public override void Initialize(AnalysisContext analysisContext) { // TODO: Make analyzer thread-safe //analysisContext.EnableConcurrentExecution(); // Security analyzer - analyze and report diagnostics in generated code. analysisContext.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.Analyze | GeneratedCodeAnalysisFlags.ReportDiagnostics); analysisContext.RegisterCompilationStartAction( (context) => { Compilation compilation = context.Compilation; var xmlTypes = new CompilationSecurityTypes(compilation); if (ReferencesAnyTargetType(xmlTypes)) { Version version = SecurityDiagnosticHelpers.GetDotNetFrameworkVersion(compilation); if (version != null) { context.RegisterOperationBlockStartAction( (c) => { RegisterAnalyzer(c, xmlTypes, version); }); } } }); }
protected override Analyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes) { Analyzer analyzer = new Analyzer(cryptTypes); context.RegisterSyntaxNodeAction(analyzer.AnalyzeNode, SyntaxKind.InvocationExpression, SyntaxKind.ObjectCreationExpression); return analyzer; }
private static bool ReferencesAnyTargetType(CompilationSecurityTypes types) { return types.DES != null || types.DSA != null || types.DSASignatureFormatter != null || types.HMACMD5 != null || types.RC2 != null || types.TripleDES != null || types.RIPEMD160 != null || types.HMACRIPEMD160 != null; }
public override void Initialize(AnalysisContext analysisContext) { analysisContext.RegisterCompilationStartAction( (context) => { var cryptTypes = new CompilationSecurityTypes(context.Compilation); if (ReferencesAnyTargetType(cryptTypes)) { GetAnalyzer(context, cryptTypes); } }); }
private void RegisterAnalyzer(OperationBlockStartAnalysisContext context, CompilationSecurityTypes types, Version frameworkVersion) { var analyzer = new OperationAnalyzer(types, frameworkVersion); context.RegisterOperationAction( analyzer.AnalyzeOperation, OperationKind.InvocationExpression, OperationKind.AssignmentExpression, OperationKind.VariableDeclaration, OperationKind.ObjectCreationExpression, OperationKind.FieldInitializerAtDeclaration ); context.RegisterOperationBlockEndAction( analyzer.AnalyzeOperationBlock ); }
public override void Initialize(AnalysisContext analysisContext) { analysisContext.EnableConcurrentExecution(); // Security analyzer - analyze and report diagnostics in generated code. analysisContext.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.Analyze | GeneratedCodeAnalysisFlags.ReportDiagnostics); analysisContext.RegisterCompilationStartAction( (context) => { var cryptTypes = new CompilationSecurityTypes(context.Compilation); if (ReferencesAnyTargetType(cryptTypes)) { GetAnalyzer(context, cryptTypes); } }); }
public override void Initialize(AnalysisContext analysisContext) { analysisContext.EnableConcurrentExecution(); analysisContext.ConfigureGeneratedCodeAnalysis(GeneratedCodeAnalysisFlags.Analyze); analysisContext.RegisterCompilationStartAction(compilationStartAnalysisContext => { var compilationTypes = new CompilationSecurityTypes(compilationStartAnalysisContext.Compilation); if (compilationTypes.HandleProcessCorruptedStateExceptionsAttribute == null) { return; } compilationStartAnalysisContext.RegisterOperationBlockAction(operationBlockAnalysisContext => { if (operationBlockAnalysisContext.OwningSymbol.Kind != SymbolKind.Method) { return; } var method = (IMethodSymbol) operationBlockAnalysisContext.OwningSymbol; if (!ContainsHandleProcessCorruptedStateExceptionsAttribute(method, compilationTypes)) { return; } foreach (var operation in operationBlockAnalysisContext.OperationBlocks) { var walker = new EmptyThrowInsideCatchAllWalker(compilationTypes); walker.Visit(operation); foreach (var catchClause in walker.CatchAllCatchClausesWithoutEmptyThrow) { operationBlockAnalysisContext.ReportDiagnostic(catchClause.Syntax.CreateDiagnostic(Rule, method.ToDisplayString())); } } }); }); }
public override void Initialize(AnalysisContext analysisContext) { analysisContext.RegisterCompilationStartAction( (context) => { Compilation compilation = context.Compilation; var xmlTypes = new CompilationSecurityTypes(compilation); if (ReferencesAnyTargetType(xmlTypes)) { Version version = SecurityDiagnosticHelpers.GetDotNetFrameworkVersion(compilation); if (version != null) { context.RegisterOperationBlockStartAction( (c) => { RegisterAnalyzer(c, xmlTypes, version); }); } } }); }
protected abstract SyntaxNodeAnalyzer GetAnalyzer(CodeBlockStartAnalysisContext <TLanguageKindEnum> context, CompilationSecurityTypes types);
protected abstract Analyzer GetAnalyzer(CompilationSecurityTypes compilationTypes, ISymbol owningSymbol, SyntaxNode codeBlock);
public static bool IsXsltSettingsTrustedXsltProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.TrustedXslt)); }
public static bool IsXmlTextReaderCtorDerived(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return method != null && method.MatchMethodDerivedByName(xmlTypes.XmlTextReader, WellKnownMemberNames.InstanceConstructorName); }
public static bool IsXmlReaderSettingsDtdProcessingProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.DtdProcessing); }
public Analyzer(CompilationSecurityTypes cryptTypes) { _cryptTypes = cryptTypes; }
public static bool IsXmlReaderType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes) { return symbol != null && symbol.DerivesFrom(xmlTypes.XmlReader, baseTypesOnly: true); }
public OperationAnalyzer(CompilationSecurityTypes xmlTypes, Version targetFrameworkVersion) { _xmlTypes = xmlTypes; _isFrameworkSecure = targetFrameworkVersion == null ? false : targetFrameworkVersion >= s_minSecureFxVersion; }
protected abstract SyntaxNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes);
protected override SymbolAndNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes types, Version targetFrameworkVersion) { SymbolAndNodeAnalyzer analyzer = new SymbolAndNodeAnalyzer(types, CSharpSyntaxNodeHelper.Default, targetFrameworkVersion); context.RegisterSyntaxNodeAction(analyzer.AnalyzeNode, SyntaxKind.MethodDeclaration, SyntaxKind.ConstructorDeclaration); return(analyzer); }
public static bool IsXsltSettingsEnableScriptProperty(IPropertySymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableScript)); }
public static int GetXmlReaderSettingsParameterIndex(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(GetSpecifiedParameterIndex(method, xmlTypes, IsXmlReaderSettingsType)); }
public static bool IsXslCompiledTransformLoad(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return method != null && method.MatchMethodByName(xmlTypes.XslCompiledTransform, SecurityMemberNames.Load); }
private static bool ReferencesAnyTargetType(CompilationSecurityTypes types) { return types.XmlDocument != null || types.XmlNode != null || types.XmlReader != null || types.XmlTextReader != null || types.XPathDocument != null || types.XmlSchema != null || types.DataSet != null || types.DataTable != null || types.DataViewManager != null || types.XmlSerializer != null; }
public static bool IsXmlReaderSettingsType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes) { return symbol == xmlTypes.XmlReaderSettings; }
public SyntaxNodeAnalyzer(CompilationSecurityTypes cryptTypes) { _cryptTypes = cryptTypes; }
private static int HasSpecifiedParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes, Func<ITypeSymbol, CompilationSecurityTypes, bool> func) { int index = -1; if (method == null) { return index; } for (int i = 0; i < method.Parameters.Length; i++) { ITypeSymbol parameter = method.Parameters[i].Type; if (func(parameter, xmlTypes)) { index = i; break; } } return index; }
protected override SyntaxNodeAnalyzer GetAnalyzer(CodeBlockStartAnalysisContext <SyntaxKind> context, CompilationSecurityTypes types) { SyntaxNodeAnalyzer analyzer = new SyntaxNodeAnalyzer(types, CSharpSyntaxNodeHelper.Default); context.RegisterSyntaxNodeAction( analyzer.AnalyzeNode, SyntaxKind.InvocationExpression, SyntaxKind.ObjectCreationExpression, SyntaxKind.SimpleAssignmentExpression, SyntaxKind.VariableDeclarator); return(analyzer); }
public static bool IsXmlTextReaderXmlResolverProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedProperty(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.XmlResolver); }
public static bool IsXsltSettingsEnableScriptProperty(IPropertySymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableScript); }
public static bool IsXsltSettingsCtor(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return method != null && method.MatchMethodByName(xmlTypes.XsltSettings, WellKnownMemberNames.InstanceConstructorName); }
protected abstract SymbolAndNodeAnalyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes types, Version targetFrameworkVersion);
public static bool IsXsltSettingsCtor(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(method != null && method.MatchMethodByName(xmlTypes.XsltSettings, WellKnownMemberNames.InstanceConstructorName)); }
protected override Analyzer GetAnalyzer(CompilationStartAnalysisContext context, CompilationSecurityTypes cryptTypes) { Analyzer analyzer = new Analyzer(cryptTypes); context.RegisterSyntaxNodeAction(analyzer.AnalyzeNode, SyntaxKind.InvocationExpression, SyntaxKind.ObjectCreationExpression); return(analyzer); }
protected abstract void RegisterAnalyzer(CodeBlockStartAnalysisContext <TLanguageKindEnum> context, CompilationSecurityTypes types, Version targetFrameworkVersion);
public static int GetXmlReaderSettingsParameterIndex(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return GetSpecifiedParameterIndex(method, xmlTypes, IsXmlReaderSettingsType); }
public static bool IsXslCompiledTransformLoad(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(method != null && method.MatchMethodByName(xmlTypes.XslCompiledTransform, SecurityMemberNames.Load)); }
private static bool ReferencesAnyTargetType(CompilationSecurityTypes types) { return(types.XmlDocument != null || types.XmlTextReader != null); }
public static bool IsXsltSettingsEnableDocumentFunctionProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableDocumentFunction)); }
public SymbolAndNodeAnalyzer(CompilationSecurityTypes xmlTypes, SyntaxNodeHelper helper, Version targetFrameworkVersion) { _xmlTypes = xmlTypes; _syntaxNodeHelper = helper; _isFrameworkSecure = targetFrameworkVersion == null ? false : targetFrameworkVersion >= SymbolAndNodeAnalyzer.s_minSecureFxVersion; }
public static bool IsXmlReaderSettingsType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes) { return(symbol == xmlTypes.XmlReaderSettings); }
public static int HasXsltSettingsParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(HasSpecifiedParameter(method, xmlTypes, IsXsltSettingsType)); }
public SyntaxNodeAnalyzer(CompilationSecurityTypes xmlTypes, SyntaxNodeHelper helper) { _xmlTypes = xmlTypes; _syntaxNodeHelper = helper; }
public static bool IsXmlReaderType(ITypeSymbol symbol, CompilationSecurityTypes xmlTypes) { return(symbol != null && symbol.DerivesFrom(xmlTypes.XmlReader, baseTypesOnly: true)); }
public static bool IsXsltSettingsEnableDocumentFunctionProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.EnableDocumentFunction); }
public static int HasXmlReaderParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(HasSpecifiedParameter(method, xmlTypes, IsXmlReaderType)); }
public static int HasXsltSettingsParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return HasSpecifiedParameter(method, xmlTypes, IsXsltSettingsType); }
public static bool IsXmlDocumentXmlResolverPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlDocument, SecurityMemberNames.XmlResolver)); }
public static int HasXmlReaderParameter(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return HasSpecifiedParameter(method, xmlTypes, IsXmlReaderType); }
public static bool IsXmlTextReaderCtorDerived(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(method != null && method.MatchMethodDerivedByName(xmlTypes.XmlTextReader, WellKnownMemberNames.InstanceConstructorName)); }
public static bool IsXmlDocumentXmlResolverPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlDocument, SecurityMemberNames.XmlResolver); }
public static bool IsXmlTextReaderDtdProcessingPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.DtdProcessing)); }
public static bool IsXmlTextReaderDtdProcessingPropertyDerived(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedPropertyDerived(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.DtdProcessing); }
public static bool IsXmlTextReaderXmlResolverProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedProperty(symbol, xmlTypes.XmlTextReader, SecurityMemberNames.XmlResolver)); }
public static bool IsXmlReaderCreate(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return method != null && method.MatchMethodByName(xmlTypes.XmlReader, SecurityMemberNames.Create); }
public static bool IsXmlReaderCreate(IMethodSymbol method, CompilationSecurityTypes xmlTypes) { return(method != null && method.MatchMethodByName(xmlTypes.XmlReader, SecurityMemberNames.Create)); }
public static bool IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.MaxCharactersFromEntities); }
public static bool IsXmlReaderSettingsDtdProcessingProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.DtdProcessing)); }
public static bool IsXsltSettingsTrustedXsltProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return IsSpecifiedProperty(symbol, xmlTypes.XsltSettings, SecurityMemberNames.TrustedXslt); }
public static bool IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(ISymbol symbol, CompilationSecurityTypes xmlTypes) { return(IsSpecifiedProperty(symbol, xmlTypes.XmlReaderSettings, SecurityMemberNames.MaxCharactersFromEntities)); }