C#: Convert System.Web.HttpUtility flow to CSV format.

2021-12-09 16:09:29 +01:00 · 2021-12-09 16:09:29 +01:00 · 1cab177f8a
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/LibraryTypeDataFlow.qll
@ -1965,24 +1965,6 @@ class SystemIOPathFlow extends LibraryTypeDataFlow, SystemIOPathClass {
  }
 }

-/** Data flow for `System.Web.HttpUtility`. */
-class SystemWebHttpUtilityFlow extends LibraryTypeDataFlow, SystemWebHttpUtility {
-  override predicate callableFlow(
-    CallableFlowSource source, CallableFlowSink sink, SourceDeclarationCallable c,
-    boolean preservesValue
-  ) {
-    (
-      c = this.getAnHtmlAttributeEncodeMethod() or
-      c = this.getAnHtmlEncodeMethod() or
-      c = this.getAJavaScriptStringEncodeMethod() or
-      c = this.getAnUrlEncodeMethod()
-    ) and
-    source = TCallableFlowSourceArg(0) and
-    sink = TCallableFlowSinkReturn() and
-    preservesValue = false
-  }
-}
-
 /**
 * Custom flow through `StringValues` library class.
 */
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll
@ -203,6 +203,26 @@ class SystemWebHttpUtility extends SystemWebClass {
  Method getAnUrlEncodeMethod() { result = this.getAMethod("UrlEncode") }
 }

+/** Data flow for `System.Web.HttpUtility`. */
+private class SystemWebHttpUtilityFlowModelCsv extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        "System.Web;HttpUtility;false;HtmlAttributeEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlAttributeEncode;(System.String,System.IO.TextWriter);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlEncode;(System.Object);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;HtmlEncode;(System.String,System.IO.TextWriter);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;JavaScriptStringEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;JavaScriptStringEncode;(System.String,System.Boolean);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.Byte[]);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.Byte[],System.Int32,System.Int32);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.String);;Argument[0];ReturnValue;taint",
+        "System.Web;HttpUtility;false;UrlEncode;(System.String,System.Text.Encoding);;Argument[0];ReturnValue;taint"
+      ]
+  }
+}
+
 /** The `System.Web.HttpCookie` class. */
 class SystemWebHttpCookie extends SystemWebClass {
  SystemWebHttpCookie() { this.hasName("HttpCookie") }