public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId) { var syntax = context.Node as AssignmentExpressionSyntax; if (_handlerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax, ruleId)) { if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } } if (_servicePointManagerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax, ruleId)) { if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } } if (_requestCertificateValidationExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId)) { if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } } }
public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId) { var syntax = context.Node as AssignmentExpressionSyntax; if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId)) { return; } if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.Left.GetLocation())) { VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax)); } }