github
diff --git a/‎csharp/ql/src/Stubs/Stubs.qll‎
Lines changed: 20 additions & 8 deletions b/‎csharp/ql/src/Stubs/Stubs.qll‎
Lines changed: 20 additions & 8 deletions
diff --git a/‎csharp/ql/test/library-tests/frameworks/NHibernate/DataFlow.expected‎
Lines changed: 2 additions & 2 deletions b/‎csharp/ql/test/library-tests/frameworks/NHibernate/DataFlow.expected‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎csharp/ql/test/library-tests/frameworks/NHibernate/SqlExprs.expected‎
Lines changed: 2 additions & 2 deletions b/‎csharp/ql/test/library-tests/frameworks/NHibernate/SqlExprs.expected‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎csharp/ql/test/library-tests/frameworks/NHibernate/SqlExprs.ql‎
Lines changed: 1 addition & 0 deletions b/‎csharp/ql/test/library-tests/frameworks/NHibernate/SqlExprs.ql‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎csharp/ql/test/library-tests/frameworks/NHibernate/StoredFlowSources.expected‎
Lines changed: 6 additions & 6 deletions b/‎csharp/ql/test/library-tests/frameworks/NHibernate/StoredFlowSources.expected‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎csharp/ql/test/library-tests/frameworks/NHibernate/StoredFlowSources.ql‎
Lines changed: 1 addition & 0 deletions b/‎csharp/ql/test/library-tests/frameworks/NHibernate/StoredFlowSources.ql‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎csharp/ql/test/library-tests/frameworks/NHibernate/nhibernate.cs‎
Lines changed: 52 additions & 52 deletions b/‎csharp/ql/test/library-tests/frameworks/NHibernate/nhibernate.cs‎
Lines changed: 52 additions & 52 deletions
@@ -186,13 +186,23 @@ abstract private class GeneratedType extends Type, GeneratedElement {
 
   string stubPrivateConstructor() {
     if
-      this instanceof Interface or
-      this.isStatic() or
-      this.isAbstract() or
-      exists(this.(ValueOrRefType).getAConstructor()) or
-      not exists(this.getAnInterestingBaseType()) or
-      not exists(this.getAnInterestingBaseType().getAConstructor()) or
-      this.getAnInterestingBaseType().getAConstructor().getNumberOfParameters() = 0
+      this instanceof Interface
+      or
+      this.isStatic()
+      or
+      this.isAbstract()
+      or
+      exists(this.(ValueOrRefType).getAConstructor())
+      or
+      not exists(this.getAnInterestingBaseType())
+      or
+      not exists(this.getAnInterestingBaseType().getAConstructor())
+      or
+      exists(Constructor bc |
+        bc = this.getAnInterestingBaseType().getAConstructor() and
+        bc.getNumberOfParameters() = 0 and
+        not bc.isStatic()
+      )
     then result = ""
     else
       result =
@@ -287,7 +297,9 @@ private class ExtraGeneratedConstructor extends GeneratedMember, Constructor {
     (
       // if the base class has no 0 parameter constructor
       not exists(Constructor c |
-        c = this.getDeclaringType().getBaseClass().getAMember() and c.getNumberOfParameters() = 0
+        c = this.getDeclaringType().getBaseClass().getAMember() and
+        c.getNumberOfParameters() = 0 and
+        not c.isStatic()
       )
       or
       // if this constructor might be called from a (generic) derived class
 
@@ -1,2 +1,2 @@
-| nhibernate.cs:50:14:50:19 | access to property Name | Data flow from $@. | nhibernate.cs:45:24:45:32 | "tainted" | "tainted" |
-| nhibernate.cs:55:14:55:23 | access to property Address | Data flow from $@. | nhibernate.cs:45:24:45:32 | "tainted" | "tainted" |
+| nhibernate.cs:50:18:50:23 | access to property Name | Data flow from $@. | nhibernate.cs:45:28:45:36 | "tainted" | "tainted" |
+| nhibernate.cs:55:18:55:27 | access to property Address | Data flow from $@. | nhibernate.cs:45:28:45:36 | "tainted" | "tainted" |
@@ -1,2 +1,2 @@
-| nhibernate.cs:16:9:16:26 | object creation of type SqlString |
-| nhibernate.cs:17:9:17:27 | call to method Delete |
+| nhibernate.cs:16:13:16:30 | object creation of type SqlString |
+| nhibernate.cs:17:13:17:31 | call to method Delete |
@@ -2,4 +2,5 @@ import csharp
 import semmle.code.csharp.frameworks.Sql
 
 from SqlExpr e
+where not e.getFile().getAbsolutePath().matches("%/resources/stubs/%")
 select e
@@ -1,6 +1,6 @@
-| nhibernate.cs:49:14:49:17 | access to property Id |
-| nhibernate.cs:50:14:50:19 | access to property Name |
-| nhibernate.cs:51:14:51:22 | access to property Address |
-| nhibernate.cs:53:14:53:18 | access to property Id |
-| nhibernate.cs:54:14:54:19 | access to property Age |
-| nhibernate.cs:55:14:55:23 | access to property Address |
+| nhibernate.cs:49:18:49:21 | access to property Id |
+| nhibernate.cs:50:18:50:23 | access to property Name |
+| nhibernate.cs:51:18:51:26 | access to property Address |
+| nhibernate.cs:53:18:53:22 | access to property Id |
+| nhibernate.cs:54:18:54:23 | access to property Age |
+| nhibernate.cs:55:18:55:27 | access to property Address |
@@ -2,4 +2,5 @@ import csharp
 import semmle.code.csharp.security.dataflow.flowsources.Stored
 
 from StoredFlowSource source
+where not source.getLocation().getFile().getAbsolutePath().matches("%/resources/stubs/%")
 select source
@@ -1,62 +1,62 @@
-// semmle-extractor-options: /r:System.Data.dll /r:System.ComponentModel.Primitives.dll  ${testdir}/../../../resources/stubs/NHibernate.cs ${testdir}/../../../resources/stubs/System.Data.cs /r:System.ComponentModel.TypeConverter.dll /r:System.Data.Common.dll
+// semmle-extractor-options: /nostdlib /noconfig --load-sources-from-project:../../../resources/stubs/NHibernate/5.3.8/NHibernate.csproj
 
 
 using NHibernate;
 using NHibernate.SqlCommand;
 
 namespace NHibernateTest
 {
-  class Test
-  {
-    ISession session;
-
-    void SqlExprs()
-    {
-        var sql = "sql";
-        new SqlString(sql); // SQL expression
-        session.Delete(sql);  // SQL expression
-    }
-
-    class Person
-    {
-        public int Id { get; set; }
-        public string Name { get; set; }
-        public string Address { get; set; }
-    }
-
-    class Person2
-    {
-        public int Id { get; set; }
-        public int Age { get; set; }
-        public string Address { get; set; }
-    }
-
-    void FlowSources()
-    {
-        session.Query<Person>();
-        session.Save(new Person2());
-    }
-
-    void DataFlow()
-    {
-        var p = new Person();
-        var p2 = new Person2();
-        
-        string taint = "tainted";
-        p.Name = taint;
-        p2.Address = taint;
-
-        Sink(p.Id);  // Not tainted
-        Sink(p.Name); // Tainted
-        Sink(p.Address);  // Not tainted
-        
-        Sink(p2.Id); // Not tainted
-        Sink(p2.Age);  // Not tainted
-        Sink(p2.Address);  // Tainted
-    }
-
-    void Sink(object sink)
+    class Test
     {
+        ISession session;
+
+        void SqlExprs()
+        {
+            var sql = "sql";
+            new SqlString(sql); // SQL expression
+            session.Delete(sql);  // SQL expression
+        }
+
+        class Person
+        {
+            public int Id { get; set; }
+            public string Name { get; set; }
+            public string Address { get; set; }
+        }
+
+        class Person2
+        {
+            public int Id { get; set; }
+            public int Age { get; set; }
+            public string Address { get; set; }
+        }
+
+        void FlowSources()
+        {
+            session.Query<Person>();
+            session.Save(new Person2());
+        }
+
+        void DataFlow()
+        {
+            var p = new Person();
+            var p2 = new Person2();
+
+            string taint = "tainted";
+            p.Name = taint;
+            p2.Address = taint;
+
+            Sink(p.Id);  // Not tainted
+            Sink(p.Name); // Tainted
+            Sink(p.Address);  // Not tainted
+
+            Sink(p2.Id); // Not tainted
+            Sink(p2.Age);  // Not tainted
+            Sink(p2.Address);  // Tainted
+        }
+
+        void Sink(object sink)
+        {
+        }
     }
-  }
 }