public override bool CanSuppress(SemanticModel model, SyntaxNode syntax, DiagnosticId ruleId)
{
var argumentSyntax = syntax as ArgumentSyntax;
if (argumentSyntax != null)
{
var parentOfArgumentSyntaxAnalyzer = SyntaxNodeAnalyzerFactory.Create(argumentSyntax.Parent);
if (parentOfArgumentSyntaxAnalyzer.CanSuppress(model, argumentSyntax.Parent, ruleId))
{
return true;
}
}
return base.CanSuppress(model, syntax, ruleId);
}
public override bool CanIgnore(SemanticModel model, SyntaxNode syntax)
{
var argumentSyntax = syntax as ArgumentSyntax;
if (argumentSyntax != null)
{
var parentOfArgumentSyntaxAnalyzer = SyntaxNodeAnalyzerFactory.Create(argumentSyntax.Parent);
if (parentOfArgumentSyntaxAnalyzer.CanIgnore(model, argumentSyntax.Parent))
{
return true;
}
}
return base.CanIgnore(model, syntax);
}
public override bool CanSuppress(SemanticModel model, SyntaxNode syntax, DiagnosticId ruleId)
{
var elementAccessExpressionSyntax = syntax as ElementAccessExpressionSyntax;
if (elementAccessExpressionSyntax != null)
{
var elementAccessExpressionExpressionSyntax = SyntaxNodeAnalyzerFactory.Create(elementAccessExpressionSyntax.Expression);
if (elementAccessExpressionExpressionSyntax.CanSuppress(model, elementAccessExpressionSyntax.Expression, ruleId))
{
return(true);
}
}
return(false);
}
public override bool CanIgnore(SemanticModel model, SyntaxNode syntax)
{
var elementAccessExpressionSyntax = syntax as ElementAccessExpressionSyntax;
if (elementAccessExpressionSyntax != null)
{
var elementAccessExpressionExpressionSyntax = SyntaxNodeAnalyzerFactory.Create(elementAccessExpressionSyntax.Expression);
if (elementAccessExpressionExpressionSyntax.CanIgnore(model, elementAccessExpressionSyntax.Expression))
{
return(true);
}
}
return(false);
}
public virtual void OnCompilationEnd(PumaCompilationAnalysisContext pumaContext)
{
var context = pumaContext.RosylnContext;
if (VulnerableSyntaxNodes.IsEmpty)
{
return;
}
foreach (var vulnerableSyntaxNode in VulnerableSyntaxNodes)
{
var canSuppress = false;
var sources = vulnerableSyntaxNode.Source;
foreach (var syntaxNode in sources)
{
var idsToMatchOn = syntaxNode.DescendantNodesAndSelf().OfType <IdentifierNameSyntax>();
foreach (var identifierNameSyntax in idsToMatchOn)
{
var containingBlock = syntaxNode.FirstAncestorOrSelf <MethodDeclarationSyntax>();
var idMatches = containingBlock
.DescendantNodes()
.OfType <IdentifierNameSyntax>()
.Where(p => p.Identifier.ValueText == syntaxNode.ToString())
.ToList <SyntaxNode>();
var declarationMatches = containingBlock
.DescendantNodes()
.OfType <VariableDeclaratorSyntax>()
.Where(p => p.Identifier.ValueText == identifierNameSyntax.ToString())
.Select(p => p.Initializer.Value)
.ToList <SyntaxNode>();
var matches = idMatches.Union(declarationMatches);
var idModel = context.Compilation.GetSemanticModel(syntaxNode.SyntaxTree);
foreach (var match in matches)
{
var indexNode = match.AncestorsAndSelf().FirstOrDefault();
while (!canSuppress && indexNode != containingBlock)
{
var nodeAnalyzer = SyntaxNodeAnalyzerFactory.Create(indexNode);
canSuppress = nodeAnalyzer.CanSuppress(idModel, indexNode, pumaContext.DiagnosticId);
indexNode = indexNode.Ancestors().FirstOrDefault();
}
if (canSuppress)
{
break;
}
}
if (canSuppress)
{
break;
}
}
if (canSuppress)
{
break;
}
}
vulnerableSyntaxNode.Suppressed = canSuppress;
}
}
public override bool CanSuppress(SemanticModel model, SyntaxNode syntax, DiagnosticId ruleId)
{
var expressionSyntaxAnalyzer = SyntaxNodeAnalyzerFactory.Create(syntax);
return(expressionSyntaxAnalyzer.CanSuppress(model, syntax, ruleId));
}
public override bool CanIgnore(SemanticModel model, SyntaxNode syntax)
{
var expressionSyntaxAnalyzer = SyntaxNodeAnalyzerFactory.Create(syntax);
return(expressionSyntaxAnalyzer.CanIgnore(model, syntax));
}
