public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId) { var syntax = context.Node as AssignmentExpressionSyntax; if (_handlerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax, ruleId)) { if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } } if (_servicePointManagerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax, ruleId)) { if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } } if (_requestCertificateValidationExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId)) { if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } } }
public IEnumerable <DiagnosticInfo> GetDiagnosticInfo(SyntaxNodeAnalysisContext context) { var result = new List <DiagnosticInfo>(); var syntax = context.Node as AssignmentExpressionSyntax; if (_handlerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax)) { result.Add(new DiagnosticInfo(syntax.GetLocation())); } if (_servicePointManagerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax)) { result.Add(new DiagnosticInfo(syntax.GetLocation())); } if (_requestCertificateValidationExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax)) { result.Add(new DiagnosticInfo(syntax.GetLocation())); } return(result); }