Merge pull request github#3257 from hvitved/csharp/dataflow/tests

C#: Update data flow tests

Author: hvitved

csharp/ql/src/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll

@@ -755,6 +755,11 @@ class IEnumerableFlow extends LibraryTypeDataFlow {
         sink = TCallableFlowSinkReturn()
       )
       or
+      name = "AsQueryable" and
+      arity = 1 and
+      source = TCallableFlowSourceArg(0) and
+      sink = TCallableFlowSinkReturn()
+      or
       name = "Average" and
       (
         arity = 2 and

csharp/ql/test/library-tests/dataflow/global/DataFlow.expected

@@ -28,15 +28,15 @@
 | GlobalDataFlow.cs:181:15:181:19 | access to local variable sink9 |
 | GlobalDataFlow.cs:190:15:190:20 | access to local variable sink10 |
 | GlobalDataFlow.cs:198:15:198:20 | access to local variable sink19 |
-| GlobalDataFlow.cs:237:15:237:24 | access to parameter sinkParam0 |
-| GlobalDataFlow.cs:242:15:242:24 | access to parameter sinkParam1 |
-| GlobalDataFlow.cs:247:15:247:24 | access to parameter sinkParam3 |
-| GlobalDataFlow.cs:252:15:252:24 | access to parameter sinkParam4 |
-| GlobalDataFlow.cs:257:15:257:24 | access to parameter sinkParam5 |
-| GlobalDataFlow.cs:262:15:262:24 | access to parameter sinkParam6 |
-| GlobalDataFlow.cs:267:15:267:24 | access to parameter sinkParam7 |
-| GlobalDataFlow.cs:381:15:381:20 | access to local variable sink11 |
-| GlobalDataFlow.cs:404:41:404:46 | access to local variable sink20 |
+| GlobalDataFlow.cs:239:15:239:24 | access to parameter sinkParam0 |
+| GlobalDataFlow.cs:244:15:244:24 | access to parameter sinkParam1 |
+| GlobalDataFlow.cs:249:15:249:24 | access to parameter sinkParam3 |
+| GlobalDataFlow.cs:254:15:254:24 | access to parameter sinkParam4 |
+| GlobalDataFlow.cs:259:15:259:24 | access to parameter sinkParam5 |
+| GlobalDataFlow.cs:264:15:264:24 | access to parameter sinkParam6 |
+| GlobalDataFlow.cs:269:15:269:24 | access to parameter sinkParam7 |
+| GlobalDataFlow.cs:383:15:383:20 | access to local variable sink11 |
+| GlobalDataFlow.cs:406:41:406:46 | access to local variable sink20 |
 | Splitting.cs:9:15:9:15 | [b (line 3): false] access to local variable x |
 | Splitting.cs:9:15:9:15 | [b (line 3): true] access to local variable x |
 | Splitting.cs:11:19:11:19 | access to local variable x |

csharp/ql/test/library-tests/dataflow/global/DataFlowEdges.expected

@@ -77,17 +77,17 @@ public void M()
         var sink3 = "";
         ReturnRef(sink2, ref sink3, ref sink3);
         Check(sink3);
-        var sink13 = ((IEnumerable<string>)new string[] { sink3 }).SelectEven(x => x);
+        var sink13 = ((IEnumerable<string>)new string[] { sink3 }).SelectEven(x => x).First();
         Check(sink13);
-        var sink14 = ((IEnumerable<string>)new string[] { sink13.First() }).Select(ReturnCheck);
+        var sink14 = ((IEnumerable<string>)new string[] { sink13 }).Select(ReturnCheck).First();
         Check(sink14);
-        var sink15 = ((IEnumerable<string>)new string[] { sink14.First() }).Zip(((IEnumerable<string>)new string[] { "" }), (x, y) => x);
+        var sink15 = ((IEnumerable<string>)new string[] { sink14 }).Zip(((IEnumerable<string>)new string[] { "" }), (x, y) => x).First();
         Check(sink15);
-        var sink16 = ((IEnumerable<string>)new string[] { "" }).Zip(((IEnumerable<string>)new string[] { sink15.First() }), (x, y) => y);
+        var sink16 = ((IEnumerable<string>)new string[] { "" }).Zip(((IEnumerable<string>)new string[] { sink15 }), (x, y) => y).First();
         Check(sink16);
-        var sink17 = sink14.Aggregate("", (acc, s) => acc + s, x => x);
+        var sink17 = ((IEnumerable<string>)new string[] { sink14 }).Aggregate("", (acc, s) => acc + s, x => x);
         Check(sink17);
-        var sink18 = ((IEnumerable<string>)new string[] { "" }).Aggregate(sink14.First(), (acc, s) => acc + s, x => x);
+        var sink18 = ((IEnumerable<string>)new string[] { "" }).Aggregate(sink14, (acc, s) => acc + s, x => x);
         Check(sink18);
         int sink21;
         Int32.TryParse(sink18, out sink21);
@@ -109,19 +109,19 @@ public void M()
         Check(nonSink0);
         ReturnRef(sink1, ref sink1, ref nonSink0);
         Check(nonSink0);
-        var nonSink1 = ((IEnumerable<string>)new string[] { nonSink0 }).SelectEven(x => x);
-        Check(nonSink1);
-        nonSink1 = ((IEnumerable<string>)new string[] { nonSink0 }).Select(x => x);
-        Check(nonSink1);
-        nonSink1 = ((IEnumerable<string>)new string[] { sink14.First() }).Zip(((IEnumerable<string>)new string[] { "" }), (x, y) => y);
-        Check(nonSink1);
-        nonSink1 = ((IEnumerable<string>)new string[] { "" }).Zip(((IEnumerable<string>)new string[] { sink15.First() }), (x, y) => x);
-        Check(nonSink1);
-        nonSink0 = sink14.Aggregate("", (acc, s) => acc, x => x);
+        nonSink0 = ((IEnumerable<string>)new string[] { nonSink0 }).SelectEven(x => x).First();
         Check(nonSink0);
-        nonSink0 = sink14.Aggregate("", (acc, s) => acc + s, x => "");
+        nonSink0 = ((IEnumerable<string>)new string[] { nonSink0 }).Select(x => x).First();
         Check(nonSink0);
-        nonSink0 = nonSink1.Aggregate(sink1, (acc, s) => s, x => x);
+        nonSink0 = ((IEnumerable<string>)new string[] { sink14 }).Zip(((IEnumerable<string>)new string[] { "" }), (x, y) => y).First();
+        Check(nonSink0);
+        nonSink0 = ((IEnumerable<string>)new string[] { "" }).Zip(((IEnumerable<string>)new string[] { sink15 }), (x, y) => x).First();
+        Check(nonSink0);
+        nonSink0 = ((IEnumerable<string>)new string[] { sink14 }).Aggregate("", (acc, s) => acc, x => x);
+        Check(nonSink0);
+        nonSink0 = ((IEnumerable<string>)new string[] { sink14 }).Aggregate("", (acc, s) => acc + s, x => "");
+        Check(nonSink0);
+        nonSink0 = ((IEnumerable<string>)new string[] { nonSink0 }).Aggregate(sink1, (acc, s) => s, x => x);
         Check(nonSink0);
         int nonSink2;
         Int32.TryParse(nonSink0, out nonSink2);
@@ -158,7 +158,7 @@ public void M()
         var sink8 = "";
         OutRef(ref sink8);
         Check(sink8);
-        var sink12 = OutYield();
+        var sink12 = OutYield().First();
         Check(sink12);
         var sink23 = TaintedParam(nonSink0); // even though the argument is not tainted, the parameter is considered tainted
         Check(sink23);
@@ -202,30 +202,32 @@ public void M()
         Check(nonSink0);
     }
 
-    public void M2(IQueryable<string> tainted, IQueryable<string> notTainted)
+    public void M2()
     {
+        IQueryable<string> tainted = new[] { "taint source" }.AsQueryable();
+        IQueryable<string> notTainted = new[] { "not tainted" }.AsQueryable();
         // Flow into a callable via library call, tainted
         Func<string, string> f1 = sinkParam10 => { Check(sinkParam10); return sinkParam10; };
         System.Linq.Expressions.Expression<Func<string, string>> f2 = x => ReturnCheck2(x);
-        var sink24 = tainted.Select(f1);
+        var sink24 = tainted.Select(f1).First();
         Check(sink24);
-        var sink25 = tainted.Select(f2);
+        var sink25 = tainted.Select(f2).First();
         Check(sink25);
-        var sink26 = tainted.Select(ReturnCheck3);
+        var sink26 = tainted.Select(ReturnCheck3).First();
         Check(sink26);
 
         // Flow into a callable via library call, not tainted
         Func<string, string> f3 = nonSinkParam => { Check(nonSinkParam); return nonSinkParam; };
         System.Linq.Expressions.Expression<Func<string, string>> f4 = x => NonReturnCheck(x);
-        var nonSink = notTainted.Select(f1);
+        var nonSink = notTainted.Select(f1).First();
         Check(nonSink);
-        nonSink = notTainted.Select(f2);
+        nonSink = notTainted.Select(f2).First();
         Check(nonSink);
-        nonSink = notTainted.Select(f3);
+        nonSink = notTainted.Select(f3).First();
         Check(nonSink);
-        nonSink = notTainted.Select(f4);
+        nonSink = notTainted.Select(f4).First();
         Check(nonSink);
-        nonSink = notTainted.Select(ReturnCheck3);
+        nonSink = notTainted.Select(ReturnCheck3).First();
         Check(nonSink);
     }
 

csharp/ql/test/library-tests/dataflow/global/DataFlowEdges.ql

@@ -37,22 +37,22 @@
 | GlobalDataFlow.cs:181:15:181:19 | access to local variable sink9 |
 | GlobalDataFlow.cs:190:15:190:20 | access to local variable sink10 |
 | GlobalDataFlow.cs:198:15:198:20 | access to local variable sink19 |
-| GlobalDataFlow.cs:208:58:208:68 | access to parameter sinkParam10 |
-| GlobalDataFlow.cs:211:15:211:20 | access to local variable sink24 |
-| GlobalDataFlow.cs:213:15:213:20 | access to local variable sink25 |
-| GlobalDataFlow.cs:215:15:215:20 | access to local variable sink26 |
-| GlobalDataFlow.cs:237:15:237:24 | access to parameter sinkParam0 |
-| GlobalDataFlow.cs:242:15:242:24 | access to parameter sinkParam1 |
-| GlobalDataFlow.cs:247:15:247:24 | access to parameter sinkParam3 |
-| GlobalDataFlow.cs:252:15:252:24 | access to parameter sinkParam4 |
-| GlobalDataFlow.cs:257:15:257:24 | access to parameter sinkParam5 |
-| GlobalDataFlow.cs:262:15:262:24 | access to parameter sinkParam6 |
-| GlobalDataFlow.cs:267:15:267:24 | access to parameter sinkParam7 |
-| GlobalDataFlow.cs:294:15:294:24 | access to parameter sinkParam8 |
-| GlobalDataFlow.cs:300:15:300:24 | access to parameter sinkParam9 |
-| GlobalDataFlow.cs:306:15:306:25 | access to parameter sinkParam11 |
-| GlobalDataFlow.cs:381:15:381:20 | access to local variable sink11 |
-| GlobalDataFlow.cs:404:41:404:46 | access to local variable sink20 |
+| GlobalDataFlow.cs:210:58:210:68 | access to parameter sinkParam10 |
+| GlobalDataFlow.cs:213:15:213:20 | access to local variable sink24 |
+| GlobalDataFlow.cs:215:15:215:20 | access to local variable sink25 |
+| GlobalDataFlow.cs:217:15:217:20 | access to local variable sink26 |
+| GlobalDataFlow.cs:239:15:239:24 | access to parameter sinkParam0 |
+| GlobalDataFlow.cs:244:15:244:24 | access to parameter sinkParam1 |
+| GlobalDataFlow.cs:249:15:249:24 | access to parameter sinkParam3 |
+| GlobalDataFlow.cs:254:15:254:24 | access to parameter sinkParam4 |
+| GlobalDataFlow.cs:259:15:259:24 | access to parameter sinkParam5 |
+| GlobalDataFlow.cs:264:15:264:24 | access to parameter sinkParam6 |
+| GlobalDataFlow.cs:269:15:269:24 | access to parameter sinkParam7 |
+| GlobalDataFlow.cs:296:15:296:24 | access to parameter sinkParam8 |
+| GlobalDataFlow.cs:302:15:302:24 | access to parameter sinkParam9 |
+| GlobalDataFlow.cs:308:15:308:25 | access to parameter sinkParam11 |
+| GlobalDataFlow.cs:383:15:383:20 | access to local variable sink11 |
+| GlobalDataFlow.cs:406:41:406:46 | access to local variable sink20 |
 | Splitting.cs:9:15:9:15 | [b (line 3): false] access to local variable x |
 | Splitting.cs:9:15:9:15 | [b (line 3): true] access to local variable x |
 | Splitting.cs:11:19:11:19 | access to local variable x |