public void VisitAssignment(AssignmentExpressionSyntax node, ExecutionState state, MethodBehavior behavior, ISymbol symbol, VariableState variableRightState)
{
//Looking for Assigment to Secure or HttpOnly property
var assigment = node;
if (assigment.Left is MemberAccessExpressionSyntax)
{
var memberAccess = (MemberAccessExpressionSyntax)assigment.Left;
if (memberAccess.Expression is IdentifierNameSyntax)
{
var identifier = (IdentifierNameSyntax)memberAccess.Expression;
string variableAccess = identifier.Identifier.ValueText;
if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", "Secure"))
{
state.AddTag(variableAccess, VariableTag.HttpCookieSecure);
}
else if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", "HttpOnly"))
{
state.AddTag(variableAccess, VariableTag.HttpCookieHttpOnly);
}
}
}
}
private void VisitNodeRecursively(SyntaxNode node, ExecutionState state)
{
//Looking for the creation of a cookie (HttpCookie)
if (node is VariableDeclaratorSyntax)
{
var variableDecorator = (VariableDeclaratorSyntax)node;
var expressionValue = variableDecorator.Initializer?.Value;
if (expressionValue is ObjectCreationExpressionSyntax)
{
var objCreation = (ObjectCreationExpressionSyntax)expressionValue;
var symbol = state.GetSymbol(objCreation);
if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", ".ctor"))
{
state.AddNewValue(variableDecorator.Identifier.Text, //
new VariableState(VariableTaint.SAFE) //
.AddTag(VariableTag.HttpCookie) //
.AddSyntaxNode(node));
}
}
}
//Looking for Assigment to Secure or HttpOnly property
else if (node is AssignmentExpressionSyntax)
{
var assigment = (AssignmentExpressionSyntax)node;
if (assigment.Left is MemberAccessExpressionSyntax)
{
var memberAccess = (MemberAccessExpressionSyntax)assigment.Left;
if (memberAccess.Expression is IdentifierNameSyntax)
{
var identifier = (IdentifierNameSyntax)memberAccess.Expression;
string variableAccess = identifier.Identifier.ValueText;
var symbol = state.GetSymbol(memberAccess);
if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", "Secure"))
{
state.AddTag(variableAccess, VariableTag.HttpCookieSecure);
}
else if (AnalyzerUtil.SymbolMatch(symbol, "HttpCookie", "HttpOnly"))
{
state.AddTag(variableAccess, VariableTag.HttpCookieHttpOnly);
}
}
}
}
foreach (var n in node.ChildNodes())
{
VisitNodeRecursively(n, state);
}
}