public async Task TransferPathInitializerSafe()
{
var cSharpTest = @"
using System.IO;
class PathTraversal
{
public static void Run()
{
File.WriteAllBytes(""a.txt"", new MemoryStream {Capacity = 10}.ToArray());
}
}
";
var visualBasicTest = @"
Imports System.IO
Class PathTraversal
Public Shared Sub Run()
File.WriteAllBytes(""a.txt"", new MemoryStream With {.Capacity = 10}.ToArray())
End Sub
End Class
";
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task HardCodedInitializer()
{
var cSharpTest = @"
using System;
namespace VulnerableApp
{
class HardCodedPassword
{
static void TestCookie()
{
var uri = new UriBuilder {Port = 443};
}
}
}
";
var visualBasicTest = @"
Imports System
Namespace VulnerableApp
Class HardCodedPassword
Private Shared Sub TestCookie()
Dim uri = New UriBuilder With {.Port = 443}
End Sub
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest, null, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
}
public async Task RecursiveStateAssignment()
{
var cSharpTest = @"
namespace sample
{
class TestClass
{
public TestClass child;
public TestClass foo() { return null; }
public TestClass foo2() { return null; }
public void Run()
{
TestClass b = new TestClass();
TestClass a;
a = b.foo();
a.child = b.foo2();
}
}
}
";
var visualBasicTest = @"
Namespace sample
Friend Class TestClass
Public child As TestClass
Public Function foo() As TestClass
Return Nothing
End Function
Public Function foo2() As TestClass
Return Nothing
End Function
Public Sub Run()
Dim b As TestClass = New TestClass()
Dim a As TestClass
a = b.foo()
a.child = b.foo2()
End Sub
End Class
End Namespace
";
// should not throw
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task SelfTaintAssignment()
{
var cSharpTest = @"
namespace sample
{
class MyFoo
{
int x = 1;
int y = 0;
void foo()
{
}
public static void Run(MyFoo[] aa)
{
foreach(var a in aa)
{
a.foo();
a.x = a.y;
}
}
}
}
";
var visualBasicTest = @"
Namespace sample
Friend Class MyFoo
Private x As Integer = 1
Private y As Integer = 0
Private Sub foo()
End Sub
Public Shared Sub Run(ByVal aa As MyFoo())
For Each a In aa
a.foo()
a.x = a.y
Next
End Sub
End Class
End Namespace
";
// should not throw
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task SelfTaintAssignment2()
{
var cSharpTest = @"
namespace sample
{
class B
{
public A z = null;
}
class A
{
public B y = null;
public static void Run()
{
A x = null;
x.y.z = x;
var a = x;
a.y = null;
}
}
}
";
var visualBasicTest = @"
Namespace sample
Friend Class MyFoo
Private x As Integer = 1
Private y As Integer = 0
Private Sub foo()
End Sub
Public Shared Sub Run(ByVal aa As MyFoo())
For Each a In aa
a.foo()
a.x = a.y
Next
End Sub
End Class
End Namespace
";
// should not throw
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task HardCodePasswordInitializerFromConstMemberFlow()
{
var cSharpTest = @"
using System;
namespace VulnerableApp
{
class HardCodedPassword
{
const string PWD = ""t0ps3cr3t"";
static void Run()
{
TestCookie(PWD);
}
static void TestCookie(string pwd)
{
var uri = new UriBuilder {Password = pwd};
}
}
}
";
var visualBasicTest = @"
Imports System
Namespace VulnerableApp
Class HardCodedPassword
Const PWD As String = ""t0ps3cr3t""
Private Shared Sub Run()
TestCookie(PWD)
End Sub
Private Shared Sub TestCookie(ByVal pwd As String)
Dim uri = New UriBuilder With {
.Password = pwd
}
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = "SCS0015",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
}
public async Task TransferStringJoinSafe2(string dataType, bool isMethodGeneric)
{
var cSharpTest = $@"
using System;
using System.Data.SqlClient;
#pragma warning disable 8019
using System.Collections.Generic;
#pragma warning restore 8019
namespace sample
{{
class SqlConstant
{{
public static void Run()
{{
IEnumerable<{dataType}> array = new []{{""aaa"", ""bbb""}};
new SqlCommand(String.Join{(isMethodGeneric ? $"<{dataType}>" : "")}("" "", array));
}}
}}
}}
";
dataType = dataType.CSharpReplaceToVBasic();
var visualBasicTest = $@"
Imports System.Data.SqlClient
#Disable Warning BC50001
Imports System.Collections.Generic
#Enable Warning BC50001
Namespace sample
Class SqlConstant
Public Shared Sub Run()
Dim array As IEnumerable(Of {dataType}) = {{""aaa"", ""bbb""}}
Dim com As New SqlCommand(String.Join{(isMethodGeneric ? $"(Of {dataType})" : "")}("" "", array))
End Sub
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task HardCodePasswordInitializerFromConstMemberFlowPlusNonConst()
{
var cSharpTest = @"
using System;
namespace VulnerableApp
{
class HardCodedPassword
{
const string PWD = ""t0ps3cr3t"";
static void Run(string input)
{
TestCookie(PWD + input);
}
static void TestCookie(string pwd)
{
var uri = new UriBuilder {Password = pwd};
}
}
}
";
var visualBasicTest = @"
Imports System
Namespace VulnerableApp
Class HardCodedPassword
Const PWD As String = ""t0ps3cr3t""
Private Shared Sub Run(input As String)
TestCookie(PWD + input)
End Sub
Private Shared Sub TestCookie(ByVal pwd As String)
Dim uri = New UriBuilder With {
.Password = pwd
}
End Sub
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest, null, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
}
public async Task SelfTaintAssignment3()
{
var cSharpTest = @"
namespace sample
{
class A
{
public A y = null;
public static void Run()
{
A x = null;
x.y = x;
}
}
}
";
var visualBasicTest = @"
Namespace sample
Class A
Public y As A = Nothing
Public Shared Sub Run()
Dim x As A = Nothing
x.y = x
End Sub
End Class
End Namespace
";
// should not throw
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task HardCodePasswordAssignment()
{
var cSharpTest = @"
using System;
namespace VulnerableApp
{
class HardCodedPassword
{
static void TestCookie()
{
var uri = new UriBuilder();
uri.Password = ""t0ps3cr3t"";
}
}
}
";
var visualBasicTest = @"
Imports System
Namespace VulnerableApp
Class HardCodedPassword
Private Shared Sub TestCookie()
Dim uri = New UriBuilder()
uri.Password = ""t0ps3cr3t""
End Sub
End Class
End Namespace
";
var expected = new DiagnosticResult
{
Id = "SCS0015",
Severity = DiagnosticSeverity.Warning
};
await VerifyCSharpDiagnostic(cSharpTest, expected, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, expected, await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
}
public async Task TransferStringConstructorSafe()
{
var cSharpTest = @"
using System.Data.SqlClient;
class SqlTransferTesting
{
public static void Run()
{
new SqlCommand(new string(new []{'t'}));
new SqlCommand(new string(new []{'t'}, 0, 3));
}
}
";
var visualBasicTest = @"
Imports System.Data.SqlClient
Class SqlTransferTesting
Public Shared Sub Run()
Dim chars1 = {""t""c, ""e""c}
Dim safeQuery As String = New String(chars1)
Dim com1 As New SqlCommand(safeQuery)
safeQuery = New String(chars1, 0, 3)
Dim com2 As New SqlCommand(safeQuery)
End Sub
End Class
";
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task TransferPathSafe(string method)
{
var cSharpTest = $@"
using System.IO;
class PathTraversal
{{
public static void Run()
{{
#pragma warning disable 618
{method};
#pragma warning restore 618
}}
}}
";
method = method.CSharpReplaceToVBasic();
var visualBasicTest = $@"
Imports System.IO
Class PathTraversal
Public Shared Sub Run()
#Disable Warning BC40000
{method}
#Enable Warning BC40000
End Sub
End Class
";
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task TransferSqlInitializerSafe()
{
var cSharpTest = @"
using System.Data.SqlClient;
namespace sample
{
class MyFoo
{
public static void Run()
{
var sqlCommand = new SqlCommand {CommandText = ""select * from Products""};
}
}
}
";
var visualBasicTest = @"
Imports System.Data.SqlClient
Namespace sample
Class MyFoo
Public Shared Sub Run()
Dim com As New SqlCommand With {.CommandText = ""select * from Products""}
End Sub
End Class
End Namespace
";
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
var auditConfig = await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, null, auditConfig).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, null, auditConfig).ConfigureAwait(false);
}
public async Task LdapInjection(string sink, string warningId = null, int count = 1)
{
var cSharpTest = $@"
#pragma warning disable 8019
using System.DirectoryServices;
using System.Web.Mvc;
#pragma warning restore 8019
namespace sample
{{
public class MyFooController : Controller
{{
public void Run(string input, string[] propertiesToLoad, DirectoryEntry entry, SearchScope scope)
{{
var temp = {sink};
}}
}}
}}
";
var visualBasicTest = $@"
#Disable Warning BC50001
Imports System.DirectoryServices
Imports System.Web.Mvc
#Enable Warning BC50001
Namespace sample
Public Class MyFooController
Inherits Controller
Public Sub Run(input As System.String, propertiesToLoad() As System.String, entry As DirectoryEntry, scope As SearchScope )
Dim temp = {sink.CSharpReplaceToVBasic()}
End Sub
End Class
End Namespace
";
if (warningId != null)
{
var expected = new DiagnosticResult
{
Id = warningId,
Severity = DiagnosticSeverity.Warning,
};
await VerifyCSharpDiagnostic(cSharpTest, Enumerable.Repeat(expected, count).ToArray()).ConfigureAwait(false);
await VerifyCSharpDiagnostic(cSharpTest, Enumerable.Repeat(expected, count).ToArray(), await AuditTest.GetAuditModeConfigOptions().ConfigureAwait(false)).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest, Enumerable.Repeat(expected, count).ToArray()).ConfigureAwait(false);
}
else
{
await VerifyCSharpDiagnostic(cSharpTest).ConfigureAwait(false);
await VerifyVisualBasicDiagnostic(visualBasicTest).ConfigureAwait(false);
}
}
