Merge pull request #14855 from tamasvajk/standalone/logMessageSink

tamasvajk · web-flow · commit ace633cb1ddb · 2023-11-22T08:37:53.000+01:00
C#: Tolerate missing call targets in LogMessageSink
diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll
@@ -27,8 +27,9 @@ private class ExternalModelSink extends ExternalLocationSink {
  */
 class LogMessageSink extends ExternalLocationSink {
   LogMessageSink() {
-    this.getExpr() = any(LoggerType i).getAMethod().getACall().getAnArgument()
-    or
+    this.getExpr() = any(LoggerType i).getAMethod().getACall().getAnArgument() or
+    this.getExpr() =
+      any(MethodCall call | call.getQualifier().getType() instanceof LoggerType).getAnArgument() or
     this.getExpr() =
       any(ExtensionMethodCall call |
         call.getTarget().(ExtensionMethod).getExtendedType() instanceof LoggerType
diff --git a/csharp/ql/test/library-tests/standalone/externalLocationSink/externalLocationSink.expected b/csharp/ql/test/library-tests/standalone/externalLocationSink/externalLocationSink.expected
@@ -0,0 +1,8 @@
+#select
+| standalone.cs:20:20:20:20 | access to parameter s | standalone.cs:20:20:20:20 | access to parameter s |
+| standalone.cs:25:28:25:32 | "abc" | standalone.cs:25:28:25:32 | "abc" |
+compilationErrors
+| standalone.cs:16:12:16:18 | CS0104: 'ILogger' is an ambiguous reference between 'A.ILogger' and 'B.ILogger' |
+methodCalls
+| standalone.cs:20:9:20:21 | call to method  |
+| standalone.cs:25:9:25:33 | call to method  |
diff --git a/csharp/ql/test/library-tests/standalone/externalLocationSink/externalLocationSink.ql b/csharp/ql/test/library-tests/standalone/externalLocationSink/externalLocationSink.ql
@@ -0,0 +1,10 @@
+import semmle.code.csharp.security.dataflow.flowsinks.ExternalLocationSink
+import semmle.code.csharp.commons.Diagnostics
+
+from ExternalLocationSink sink
+where sink.getLocation().getFile().fromSource()
+select sink, sink.getExpr()
+
+query predicate compilationErrors(CompilerError e) { any() }
+
+query predicate methodCalls(MethodCall m) { any() }
diff --git a/csharp/ql/test/library-tests/standalone/externalLocationSink/options b/csharp/ql/test/library-tests/standalone/externalLocationSink/options
@@ -0,0 +1 @@
+semmle-extractor-options: --standalone
diff --git a/csharp/ql/test/library-tests/standalone/externalLocationSink/standalone.cs b/csharp/ql/test/library-tests/standalone/externalLocationSink/standalone.cs
@@ -0,0 +1,27 @@
+using A;
+using B;
+
+namespace A
+{
+    public interface ILogger { }
+}
+
+namespace B
+{
+    public interface ILogger { }
+}
+
+public class C
+{
+    public ILogger logger;
+
+    private void M(string s)
+    {
+        logger.Log(s);
+    }
+
+    private static void Main()
+    {
+        new C().logger.Log("abc");
+    }
+}
