public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node,
ExecutionState state,
MethodBehavior behavior,
ISymbol symbol,
VariableState variableRightState)
{
if (behavior != null || //Unknown API
symbol == null ||
variableRightState.Taint != VariableTaint.Constant ||
Microsoft.CodeAnalysis.CSharp.CSharpExtensions.Kind(variableRightState.Node) != SyntaxKind.StringLiteralExpression ||
!IsPasswordField(symbol))
{
return;
}
var constValue = state.AnalysisContext.SemanticModel.GetConstantValue(variableRightState.Node);
if (constValue.HasValue && constValue.Value.Equals(""))
{
return;
}
var varSymbol = state.GetSymbol(variableRightState.Node);
if (varSymbol != null && varSymbol.IsType("System.String.Empty"))
{
return;
}
var diagnostic = Diagnostic.Create(Rule, node.GetLocation());
state.AnalysisContext.ReportDiagnostic(diagnostic);
}
public override void VisitAssignment(CSharpSyntax.AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState)
{
if (behavior == null && //Unknown API
(symbol != null && IsPasswordField(symbol)) &&
variableRightState.taint == VariableTaint.CONSTANT //Only constant
)
{
var diagnostic = Diagnostic.Create(Rule, node.GetLocation());
state.AnalysisContext.ReportDiagnostic(diagnostic);
}
}