public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as AssignmentExpressionSyntax;

            if (_handlerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax));
                }
            }

            if (_servicePointManagerCertificateValidationExpression.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax));
                }
            }

            if (_requestCertificateValidationExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax));
                }
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            if (context.Node is AssignmentExpressionSyntax syntax)
            {
                if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
                    return;

                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax.GetLocation()))
                    VulnerableSyntaxNodes.Push(new VulnerableSyntaxNode(syntax));
            }
        }
示例#3
0
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as ClassDeclarationSyntax;

            foreach (SyntaxNode node in _mvcCoreAuthorizeExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != node.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(new VulnerableSyntaxNode(node));
                }
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as InvocationExpressionSyntax;

            if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                return;
            }

            if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
            {
                VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax));
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as ObjectCreationExpressionSyntax;

            if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                return;
            }

            if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
            {
                VulnerableSyntaxNodes.Push(new VulnerableSyntaxNode(syntax, _expressionSyntaxAnalyzer.Sources.ToImmutableArray()));
            }
        }
示例#6
0
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as MethodDeclarationSyntax;

            if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax))
            {
                return;
            }

            if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
            {
                VulnerableSyntaxNodes.Push(new VulnerableSyntaxNode(syntax.ReturnType));
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            //Standard object creation expression
            if (context.Node is MemberAccessExpressionSyntax syntax)
            {
                if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
                {
                    return;
                }

                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(new VulnerableSyntaxNode(syntax));
                }
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as InvocationExpressionSyntax;

            if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                return;
            }

            //TODO: NEEDS A CUSTOM IMPLEMENTATION TO CHECK IF PARM1 STARTS W/ A NON-TAINTED VALUE.
            //E.G. CONFIGSETTING + Request PARM IS OK / FALSE POSITIVE
            //TODO: NEEDS CLEANSE METHOD AS WELL
            if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
            {
                VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax));
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as MethodDeclarationSyntax;

            //Grab the method's return type for the location value
            var returnType = syntax.GetMethodReturnType();

            if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax, returnType))
            {
                return;
            }

            if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != returnType?.GetLocation()))
            {
                VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(returnType));
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as ObjectCreationExpressionSyntax;

            if (!_expressionSyntaxAnalyzer.IsVulnerable(context.SemanticModel, syntax))
            {
                return;
            }

            if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax.GetLocation()))
            {
                VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax,
                                                                               RuleOptions.PasswordComplexityMinPasswordLength.ToString(),
                                                                               RuleOptions.PasswordComplexityRequireNumber.ToString(),
                                                                               RuleOptions.PasswordComplexityRequireLowerCharacter.ToString(),
                                                                               RuleOptions.PasswordComplexityRequireUpperCharacter.ToString(),
                                                                               RuleOptions.PasswordComplexityRequireSpecialCharcter.ToString()));
            }
        }
        public override void GetSinks(SyntaxNodeAnalysisContext context, DiagnosticId ruleId)
        {
            var syntax = context.Node as InvocationExpressionSyntax;

            if (_fileReadExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax, "file read"));
                }
            }

            if (_fileWriteExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax, "file write"));
                }
            }

            if (_fileOpenExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax, "file open"));
                }
            }

            if (_fileDeleteExpressionAnalyzer.IsVulnerable(context.SemanticModel, syntax, ruleId))
            {
                if (VulnerableSyntaxNodes.All(p => p.Sink.GetLocation() != syntax?.GetLocation()))
                {
                    VulnerableSyntaxNodes.Push(_vulnerableSyntaxNodeFactory.Create(syntax, "file delete"));
                }
            }
        }