private XmlReaderSettingsEnvironment AnalyzeObjectCreationForXmlReaderSettings(SyntaxNode node, SemanticModel model)
{
var env = new XmlReaderSettingsEnvironment(AreDefaultsSecure, XmlTypes.XmlReaderSettings, node);
foreach (SyntaxNode arg in SyntaxNodeHelper.GetObjectInitializerExpressionNodes(node))
{
SyntaxNode argLhs = SyntaxNodeHelper.GetAssignmentLeftNode(arg);
SyntaxNode argRhs = SyntaxNodeHelper.GetAssignmentRightNode(arg);
ISymbol argLhsSymbol = SyntaxNodeHelper.GetSymbol(argLhs, model);
if (SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(SyntaxNodeHelper.GetSymbol(argLhs, model), XmlTypes))
{
env.IsSecureResolver = SyntaxNodeHelper.NodeHasConstantValueNull(argRhs, model) ||
SecurityDiagnosticHelpers.IsXmlSecureResolverType(model.GetTypeInfo(argRhs).Type, XmlTypes);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(argLhsSymbol, XmlTypes))
{
env.IsDtdProcessingDisabled = !SyntaxNodeHelper.NodeHasConstantValue(argRhs, model, 2 /*DtdProcessing.Parse*/);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsProhibitDtdProperty(argLhsSymbol, XmlTypes))
{
env.IsDtdProcessingDisabled = !SyntaxNodeHelper.NodeHasConstantValue(argRhs, model, false);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(argLhsSymbol, XmlTypes))
{
env.IsMaxCharactersFromEntitiesLimited = !SyntaxNodeHelper.NodeHasConstantValue(argRhs, model, 0);
}
}
return(env);
}
private void AnalyzeObjectCreationForXmlReaderSettings(ISymbol variable, IObjectCreationExpression objCreation)
{
XmlReaderSettingsEnvironment xmlReaderSettingsEnv = new XmlReaderSettingsEnvironment(_isFrameworkSecure);
if (variable != null)
{
_xmlReaderSettingsEnvironments[variable] = xmlReaderSettingsEnv;
}
xmlReaderSettingsEnv.XmlReaderSettingsDefinition = objCreation.Syntax;
foreach (ISymbolInitializer init in objCreation.MemberInitializers)
{
var prop = init as IPropertyInitializer;
if (prop != null)
{
if (SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(
prop.InitializedProperty,
_xmlTypes)
)
{
IConversionExpression operation = prop.Value as IConversionExpression;
if (operation == null)
{
return;
}
if (SecurityDiagnosticHelpers.IsXmlSecureResolverType(operation.Operand.Type, _xmlTypes))
{
xmlReaderSettingsEnv.IsSecureResolver = true;
}
else if (SecurityDiagnosticHelpers.IsExpressionEqualsNull(operation.Operand))
{
xmlReaderSettingsEnv.IsSecureResolver = true;
}
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(prop.InitializedProperty, _xmlTypes))
{
xmlReaderSettingsEnv.IsDtdProcessingDisabled = !SecurityDiagnosticHelpers.IsExpressionEqualsDtdProcessingParse(prop.Value);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(prop.InitializedProperty, _xmlTypes))
{
xmlReaderSettingsEnv.IsMaxCharactersFromEntitiesLimited = !SecurityDiagnosticHelpers.IsExpressionEqualsIntZero(prop.Value);
}
}
}
}
private void AnalyzeAssignment(OperationAnalysisContext context)
{
IAssignmentExpression expression = context.Operation as IAssignmentExpression;
if (expression.Target == null)
{
return;
}
SemanticModel model = context.Compilation.GetSemanticModel(expression.Syntax.SyntaxTree);
var propRef = expression.Target as IPropertyReferenceExpression;
if (propRef == null) // A variable/field assignment
{
ISymbol symbolAssignedTo = expression.Target.Syntax.GetDeclaredOrReferencedSymbol(model);
if (symbolAssignedTo != null)
{
AnalyzeObjectCreationInternal(context, symbolAssignedTo, expression.Value);
}
}
else // A property assignment
{
if (propRef.Instance == null)
{
return;
}
ISymbol assignedSymbol = propRef.Instance.Syntax.GetDeclaredOrReferencedSymbol(model);
if (propRef.Property.MatchPropertyByName(_xmlTypes.XmlDocument, "XmlResolver"))
{
AnalyzeXmlResolverPropertyAssignmentForXmlDocument(context, assignedSymbol, expression);
}
else
{
bool isXmlTextReaderXmlResolverProperty =
SecurityDiagnosticHelpers.IsXmlTextReaderXmlResolverPropertyDerived(propRef.Property, _xmlTypes);
bool isXmlTextReaderDtdProcessingProperty = !isXmlTextReaderXmlResolverProperty &&
SecurityDiagnosticHelpers.IsXmlTextReaderDtdProcessingPropertyDerived(propRef.Property,_xmlTypes);
if (isXmlTextReaderXmlResolverProperty || isXmlTextReaderDtdProcessingProperty)
{
AnalyzeXmlTextReaderProperties(context, assignedSymbol, expression, isXmlTextReaderXmlResolverProperty,
isXmlTextReaderDtdProcessingProperty);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsType(propRef.Instance.Type, _xmlTypes))
{
XmlReaderSettingsEnvironment env;
if (!_xmlReaderSettingsEnvironments.TryGetValue(assignedSymbol, out env))
{
env = new XmlReaderSettingsEnvironment(_isFrameworkSecure);
_xmlReaderSettingsEnvironments[assignedSymbol] = env;
}
IConversionExpression conv = expression.Value as IConversionExpression;
if (conv != null && SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(propRef.Property, _xmlTypes))
{
if (SecurityDiagnosticHelpers.IsXmlSecureResolverType(conv.Operand.Type, _xmlTypes))
{
env.IsSecureResolver = true;
}
else if (SecurityDiagnosticHelpers.IsExpressionEqualsNull(conv.Operand))
{
env.IsSecureResolver = true;
}
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(propRef.Property, _xmlTypes))
{
env.IsDtdProcessingDisabled =
!SecurityDiagnosticHelpers.IsExpressionEqualsDtdProcessingParse(expression.Value);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(propRef.Property,
_xmlTypes))
{
env.IsMaxCharactersFromEntitiesLimited =
!SecurityDiagnosticHelpers.IsExpressionEqualsIntZero(expression.Value);
}
}
else
{
AnalyzeNeverSetProperties(context, propRef.Property, expression.Syntax.GetLocation());
}
}
}
}
private void AnalyzeObjectCreationForXmlReaderSettings(ISymbol variable, IObjectCreationExpression objCreation)
{
XmlReaderSettingsEnvironment xmlReaderSettingsEnv = new XmlReaderSettingsEnvironment(_isFrameworkSecure);
if (variable != null)
{
_xmlReaderSettingsEnvironments[variable] = xmlReaderSettingsEnv;
}
xmlReaderSettingsEnv.XmlReaderSettingsDefinition = objCreation.Syntax;
foreach (ISymbolInitializer init in objCreation.MemberInitializers)
{
var prop = init as IPropertyInitializer;
if (prop != null)
{
if (SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(
prop.InitializedProperty,
_xmlTypes)
)
{
IConversionExpression operation = prop.Value as IConversionExpression;
if (operation == null)
{
return;
}
if (SecurityDiagnosticHelpers.IsXmlSecureResolverType(operation.Operand.Type, _xmlTypes))
{
xmlReaderSettingsEnv.IsSecureResolver = true;
}
else if (SecurityDiagnosticHelpers.IsExpressionEqualsNull(operation.Operand))
{
xmlReaderSettingsEnv.IsSecureResolver = true;
}
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(prop.InitializedProperty, _xmlTypes))
{
xmlReaderSettingsEnv.IsDtdProcessingDisabled = !SecurityDiagnosticHelpers.IsExpressionEqualsDtdProcessingParse(prop.Value);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(prop.InitializedProperty, _xmlTypes))
{
xmlReaderSettingsEnv.IsMaxCharactersFromEntitiesLimited = !SecurityDiagnosticHelpers.IsExpressionEqualsIntZero(prop.Value);
}
}
}
}
private void AnalyzeAssignment(OperationAnalysisContext context)
{
IAssignmentExpression expression = context.Operation as IAssignmentExpression;
if (expression.Target == null)
{
return;
}
SemanticModel model = context.Compilation.GetSemanticModel(expression.Syntax.SyntaxTree);
var propRef = expression.Target as IPropertyReferenceExpression;
if (propRef == null) // A variable/field assignment
{
ISymbol symbolAssignedTo = expression.Target.Syntax.GetDeclaredOrReferencedSymbol(model);
if (symbolAssignedTo != null)
{
AnalyzeObjectCreationInternal(context, symbolAssignedTo, expression.Value);
}
}
else // A property assignment
{
ISymbol assignedSymbol = propRef.Instance.Syntax.GetDeclaredOrReferencedSymbol(model);
if (propRef.Property.MatchPropertyByName(_xmlTypes.XmlDocument, "XmlResolver"))
{
AnalyzeXmlResolverPropertyAssignmentForXmlDocument(context, assignedSymbol, expression);
}
else
{
bool isXmlTextReaderXmlResolverProperty = SecurityDiagnosticHelpers.IsXmlTextReaderXmlResolverPropertyDerived(propRef.Property, _xmlTypes);
bool isXmlTextReaderDtdProcessingProperty = !isXmlTextReaderXmlResolverProperty &&
SecurityDiagnosticHelpers.IsXmlTextReaderDtdProcessingPropertyDerived(propRef.Property, _xmlTypes);
if (isXmlTextReaderXmlResolverProperty || isXmlTextReaderDtdProcessingProperty)
{
AnalyzeXmlTextReaderProperties(context, assignedSymbol, expression, isXmlTextReaderXmlResolverProperty, isXmlTextReaderDtdProcessingProperty);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsType(propRef.Instance.Type, _xmlTypes))
{
XmlReaderSettingsEnvironment env;
if (!_xmlReaderSettingsEnvironments.TryGetValue(assignedSymbol, out env))
{
env = new XmlReaderSettingsEnvironment(_isFrameworkSecure);
_xmlReaderSettingsEnvironments[assignedSymbol] = env;
}
IConversionExpression conv = expression.Value as IConversionExpression;
if (conv != null && SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(
propRef.Property,
_xmlTypes)
)
{
if (SecurityDiagnosticHelpers.IsXmlSecureResolverType(conv.Operand.Type, _xmlTypes))
{
env.IsSecureResolver = true;
}
else if (SecurityDiagnosticHelpers.IsExpressionEqualsNull(conv.Operand))
{
env.IsSecureResolver = true;
}
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(propRef.Property, _xmlTypes))
{
env.IsDtdProcessingDisabled = !SecurityDiagnosticHelpers.IsExpressionEqualsDtdProcessingParse(expression.Value);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(propRef.Property, _xmlTypes))
{
env.IsMaxCharactersFromEntitiesLimited = !SecurityDiagnosticHelpers.IsExpressionEqualsIntZero(expression.Value);
}
}
else
{
AnalyzeNeverSetProperties(context, propRef.Property, expression.Syntax.GetLocation());
}
}
}
}
private void AnalyzeMethodOverloads(OperationAnalysisContext context, IMethodSymbol method, IHasArgumentsExpression expression)
{
if (method.MatchMethodDerivedByName(_xmlTypes.XmlDocument, SecurityMemberNames.Load) || //FxCop CA3056
method.MatchMethodDerivedByName(_xmlTypes.XmlDocument, SecurityMemberNames.LoadXml) || //FxCop CA3057
method.MatchMethodDerivedByName(_xmlTypes.XPathDocument, WellKnownMemberNames.InstanceConstructorName) || //FxCop CA3059
method.MatchMethodDerivedByName(_xmlTypes.XmlSchema, SecurityMemberNames.Read) || //FxCop CA3060
method.MatchMethodDerivedByName(_xmlTypes.DataSet, SecurityMemberNames.ReadXml) || //FxCop CA3063
method.MatchMethodDerivedByName(_xmlTypes.DataSet, SecurityMemberNames.ReadXmlSchema) || //FxCop CA3064
method.MatchMethodDerivedByName(_xmlTypes.XmlSerializer, SecurityMemberNames.Deserialize) || //FxCop CA3070
method.MatchMethodDerivedByName(_xmlTypes.DataTable, SecurityMemberNames.ReadXml) || //FxCop CA3071
method.MatchMethodDerivedByName(_xmlTypes.DataTable, SecurityMemberNames.ReadXmlSchema)) //FxCop CA3072
{
if (SecurityDiagnosticHelpers.HasXmlReaderParameter(method, _xmlTypes) < 0)
{
DiagnosticDescriptor rule = RuleDoNotUseInsecureDTDProcessing;
context.ReportDiagnostic(
Diagnostic.Create(
rule,
expression.Syntax.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.DoNotUseDtdProcessingOverloadsMessage),
method.Name
)
)
);
}
}
else if (method.MatchMethodDerivedByName(_xmlTypes.XmlReader, SecurityMemberNames.Create))
{
int xmlReaderSettingsIndex = SecurityDiagnosticHelpers.GetXmlReaderSettingsParameterIndex(method, _xmlTypes);
if (xmlReaderSettingsIndex < 0)
{
DiagnosticDescriptor rule = RuleDoNotUseInsecureDTDProcessing;
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
expression.Syntax.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateWrongOverloadMessage)
)
);
context.ReportDiagnostic(diag);
}
else
{
SemanticModel model = context.Compilation.GetSemanticModel(context.Operation.Syntax.SyntaxTree);
IArgument arg = expression.ArgumentsInParameterOrder[xmlReaderSettingsIndex];
ISymbol settingsSymbol = arg.Value.Syntax.GetDeclaredOrReferencedSymbol(model);
if (settingsSymbol == null)
{
return;
}
XmlReaderSettingsEnvironment env = null;
if (!_xmlReaderSettingsEnvironments.TryGetValue(settingsSymbol, out env))
{
// symbol for settings is not found => passed in without any change => assume insecure
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
expression.Syntax.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateInsecureInputMessage)
)
);
context.ReportDiagnostic(diag);
}
else if (!env.IsDtdProcessingDisabled && !(env.IsSecureResolver && env.IsMaxCharactersFromEntitiesLimited))
{
Diagnostic diag;
if (env.IsConstructedInCodeBlock)
{
diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
expression.Syntax.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateInsecureConstructedMessage)
)
);
}
else
{
diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
expression.Syntax.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateInsecureInputMessage)
)
);
}
context.ReportDiagnostic(diag);
}
}
}
}
//Note: False negative if integer is used to set DtdProcessing instead of enumeration
private void AnalyzeNodeForXmlReaderSettings(SyntaxNodeAnalysisContext context)
{
SyntaxNode node = context.Node;
SemanticModel model = context.SemanticModel;
SyntaxNode lhs = _syntaxNodeHelper.GetAssignmentLeftNode(node);
SyntaxNode rhs = _syntaxNodeHelper.GetAssignmentRightNode(node);
if (lhs == null || rhs == null)
{
return;
}
ISymbol lhsSymbol = SyntaxNodeHelper.GetSymbol(lhs, model);
if (lhsSymbol == null)
{
return;
}
CompilationSecurityTypes xmlTypes = _xmlTypes;
IMethodSymbol rhsMethodSymbol = _syntaxNodeHelper.GetCalleeMethodSymbol(rhs, model);
if (SecurityDiagnosticHelpers.IsXmlReaderSettingsCtor(rhsMethodSymbol, xmlTypes))
{
XmlReaderSettingsEnvironment env = new XmlReaderSettingsEnvironment(_isFrameworkSecure);
_xmlReaderSettingsEnvironments[lhsSymbol] = env;
env.XmlReaderSettingsDefinition = node;
env.EnclosingConstructSymbol = _syntaxNodeHelper.GetEnclosingConstructSymbol(node, model);
foreach (SyntaxNode arg in _syntaxNodeHelper.GetObjectInitializerExpressionNodes(rhs))
{
SyntaxNode argLhs = _syntaxNodeHelper.GetAssignmentLeftNode(arg);
SyntaxNode argRhs = _syntaxNodeHelper.GetAssignmentRightNode(arg);
ISymbol argLhsSymbol = SyntaxNodeHelper.GetSymbol(argLhs, model);
if (SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(argLhsSymbol, xmlTypes))
{
env.IsSecureResolver = SyntaxNodeHelper.NodeHasConstantValueNull(argRhs, model) ||
SecurityDiagnosticHelpers.IsXmlSecureResolverType(model.GetTypeInfo(argRhs).Type, xmlTypes);
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(argLhsSymbol, xmlTypes))
{
// since the default is always Prohibit, we only need update if it is set to Parse
if (SyntaxNodeHelper.GetSymbol(argRhs, model).MatchFieldByName(xmlTypes.DtdProcessing, SecurityMemberNames.Parse))
{
env.IsDtdProcessingDisabled = false;
}
}
else if (SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(argLhsSymbol, xmlTypes))
{
env.IsMaxCharactersFromEntitiesLimited = !SyntaxNodeHelper.NodeHasConstantValueIntZero(argRhs, model);
}
}
}
else if (lhsSymbol.Kind == SymbolKind.Property)
{
bool isXmlReaderSettingsXmlResolverProperty = SecurityDiagnosticHelpers.IsXmlReaderSettingsXmlResolverProperty(lhsSymbol, xmlTypes);
bool isXmlReaderSettingsDtdProcessingProperty = !isXmlReaderSettingsXmlResolverProperty &&
SecurityDiagnosticHelpers.IsXmlReaderSettingsDtdProcessingProperty(lhsSymbol, xmlTypes);
bool isXmlReaderSettingsMaxCharactersFromEntitiesProperty =
!(isXmlReaderSettingsXmlResolverProperty | isXmlReaderSettingsDtdProcessingProperty) &&
SecurityDiagnosticHelpers.IsXmlReaderSettingsMaxCharactersFromEntitiesProperty(lhsSymbol, xmlTypes);
if (isXmlReaderSettingsXmlResolverProperty |
isXmlReaderSettingsDtdProcessingProperty |
isXmlReaderSettingsMaxCharactersFromEntitiesProperty)
{
SyntaxNode lhsExpressionNode = _syntaxNodeHelper.GetMemberAccessExpressionNode(lhs);
if (lhsExpressionNode == null)
{
return;
}
ISymbol lhsExpressionSymbol = SyntaxNodeHelper.GetSymbol(lhsExpressionNode, model);
if (lhsExpressionSymbol == null)
{
return;
}
XmlReaderSettingsEnvironment env = null;
if (!_xmlReaderSettingsEnvironments.TryGetValue(lhsExpressionSymbol, out env))
{
// env.IsConstructedInCodeBlock is false
env = new XmlReaderSettingsEnvironment();
_xmlReaderSettingsEnvironments[lhsExpressionSymbol] = env;
}
ITypeSymbol rhsType = model.GetTypeInfo(rhs).Type;
if (isXmlReaderSettingsXmlResolverProperty)
{
env.IsSecureResolver = SyntaxNodeHelper.NodeHasConstantValueNull(rhs, model) ||
SecurityDiagnosticHelpers.IsXmlSecureResolverType(rhsType, xmlTypes);
}
else if (isXmlReaderSettingsDtdProcessingProperty)
{
env.IsDtdProcessingDisabled = !SyntaxNodeHelper.GetSymbol(rhs, model).MatchFieldByName(xmlTypes.DtdProcessing, SecurityMemberNames.Parse);
}
else
{
env.IsMaxCharactersFromEntitiesLimited = !SyntaxNodeHelper.NodeHasConstantValueIntZero(rhs, model);
}
}
}
}
private void AnalyzeNodeForDtdProcessingOverloads(SyntaxNodeAnalysisContext context)
{
SyntaxNode node = context.Node;
SemanticModel model = context.SemanticModel;
IMethodSymbol method = _syntaxNodeHelper.GetCalleeMethodSymbol(node, model);
if (method == null)
{
return;
}
CompilationSecurityTypes xmlTypes = _xmlTypes;
if (method.MatchMethodDerivedByName(xmlTypes.XmlDocument, SecurityMemberNames.Load) || //FxCop CA3056
method.MatchMethodDerivedByName(xmlTypes.XmlDocument, SecurityMemberNames.LoadXml) || //FxCop CA3057
method.MatchMethodDerivedByName(xmlTypes.XPathDocument, WellKnownMemberNames.InstanceConstructorName) || //FxCop CA3059
method.MatchMethodDerivedByName(xmlTypes.XmlSchema, SecurityMemberNames.Read) || //FxCop CA3060
method.MatchMethodDerivedByName(xmlTypes.DataSet, SecurityMemberNames.ReadXml) || //FxCop CA3063
method.MatchMethodDerivedByName(xmlTypes.DataSet, SecurityMemberNames.ReadXmlSchema) || //FxCop CA3064
method.MatchMethodDerivedByName(xmlTypes.XmlSerializer, SecurityMemberNames.Deserialize) || //FxCop CA3070
method.MatchMethodDerivedByName(xmlTypes.DataTable, SecurityMemberNames.ReadXml) || //FxCop CA3071
method.MatchMethodDerivedByName(xmlTypes.DataTable, SecurityMemberNames.ReadXmlSchema)) //FxCop CA3072
{
if (SecurityDiagnosticHelpers.HasXmlReaderParameter(method, xmlTypes) < 0)
{
DiagnosticDescriptor rule = RuleDoNotUseInsecureDTDProcessing;
context.ReportDiagnostic(
Diagnostic.Create(
rule,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.DoNotUseDtdProcessingOverloadsMessage),
SecurityDiagnosticHelpers.GetNonEmptyParentName(node, model),
method.Name)
)
);
}
}
// We assume the design of derived type are secure, per Rule CA9003
else if (method.MatchMethodByName(xmlTypes.XmlDocument, WellKnownMemberNames.InstanceConstructorName))
{
if (IsObjectConstructionForTemporaryObject(node)) // REVIEW: may be hard to check
{
bool isXmlDocumentSecureResolver = false;
foreach (SyntaxNode arg in _syntaxNodeHelper.GetObjectInitializerExpressionNodes(node))
{
SyntaxNode argLhs = _syntaxNodeHelper.GetAssignmentLeftNode(arg);
SyntaxNode argRhs = _syntaxNodeHelper.GetAssignmentRightNode(arg);
if (SecurityDiagnosticHelpers.IsXmlDocumentXmlResolverProperty(SyntaxNodeHelper.GetSymbol(argLhs, model), xmlTypes))
{
if (!(SyntaxNodeHelper.NodeHasConstantValueNull(argRhs, model) ||
SecurityDiagnosticHelpers.IsXmlSecureResolverType(model.GetTypeInfo(argRhs).Type, xmlTypes)))
{
// if XmlResolver property is explicitly set to an insecure value in initializer list,
// a warning would be generated when handling assignment of XmlDocument.XmlResolver
// AnalyzeNodeForXmlDocument method, so we ignore it here.
return;
}
else
{
isXmlDocumentSecureResolver = true;
}
}
}
if (!isXmlDocumentSecureResolver)
{
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlDocumentWithNoSecureResolverMessage),
_syntaxNodeHelper.GetEnclosingConstructSymbol(node, model).Name)
);
context.ReportDiagnostic(diag);
}
}
}
// We assume the design of derived type are secure, per Rule CA9003
else if (method.MatchMethodByName(xmlTypes.XmlTextReader, WellKnownMemberNames.InstanceConstructorName))
{
if (IsObjectConstructionForTemporaryObject(node)) // REVIEW: may be hard to check
{
bool isXmlTextReaderSecureResolver, isXmlTextReaderDtdProcessingDisabled;
isXmlTextReaderSecureResolver = isXmlTextReaderDtdProcessingDisabled = false;
foreach (SyntaxNode arg in _syntaxNodeHelper.GetObjectInitializerExpressionNodes(node))
{
SyntaxNode argLhs = _syntaxNodeHelper.GetAssignmentLeftNode(arg);
SyntaxNode argRhs = _syntaxNodeHelper.GetAssignmentRightNode(arg);
ISymbol symArgLhs = SyntaxNodeHelper.GetSymbol(argLhs, model);
if (SecurityDiagnosticHelpers.IsXmlTextReaderXmlResolverProperty(symArgLhs, xmlTypes))
{
if (!(SyntaxNodeHelper.NodeHasConstantValueNull(argRhs, model) ||
SecurityDiagnosticHelpers.IsXmlSecureResolverType(model.GetTypeInfo(argRhs).Type, xmlTypes)))
{
// Generate a warning whenever the XmlTextReader.XmlResolver property is set to an insecure value
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlTextReaderSetInsecureResolutionMessage),
_syntaxNodeHelper.GetEnclosingConstructSymbol(node, model).Name
)
);
context.ReportDiagnostic(diag);
return;
}
else
{
isXmlTextReaderSecureResolver = true;
}
}
else if (SecurityDiagnosticHelpers.IsXmlTextReaderDtdProcessingProperty(symArgLhs, xmlTypes))
{
if (SyntaxNodeHelper.GetSymbol(argRhs, model).MatchFieldByName(xmlTypes.DtdProcessing, SecurityMemberNames.Parse))
{
// Generate a warning whenever the XmlTextReader.DtdProcessing property is set to DtdProcessing.Parse
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlTextReaderSetInsecureResolutionMessage),
_syntaxNodeHelper.GetEnclosingConstructSymbol(node, model).Name
)
);
context.ReportDiagnostic(diag);
return;
}
else
{
isXmlTextReaderDtdProcessingDisabled = true;
}
}
}
if (!isXmlTextReaderSecureResolver || !isXmlTextReaderDtdProcessingDisabled)
{
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlTextReaderConstructedWithNoSecureResolutionMessage),
SecurityDiagnosticHelpers.GetNonEmptyParentName(node, model)
)
);
context.ReportDiagnostic(diag);
}
}
}
else if (method.MatchMethodDerivedByName(xmlTypes.XmlReader, SecurityMemberNames.Create))
{
int xmlReaderSettingsIndex = SecurityDiagnosticHelpers.HasXmlReaderSettingsParameter(method, xmlTypes);
if (xmlReaderSettingsIndex < 0) //FxCop CA3053:XmlReaderCreateWrongOverload
{
DiagnosticDescriptor rule = RuleDoNotUseInsecureDTDProcessing;
context.ReportDiagnostic(
Diagnostic.Create(
rule,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateWrongOverloadMessage),
SecurityDiagnosticHelpers.GetNonEmptyParentName(node, model)
)
)
);
}
else
{
SyntaxNode settingsNode = _syntaxNodeHelper.GetInvocationArgumentExpressionNodes(node).ElementAt(xmlReaderSettingsIndex);
ISymbol settingsSymbol = SyntaxNodeHelper.GetSymbol(settingsNode, model);
XmlReaderSettingsEnvironment env = null;
if (!_xmlReaderSettingsEnvironments.TryGetValue(settingsSymbol, out env))
{
// symbol for settings is not found => passed in without any change => assume insecure
Diagnostic diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateInsecureInputMessage),
SecurityDiagnosticHelpers.GetNonEmptyParentName(node, model)
)
);
context.ReportDiagnostic(diag);
}
else if (!env.IsDtdProcessingDisabled && !(env.IsSecureResolver & env.IsMaxCharactersFromEntitiesLimited))
{
Diagnostic diag;
if (env.IsConstructedInCodeBlock)
{
diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateInsecureConstructedMessage)
)
);
}
else
{
diag = Diagnostic.Create(
RuleDoNotUseInsecureDTDProcessing,
node.GetLocation(),
SecurityDiagnosticHelpers.GetLocalizableResourceString(
nameof(DesktopAnalyzersResources.XmlReaderCreateInsecureInputMessage)
)
);
}
context.ReportDiagnostic(diag);
}
}
}
}
