllerMethod(string input) {
return null;
}
}
}
";
var visualBasicTest = @"
Imports System.Web.Mvc
Namespace VulnerableApp
Public Class TestControllerBase
Inherits Controller
<HttpPost>
<ValidateInput(false)> _
Public Overridable Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
Public Class TestController
Inherits TestControllerBase
<ValidateInput(true)>
Public Overrides Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
var expectedOnAttribute = new DiagnosticResult
{
Id = "SCS0017",
Severity = DiagnosticSeverity.Warning,
Message = "Request validation is disabled"
};
await VerifyCSharpDiagnostic(cSharpTest, new[]
{
expectedOnAttribute.WithLocation("Test0.cs", 9, 24)
}).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, new[]
{
expectedOnAttribute.WithLocation("Test0.vb", 8, 24)
}).ConfigureAwait(false);
}
public async Task DetectValidateInputAttributeWasSetOnParentClass()
{
var cSharpTest = @"
using System.Web.Mvc;
namespace VulnerableApp
{
[ValidateInput(false)]
public class TestControllerBase : Controller
{
}
public class TestController : TestControllerBase
{
[HttpPost]
public ActionResult ControllerMethod(string input) {
return null;
}
}
}
";
var visualBasicTest = @"
Imports System.Web.Mvc
Namespace VulnerableApp
<ValidateInput(false)>
Public Class TestControllerBase
Inherits Controller
End Class
Public Class TestController
Inherits TestControllerBase
<HttpPost> _
Public Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
var expectedOnAttribute = new DiagnosticResult
{
Id = "SCS0017",
Severity = DiagnosticSeverity.Warning,
Message = "Request validation is disabled"
};
var expectedOnMethod = new DiagnosticResult
{
Id = "SCS0017",
Severity = DiagnosticSeverity.Warning,
Message = "Request validation disabled in base class"
};
await VerifyCSharpDiagnostic(cSharpTest, new[]
{
expectedOnAttribute.WithLocation("Test0.cs", 6, 20),
expectedOnMethod.WithLocation("Test0.cs", 11, 18)
}).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, new []
{
expectedOnAttribute.WithLocation("Test0.vb", 5, 20),
expectedOnMethod.WithLocation("Test0.vb", 10, 18)
}).ConfigureAwait(false);
}
public async Task ConditionalConstructorOpenRedirectCSharp(string injectableByDefault, string arguments, string parameters, bool warn)
{
var cSharpTest = $@"
using Microsoft.AspNetCore.Mvc;
class OpenRedirect : Controller
{{
public ActionResult Foo({arguments})
{{
return new ConditionallyScaryRedirect{parameters};
}}
}}
class ConditionallyScaryRedirect : ActionResult
{{
public ConditionallyScaryRedirect(string maybeTainted = null, bool injectable = {injectableByDefault}) : base()
{{
// pretend there's something here
}}
#pragma warning disable CS0649
public int x;
#pragma warning restore CS0649
}}
";
var testConfig = @"
Behavior:
Conditional:
ClassName: ConditionallyScaryRedirect
Name: .ctor
Method:
Condition: {1: { Value: True } }
ArgTypes: (System.String, System.Boolean)
InjectableArguments: [SCS0027: 0]
";
var config = ConfigurationTest.CreateAnalyzersOptionsWithConfig(testConfig);
if (warn)
{
var expectedCSharp =
new[]
{
Expected.WithLocation(8)
};
var expectedVB =
new[]
{
Expected.WithLocation(8)
};
await VerifyCSharpDiagnostic(cSharpTest, expectedCSharp, options : config).ConfigureAwait(false);
}
else
{
await VerifyCSharpDiagnostic(cSharpTest, null, options : config).ConfigureAwait(false);
}
}
public async Task AddCustomCsrfAttributeForMvc()
{
var cSharpTest = @"
using System;
using System.Web.Mvc;
namespace VulnerableApp
{
[System.AttributeUsage(System.AttributeTargets.Class | System.AttributeTargets.Method)]
public class TestAttribute : Attribute
{
}
public class TestController : Controller
{
[HttpPost]
[TestAttribute]
public ActionResult ControllerMethod(string input)
{
return null;
}
}
}
";
var visualBasicTest = @"
Imports System
Imports System.Web.Mvc
Namespace VulnerableApp
<System.AttributeUsage(System.AttributeTargets.Class Or System.AttributeTargets.Method)>
Public Class TestAttribute
Inherits Attribute
End Class
Public Class TestController
Inherits Controller
<HttpPost>
<TestAttribute>
Public Function ControllerMethod(input As String) As ActionResult
Return Nothing
End Function
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = CsrfTokenDiagnosticAnalyzer.DiagnosticId,
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected.WithLocation(16, 29)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected.WithLocation(16, 25)).ConfigureAwait(false);
var testConfig = @"
CsrfProtection:
- Name: ASP.NET MVC
AntiCsrfAttributes:
- Name: VulnerableApp.TestAttribute
";
var optionsWithProjectConfig = ConfigurationTest.CreateAnalyzersOptionsWithConfig(testConfig);
await VerifyCSharpDiagnostic(cSharpTest, null, optionsWithProjectConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, optionsWithProjectConfig).ConfigureAwait(false);
}
public async Task ReportSuppressions_MSTest_SuppressForTestMethods(bool useTestClassAttribute, bool useTestMethodAttribute, bool useDataTestMethodAttribute, bool isSuppressed)
{
var code =
$@"using Microsoft.VisualStudio.TestTools.UnitTesting;
{(useTestClassAttribute ? "[TestClass]" : "")}
public class MSTest
{{
{(useTestMethodAttribute ? "[TestMethod]" : "")}
public void {{|#0:Given_When_Then|}}()
{{
Assert.AreEqual(240, 0x_F0);
}}
{(useDataTestMethodAttribute ? "[DataTestMethod]" : "")}
[DataRow(0x_F0)]
public void {{|#1:MethodUnderTest_Scenario_ExpectedResult|}}(int value)
{{
Assert.AreEqual(240, value);
}}
}}";
var expected = new[]
{
CA1707.WithLocation(0).WithIsSuppressed(isSuppressed),
CA1707.WithLocation(1).WithIsSuppressed(isSuppressed),
};
await VerifyAsync(code, expected, typeof(Microsoft.VisualStudio.TestTools.UnitTesting.TestClassAttribute));
}
public async Task SqlInjectionEntityFrameworkCore(string sink, bool warn, bool obsolete = false)
{
var cSharpTest = $@"
using Microsoft.EntityFrameworkCore;
using System.Web.Mvc;
namespace sample
{{
public class SampleContext : DbContext
{{
public DbSet<string> Test {{ get; set; }}
}}
public class MyFooController : Controller
{{
public void Run(string input, params object[] parameters)
{{
#pragma warning disable CS0618
{sink};
#pragma warning restore CS0618
}}
}}
}}
";
sink = sink.CSharpReplaceToVBasic();
var visualBasicTest = $@"
Imports Microsoft.EntityFrameworkCore
Imports System.Web.Mvc
Namespace sample
Public Class SampleContext
Inherits DbContext
Public Property Test As DbSet(Of String)
End Class
Public Class MyFooController
Inherits Controller
Public Sub Run(input As System.String, ParamArray parameters() As Object)
#Disable Warning BC40000
Dim temp = {sink}
#Enable Warning BC40000
End Sub
End Class
End Namespace
";
var csDeprecated = CSharpDeprecated.WithLocation(17, 13);
var vbDeprecated = VBasicDeprecated.WithLocation(17, 24);
var expected = new DiagnosticResult
{
Id = "SCS0002",
Severity = DiagnosticSeverity.Warning,
};
if (warn)
{
await VerifyCSharpDiagnostic(cSharpTest, obsolete?new [] { csDeprecated, expected } : new[] { expected }, dotNetVersion : new Version(4, 6, 1)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, obsolete?new[] { vbDeprecated, expected } : new[] { expected }, dotNetVersion : new Version(4, 6, 1)).ConfigureAwait(false);
}
else
{
await VerifyCSharpDiagnostic(cSharpTest, obsolete?new[] { csDeprecated } : null, dotNetVersion : new Version(4, 6, 1)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, obsolete?new[] { vbDeprecated } : null, dotNetVersion : new Version(4, 6, 1)).ConfigureAwait(false);
}
}
public async Task DetectBinaryFormatterDeserializationMethods(string method, string additionalParams)
{
var cSharpTest = $@"
using System.IO;
using System.Runtime.Serialization.Formatters.Binary;
namespace VulnerableApp
{{
class Test
{{
public void TestDeserialization(Stream input)
{{
var formatter = new BinaryFormatter();
formatter.{method}(input{additionalParams});
}}
}}
}}
";
var vbAdditionalParams = additionalParams.CSharpReplaceToVBasic();
var visualBasicTest = $@"
Imports System.IO
Imports System.Runtime.Serialization.Formatters.Binary
Namespace VulnerableApp
Class Test
Public Sub TestDeserialization(input As Stream)
Dim formatter = New BinaryFormatter()
formatter.{method}(input{vbAdditionalParams})
End Sub
End Class
End Namespace
";
var testConfig = @"
TaintEntryPoints:
AAA:
Namespace: VulnerableApp
ClassName: Test
";
var optionsWithProjectConfig = ConfigurationTest.CreateAnalyzersOptionsWithConfig(testConfig);
await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(12), optionsWithProjectConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(9), optionsWithProjectConfig).ConfigureAwait(false);
}
public ContainAssertions WithLocation(int line, int column)
{
_diagnosticResult = _diagnosticResult.WithLocation(line, column);
return(this);
}
public async Task DetectBinaryFormatterDeserializationMethods(string method, string additionalParams)
{
var cSharpTest = $@"
using System.IO;
using System.Runtime.Serialization.Formatters.Binary;
namespace VulnerableApp
{{
class Test
{{
static void TestDeserialization(Stream input)
{{
var formatter = new BinaryFormatter();
formatter.{method}(input{additionalParams});
}}
}}
}}
";
var vbAdditionalParams = additionalParams.Replace("null", "Nothing");
var visualBasicTest = $@"
Imports System.IO
Imports System.Runtime.Serialization.Formatters.Binary
Namespace VulnerableApp
Class Test
Private Sub TestDeserialization(input As Stream)
Dim formatter = New BinaryFormatter()
formatter.{method}(input{vbAdditionalParams})
End Sub
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest, Expected.WithLocation(12)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, Expected.WithLocation(9)).ConfigureAwait(false);
}