public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState) { if (behavior != null || //Unknown API symbol == null || variableRightState.Taint != VariableTaint.Constant || Microsoft.CodeAnalysis.CSharp.CSharpExtensions.Kind(variableRightState.Node) != SyntaxKind.StringLiteralExpression || !IsPasswordField(symbol)) { return; } var constValue = state.AnalysisContext.SemanticModel.GetConstantValue(variableRightState.Node); if (constValue.HasValue && constValue.Value.Equals("")) { return; } var varSymbol = state.GetSymbol(variableRightState.Node); if (varSymbol != null && varSymbol.IsType("System.String.Empty")) { return; } var diagnostic = Diagnostic.Create(Rule, node.GetLocation()); state.AnalysisContext.ReportDiagnostic(diagnostic); }
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState) { if (behavior == null && //Unknown API (symbol != null && IsPasswordField(symbol)) && variableRightState.taint == VariableTaint.CONSTANT //Only constant ) { var diagnostic = Diagnostic.Create(Rule, node.GetLocation()); state.AnalysisContext.ReportDiagnostic(diagnostic); } }