public ImmutableArray <int> GetMethodParameterLines(IWorkSession session, int lineInMethod, int columnInMethod)
{
var declaration = RoslynAdapterHelper.FindSyntaxNodeInSession(session, lineInMethod, columnInMethod)
?.AncestorsAndSelf()
.FirstOrDefault(x => x is MethodBlockBaseSyntax || x is LambdaExpressionSyntax);
var parameters = declaration switch
{
MethodBlockBaseSyntax m => m.BlockStatement.ParameterList.Parameters,
LambdaExpressionSyntax l => l.SubOrFunctionHeader.ParameterList.Parameters,
_ => SyntaxFactory.SeparatedList <ParameterSyntax>()
};
if (parameters.Count == 0)
{
return(ImmutableArray <int> .Empty);
}
var results = new int[parameters.Count];
for (var i = 0; i < parameters.Count; i++)
{
results[i] = parameters[i].GetLocation().GetLineSpan().StartLinePosition.Line + 1;
}
return(ImmutableArray.Create(results));
}
private void TaintParameters(MethodBlockBaseSyntax node, ParameterListSyntax parameterList, ExecutionState state)
{
foreach (ParameterSyntax parameter in parameterList.Parameters)
{
state.AddNewValue(ResolveIdentifier(parameter.Identifier.Identifier),
new VariableState(parameter, VariableTaint.Tainted));
}
}
private static bool OnlyThrowsNotImplementedException(MethodBlockBaseSyntax method, SemanticModel semanticModel) => method.Statements.Count == 1 && method.Statements .OfType <ThrowStatementSyntax>() .Select(tss => tss.Expression) .OfType <ObjectCreationExpressionSyntax>() .Select(oces => semanticModel.GetSymbolInfo(oces).Symbol) .OfType <IMethodSymbol>() .Any(s => s != null && s.ContainingType.Is(KnownType.System_NotImplementedException));
/// <summary>
/// Entry point that visits the method statements.
/// </summary>
/// <param name="node"></param>
/// <param name="state"></param>
/// <returns></returns>
private VariableState VisitMethodDeclaration(MethodBlockBaseSyntax node, ParameterListSyntax parameterList, ExecutionState state)
{
foreach (ParameterSyntax parameter in parameterList.Parameters)
{
state.AddNewValue(ResolveIdentifier(parameter.Identifier.Identifier),
new VariableState(parameter, VariableTaint.Tainted));
}
return(VisitBlock(node, state));
}
private VariableState VisitBlock(MethodBlockBaseSyntax node, ExecutionState state)
{
var lastState = new VariableState(node, VariableTaint.Unknown);
foreach (StatementSyntax statement in node.Statements)
{
var statementState = VisitNode(statement, state);
lastState = statementState;
foreach (var ext in Extensions)
{
ext.VisitStatement(statement, state);
}
}
return(lastState);
}
public static SyntaxToken?GetIdentifierOrDefault(this MethodBlockBaseSyntax methodBlockBase)
{
var blockStatement = methodBlockBase?.BlockStatement;
switch (blockStatement?.Kind())
{
case SyntaxKind.SubNewStatement:
return((blockStatement as SubNewStatementSyntax)?.NewKeyword);
case SyntaxKind.FunctionStatement:
case SyntaxKind.SubStatement:
return((blockStatement as MethodStatementSyntax)?.Identifier);
default:
return(null);
}
}
/// <summary>
/// Entry point that visits the method statements.
/// </summary>
private VariableState VisitMethodDeclaration(MethodBlockBaseSyntax node, ParameterListSyntax parameterList, ExecutionState state)
{
if (ProjectConfiguration.AuditMode)
{
TaintParameters(node, parameterList, state);
}
else
{
var symbol = state.AnalysisContext.SemanticModel.GetDeclaredSymbol(node);
if (symbol != null)
{
if (symbol.IsTaintEntryPoint(ProjectConfiguration.TaintEntryPoints))
{
TaintParameters(node, parameterList, state);
}
}
}
return(VisitBlock(node, state));
}
public static MethodBlockBaseSyntax WithStatements(this MethodBlockBaseSyntax syntax, SyntaxList <StatementSyntax> statements)
{
if (syntax == null)
{
throw new System.ArgumentNullException(nameof(syntax));
}
if (syntax is MethodBlockSyntax)
{
return(((MethodBlockSyntax)syntax).WithStatements(statements));
}
if (syntax is ConstructorBlockSyntax)
{
return(((ConstructorBlockSyntax)syntax).WithStatements(statements));
}
if (syntax is AccessorBlockSyntax)
{
return(((AccessorBlockSyntax)syntax).WithStatements(statements));
}
if (syntax is OperatorBlockSyntax)
{
return(((OperatorBlockSyntax)syntax).WithStatements(statements));
}
throw new System.NotSupportedException(syntax.GetType() + " is not supported!");
}
private static List <ParameterSyntax> GetUnusedParameters(MethodBlockBaseSyntax methodBlock)
{
var usedIdentifiers = GetAllUsedVarOrParameterIdentifierNames();
return(methodBlock.BlockStatement
.ParameterList
.Parameters
.Where(p => p.Identifier?.Identifier.ValueText != null &&
!usedIdentifiers.Contains(p.Identifier.Identifier.ValueText))
.ToList());
HashSet <string> GetAllUsedVarOrParameterIdentifierNames() =>
methodBlock.Statements
.SelectMany(statement => statement.DescendantNodes())
.Where(node => node.IsKind(SyntaxKind.IdentifierName) &&
IsVarOrParameter(node))
.Cast <IdentifierNameSyntax>()
.Select(ins => ins.Identifier.ValueText)
.WhereNotNull()
.ToHashSet();
bool IsVarOrParameter(SyntaxNode node)
{
if (node.Parent.IsKind(SyntaxKind.SimpleMemberAccessExpression))
{
return(((MemberAccessExpressionSyntax)node.Parent).Expression == node);
}
if (node.Parent.IsKind(SyntaxKind.ConditionalAccessExpression))
{
return(((ConditionalAccessExpressionSyntax)node.Parent).Expression == node);
}
return(true);
}
}
private VariableState VisitBlock(MethodBlockBaseSyntax node, ExecutionState state)
{
var lastState = new VariableState(node, VariableTaint.Unknown);
return(VisitStatements(node.Statements, state, lastState));
}
public static Location FindIdentifierLocation(this MethodBlockBaseSyntax methodBlockBase) => GetIdentifierOrDefault(methodBlockBase)?.GetLocation();
private static bool IsVirtualOrOverride(MethodBlockBaseSyntax method) =>
method.BlockStatement.Modifiers.Any(m =>
m.IsKind(SyntaxKind.OverridesKeyword) ||
m.IsKind(SyntaxKind.OverridableKeyword));
private static bool IsEmptyMethod(MethodBlockBaseSyntax method) => method.Statements.Count == 0;
private static bool HasAnyParameter(MethodBlockBaseSyntax method) => method.BlockStatement.ParameterList != null && method.BlockStatement.ParameterList.Parameters.Count > 0;
private static bool HasAnyAttribute(MethodBlockBaseSyntax method) => method.BlockStatement.AttributeLists.Count > 0;
private static bool IsInterfaceImplementation(MethodBlockBaseSyntax method) => (method.BlockStatement as MethodStatementSyntax)?.ImplementsClause != null;
