public Diagnostic(TextSpan textSpan, DiagnosticId diagnosticId, string message) { Span = textSpan; Message = message; DiagnosticId = diagnosticId; Severity = DiagnosticFacts.GetSeverity(diagnosticId); }
public static Diagnostic Format(TextSpan textSpan, DiagnosticId diagnosticId, params object[] args) { var message = diagnosticId.GetMessage(); var formattedMessage = (message != null) ? string.Format(CultureInfo.CurrentCulture, message, args) : $"Missing diagnostic message for {diagnosticId}"; return new Diagnostic(textSpan, diagnosticId, formattedMessage); }
public static void EmitError(this IDiagnosticConsumer consumer, DiagnosticId id, string msg, params object[] args) { var diagInfo = new DiagnosticInfo { Kind = DiagnosticKind.Error, Message = string.Format(msg, args) }; consumer.Emit(diagInfo); }
public static DiagnosticSeverity GetSeverity(DiagnosticId id) { switch (id) { case DiagnosticId.LoopControlVariableConflict: case DiagnosticId.ImplicitTruncation: return DiagnosticSeverity.Warning; default: return DiagnosticSeverity.Error; } }
public static string GetErrorString(DiagnosticId diagnosticId) { switch (diagnosticId) { case DiagnosticId.CannotApplyUnaryOperator: case DiagnosticId.CannotApplyBinaryOperator: return "#inapplicable"; case DiagnosticId.AmbiguousInvocation: case DiagnosticId.AmbiguousUnaryOperator: case DiagnosticId.AmbiguousBinaryOperator: return "#ambiguous"; case DiagnosticId.UndeclaredFunction: return "#undeclared"; case DiagnosticId.CannotConvert: return "#cannotconvert"; default: throw new ArgumentOutOfRangeException(nameof(diagnosticId)); } }
public static string GetDiagnosticSubcategory(this DiagnosticId diagnosticId) => (int)diagnosticId switch
public bool IsVulnerable(SemanticModel model, InvocationExpressionSyntax syntax, DiagnosticId ruleId) { if (!ContainsFileDeleteCommands(syntax)) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (!IsFileDeleteCommand(symbol)) { return(false); } if (syntax.ArgumentList.Arguments.Count > 0) { var argSyntax = syntax.ArgumentList.Arguments[0].Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(argSyntax); if (expressionAnalyzer.CanIgnore(model, argSyntax)) { return(false); } if (expressionAnalyzer.CanSuppress(model, argSyntax, ruleId)) { return(false); } } return(true); }
public virtual void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId) { }
public async Task AnyAndAllWithLinqCreatesDiagnostic(string code, int column, DiagnosticId diagnosticId) { var source = code.WrapInCSharpMethod(usings: "\nusing System.Linq;"); var expected = new DiagnosticResult { Id = diagnosticId.ToDiagnosticId(), Message = diagnosticId == DiagnosticId.ChangeAnyToAll ? ChangeAnyToAllAnalyzer.MessageAny : ChangeAnyToAllAnalyzer.MessageAll, Severity = DiagnosticSeverity.Hidden, Locations = new[] { new DiagnosticResultLocation("Test0.cs", 13, column) } }; await VerifyCSharpDiagnosticAsync(source, expected); }
public bool IsVulnerable(SemanticModel model, InvocationExpressionSyntax syntax, DiagnosticId ruleId) { if (!syntax.ToString().Contains("Redirect")) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if ((symbol?.Name == "Redirect" || symbol?.Name == "RedirectPermanent") && symbol?.ReceiverType.ToString() == "System.Web.HttpResponse") { if (syntax.ArgumentList.Arguments.Count > 0) { var argSyntax = syntax.ArgumentList.Arguments[0].Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(argSyntax); if (expressionAnalyzer.CanIgnore(model, argSyntax)) { return(false); } if (expressionAnalyzer.CanSuppress(model, argSyntax, ruleId)) { return(false); } } return(true); } return(false); }
public bool IsVulnerable(SemanticModel model, ObjectCreationExpressionSyntax syntax, DiagnosticId ruleId) { if (!syntax.ToString().Contains("DirectoryEntry")) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (symbol.IsCtorFor("System.DirectoryServices.DirectoryEntry")) { if (syntax.ArgumentList?.Arguments.Count > 0) { var argSyntax = syntax.ArgumentList.Arguments[0].Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(argSyntax); if (expressionAnalyzer.CanIgnore(model, argSyntax)) { return(false); } if (expressionAnalyzer.CanSuppress(model, argSyntax, ruleId)) { return(false); } } var filter = syntax.Initializer?.Expressions.OfType <AssignmentExpressionSyntax>() .FirstOrDefault(p => (p.Left as IdentifierNameSyntax)?.Identifier.ValueText == "Path"); if (filter != null) { var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(filter.Right); if (expressionAnalyzer.CanIgnore(model, filter.Right)) { return(false); } if (expressionAnalyzer.CanSuppress(model, filter.Right, ruleId)) { return(false); } } if (filter == null && syntax.ArgumentList?.Arguments.Count == 0) { return(false); } return(true); } return(false); }
public static string ToDiagnosticId(this DiagnosticId diagnosticId) => $"CC{(int)diagnosticId :D4}";
public override bool CanSuppress(SemanticModel model, SyntaxNode syntax, DiagnosticId ruleId) { return(true); }
public bool IsVulnerable(SemanticModel model, ObjectCreationExpressionSyntax syntax, DiagnosticId ruleId) { if (!containsCommands(syntax)) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (!isConstructor(symbol)) { return(false); } if (syntax.ArgumentList.Arguments.Count == 0) { return(false); } var arg = syntax.ArgumentList.Arguments[0].Expression; //var argSyntax = arg.Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(arg); if (expressionAnalyzer.CanIgnore(model, arg)) { return(false); } if (expressionAnalyzer.CanSuppress(model, arg, ruleId)) { return(false); } Source = arg; return(true); }
internal static string CreateIdString(DiagnosticId id) { int num = (int)id; return("REVIEW" + num.ToString("D5")); }
public bool IsVulnerable(SemanticModel model, ObjectCreationExpressionSyntax syntax, DiagnosticId ruleId) { if (!syntax.ToString().Contains("FileStream")) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (symbol.IsCtorFor("System.IO.FileStream")) { if (syntax.ArgumentList.Arguments.Count > 0) { var argSyntax = syntax.ArgumentList.Arguments[0].Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(argSyntax); if (expressionAnalyzer.CanIgnore(model, argSyntax)) { return(false); } if (expressionAnalyzer.CanSuppress(model, argSyntax, ruleId)) { return(false); } } return(true); } return(false); }
public bool IsVulnerable(SemanticModel model, AssignmentExpressionSyntax syntax, DiagnosticId ruleId) { //2 cases here: x.TypeNameHandling or { TypeNameHandling = } if (syntax?.Left is MemberAccessExpressionSyntax) { var leftSyntax = syntax?.Left as MemberAccessExpressionSyntax; if (leftSyntax == null || string.Compare(leftSyntax.Name.Identifier.ValueText, "TypeNameHandling", true) != 0) { return(false); } var leftSymbol = model.GetSymbolInfo(leftSyntax.Name).Symbol as IPropertySymbol; if (leftSymbol == null || string.Compare(leftSymbol.Type.ToString(), "Newtonsoft.Json.TypeNameHandling", true) != 0) { return(false); } var rightSyntax = syntax?.Right as MemberAccessExpressionSyntax; if (rightSyntax == null || string.Compare(rightSyntax.Name.Identifier.ValueText, "None", true) == 0) { return(false); } return(true); } if (syntax?.Left is IdentifierNameSyntax) { var leftSyntax = syntax?.Left as IdentifierNameSyntax; if (leftSyntax == null || string.Compare(leftSyntax.Identifier.ValueText, "TypeNameHandling", true) != 0) { return(false); } var leftSymbol = model.GetSymbolInfo(leftSyntax).Symbol as IPropertySymbol; if (leftSymbol == null || string.Compare(leftSymbol.Type.ToString(), "Newtonsoft.Json.TypeNameHandling", true) != 0) { return(false); } var rightSyntax = syntax?.Right as MemberAccessExpressionSyntax; if (rightSyntax == null || string.Compare(rightSyntax.Name.Identifier.ValueText, "None", true) == 0) { return(false); } return(true); } return(false); }
public static IDiagnostic Identified(this IDiagnostic self, DiagnosticId id) => new IdentifiedDiagnostic(self, id);
public static void Report(this ICollection <PretokenizedDiagnostic> diagnostics, int offset, int width, DiagnosticId diagnosticId, params object[] args) { var diagnostic = PretokenizedDiagnostic.Create(ShaderLabMessageProvider.Instance, offset, width, (int)diagnosticId, args); diagnostics.Add(diagnostic); }
public static Diagnostic Format(TextSpan textSpan, DiagnosticId diagnosticId, params object[] args) { var message = diagnosticId.GetMessage(); var formattedMessage = string.Format(CultureInfo.CurrentCulture, message, args); return new Diagnostic(textSpan, diagnosticId, formattedMessage); }
public static DiagnosticSeverity GetSeverity(DiagnosticId id) { return DiagnosticSeverity.Error; }
public bool IsVulnerable(SemanticModel model, ObjectCreationExpressionSyntax syntax, DiagnosticId ruleId) { if (!ContainsSqlCommand(syntax)) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (!IsSymbolSqlCommand(symbol)) { return(false); } if (syntax.ArgumentList != null && syntax.ArgumentList.Arguments.Any()) { var commandTextArg = syntax.ArgumentList.Arguments[0].Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(commandTextArg); if (expressionAnalyzer.CanIgnore(model, commandTextArg)) { return(false); } if (expressionAnalyzer.CanSuppress(model, commandTextArg, ruleId)) { return(false); } } var commandTextInitializer = syntax.Initializer?.Expressions.OfType <AssignmentExpressionSyntax>() .FirstOrDefault(p => { var nameSyntax = p.Left as IdentifierNameSyntax; return(nameSyntax?.Identifier.ValueText == "CommandText"); }); if (commandTextInitializer != null) { var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(commandTextInitializer); if (expressionAnalyzer.CanIgnore(model, commandTextInitializer)) { return(false); } if (expressionAnalyzer.CanSuppress(model, commandTextInitializer, ruleId)) { return(false); } } return(commandTextInitializer != null || (syntax.ArgumentList != null && syntax.ArgumentList.Arguments.Any())); }
private static MessageContainer CreateWarningMessageContainer(LinkContext context, MessageOrigin origin, DiagnosticId id, WarnVersion version, string subcategory, params string[] args) { if (!(version >= WarnVersion.ILLink0 && version <= WarnVersion.Latest)) { throw new ArgumentException($"The provided warning version '{version}' is invalid."); } if (context.IsWarningSuppressed((int)id, origin)) { return(Empty); } if (version > context.WarnVersion) { return(Empty); } if (TryLogSingleWarning(context, (int)id, origin, subcategory)) { return(Empty); } if (context.IsWarningAsError((int)id)) { return(new MessageContainer(MessageCategory.WarningAsError, id, subcategory, origin, args)); } return(new MessageContainer(MessageCategory.Warning, id, subcategory, origin, args)); }
public bool IsVulnerable(SemanticModel model, MemberAccessExpressionSyntax syntax, DiagnosticId ruleId) { //Quick check for the object name if (!IsTypeName(syntax)) { return(false); } //Verify full namesapce var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (!symbol.IsMethod("Microsoft.AspNetCore.Cors.Infrastructure.CorsPolicyBuilder", "AllowAnyOrigin")) { return(false); } return(true); }
private static DiagnosticResult CreateNameofDiagnosticResult(string nameofArgument, int diagnosticLine, int diagnosticColumn, DiagnosticId id = DiagnosticId.NameOf) { return(new DiagnosticResult { Id = id.ToDiagnosticId(), Message = $"Use 'nameof({nameofArgument})' instead of specifying the program element name.", Severity = DiagnosticSeverity.Warning, Locations = new[] { new DiagnosticResultLocation("Test0.cs", diagnosticLine, diagnosticColumn) } }); }
public async Task NegationWithCoalesceExpressionCreatesDiagnostic(string methodName, DiagnosticId diagnosticId) { var source = $@" var ints = new [] {{ 1 }}; var query = !ints?.{methodName}(i => i == 1) ?? true;"; var expected = new DiagnosticResult { Id = diagnosticId.ToDiagnosticId(), Message = diagnosticId == DiagnosticId.ChangeAnyToAll ? ChangeAnyToAllAnalyzer.MessageAny : ChangeAnyToAllAnalyzer.MessageAll, Severity = DiagnosticSeverity.Hidden, Locations = new[] { new DiagnosticResultLocation("Test0.cs", 13, 20) } }; await VerifyCSharpDiagnosticAsync(source.WrapInCSharpMethod(usings: "\nusing System.Linq;"), expected); }
public void LogWarning(MethodIL origin, int ilOffset, DiagnosticId id, params string[] args) { MessageOrigin messageOrigin = new MessageOrigin(origin, ilOffset); LogWarning(messageOrigin, id, args); }
public static void Report(this ICollection <Diagnostic> diagnostics, SourceRange sourceRange, DiagnosticId diagnosticId, params object[] args) { var diagnostic = Diagnostic.Create(HlslMessageProvider.Instance, sourceRange, (int)diagnosticId, args); diagnostics.Add(diagnostic); }
public void LogWarning(string origin, DiagnosticId id, params string[] args) { MessageOrigin _origin = new MessageOrigin(origin); LogWarning(_origin, id, args); }
public static string AsString(this DiagnosticId diagnosticId) => $"IL{(int) diagnosticId}";
public void LogError(TypeSystemEntity origin, DiagnosticId id, params string[] args) => LogError(new MessageOrigin(origin), id, args);
/// <summary> /// Create a warning message. /// </summary> /// <param name="context">Context with the relevant warning suppression info.</param> /// <param name="origin">Filename or member where the warning is coming from</param> /// <param name="id">Unique warning ID. Please see https://github.com/dotnet/linker/blob/main/docs/error-codes.md /// for the list of warnings and possibly add a new one</param> /// <param name="args">Additional arguments to form a humanly readable message describing the warning</param> /// <returns>New MessageContainer of 'Warning' category</returns> internal static MessageContainer?CreateWarningMessage(Logger context, MessageOrigin origin, DiagnosticId id, params string[] args) { if (!((int)id > 2000 && (int)id <= 6000)) { throw new ArgumentOutOfRangeException(nameof(id), $"The provided code '{(int)id}' does not fall into the warning category, which is in the range of 2001 to 6000 (inclusive)."); } return(CreateWarningMessageContainer(context, origin, id, id.GetDiagnosticSubcategory(), args)); }
public static string ForDiagnostic(DiagnosticId diagnosticId) => $"https://code-cracker.github.io/diagnostics/{diagnosticId.ToDiagnosticId()}.html";
public Diagnostic(TextSpan textSpan, DiagnosticId diagnosticId, string message) : base(textSpan, message, DiagnosticFacts.GetSeverity(diagnosticId)) { DiagnosticId = diagnosticId; }
public override bool CanSuppress(SemanticModel model, SyntaxNode syntax, DiagnosticId ruleId) { var expressionSyntaxAnalyzer = SyntaxNodeAnalyzerFactory.Create(syntax); return(expressionSyntaxAnalyzer.CanSuppress(model, syntax, ruleId)); }
public Diagnostic(TextSpan textSpan, DiagnosticId diagnosticId, string message) { Span = textSpan; Message = message; DiagnosticId = diagnosticId; }
public bool IsVulnerable(SemanticModel model, AssignmentExpressionSyntax syntax, DiagnosticId ruleId) { if (!ContainsCertificateValidationCallback(syntax)) { return(false); } var symbol = ModelExtensions.GetSymbolInfo(model, syntax.Left).Symbol as IPropertySymbol; if (symbol == null) { return(false); } //TODO: only flagging those hard-coding a return value of true. Therefore could miss scenarios where the value is hardcoded in a const, config value. if (symbol.Name == "ServerCertificateValidationCallback" && symbol.ContainingType.Name == "ServicePointManager") { if (IsTrueLamdaExpression(syntax)) { return(true); } if (IsTrueDelegateMethod(syntax)) { return(true); } if (IsTrueMethod(model, syntax)) { return(true); } } return(false); }
public bool IsVulnerable(SemanticModel model, InvocationExpressionSyntax syntax, DiagnosticId ruleId) { if (!ContainsEfRawSqlCommands(syntax)) { return(false); } var symbol = model.GetSymbolInfo(syntax).Symbol as IMethodSymbol; if (!IsSymbolEfRawSqlCommand(symbol)) { return(false); } if (syntax.ArgumentList != null && syntax.ArgumentList.Arguments.Any()) { var commandTextArg = syntax.ArgumentList.Arguments[0].Expression; var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(commandTextArg); if (expressionAnalyzer.CanSuppress(model, commandTextArg, ruleId)) { return(false); } //Set source to analyze and return for further analysis Source = commandTextArg; return(true); } //Default return false return(false); }
public bool IsVulnerable(SemanticModel model, ObjectCreationExpressionSyntax syntax, DiagnosticId ruleId) { //Check for the type if (!ContainsTypeName(syntax)) { return(false); } //If we found it, verify the namespace var symbol = model.GetSymbolInfo(syntax).Symbol; if (!IsType(symbol)) { return(false); } return(true); }
public static void Report(this ICollection<Diagnostic> diagnostics, TextSpan textSpan, DiagnosticId diagnosticId, params object[] args) { var diagnostic = Diagnostic.Format(textSpan, diagnosticId, args); diagnostics.Add(diagnostic); }
public bool IsVulnerable(SemanticModel model, AssignmentExpressionSyntax syntax, DiagnosticId ruleId) { var leftSyntax = syntax?.Left as MemberAccessExpressionSyntax; if (leftSyntax == null || leftSyntax.Name.Identifier.ValueText.ToLower() != "text") { return(false); } var leftSymbol = model.GetSymbolInfo(leftSyntax).Symbol; if (!(leftSymbol != null && leftSymbol.ToString().StartsWith("System.Web.UI.WebControls.Literal.Text"))) { return(false); } var expressionAnalyzer = SyntaxNodeAnalyzerFactory.Create(syntax.Right); if (expressionAnalyzer.CanIgnore(model, syntax.Right)) { return(false); } if (expressionAnalyzer.CanSuppress(model, syntax.Right, ruleId)) { return(false); } return(true); }