C#: Add precision tags to UnsafeDeserialization[UntrustedInput].ql

hvitved · hvitved · commit eb990525d740 · 2019-10-28T14:19:40.000+01:00
diff --git a/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.ql b/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.ql
@@ -5,14 +5,11 @@
  * @kind problem
  * @id cs/unsafe-deserialization
  * @problem.severity warning
+ * @precision low
  * @tags security
  *       external/cwe/cwe-502
  */
 
-/*
- * consider: @precision low
- */
-
 import csharp
 import semmle.code.csharp.security.dataflow.UnsafeDeserialization::UnsafeDeserialization
 
diff --git a/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql b/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
@@ -5,14 +5,11 @@
  * @kind path-problem
  * @id cs/unsafe-deserialization-untrusted-input
  * @problem.severity error
+ * @precision high
  * @tags security
  *       external/cwe/cwe-502
  */
 
-/*
- * consider: @precision high
- */
-
 import csharp
 import semmle.code.csharp.security.dataflow.UnsafeDeserialization::UnsafeDeserialization
 import DataFlow::PathGraph
diff --git a/csharp/ql/src/semmle/code/csharp/security/dataflow/UnsafeDeserialization.qll b/csharp/ql/src/semmle/code/csharp/security/dataflow/UnsafeDeserialization.qll
@@ -6,7 +6,6 @@
 import csharp
 
 module UnsafeDeserialization {
-  private import semmle.code.csharp.dataflow.flowsources.Remote
   private import semmle.code.csharp.dataflow.flowsources.Remote
   private import semmle.code.csharp.serialization.Deserializers
 
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserialization/ExtractorOptions.cs b/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserialization/ExtractorOptions.cs
@@ -1 +1 @@
-// semmle-extractor-options: /r:System.Runtime.Extensions.dll /r:System.IO.FileSystem.dll
+// semmle-extractor-options: /r:System.Runtime.Extensions.dll /r:System.IO.FileSystem.dll /r:System.Collections.Specialized.dll ${testdir}/../../../../resources/stubs/System.Web.cs
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserialization/SystemWebStub.cs b/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserialization/SystemWebStub.cs
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/ExtractorOptions.cs b/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/ExtractorOptions.cs
@@ -1 +1 @@
-// semmle-extractor-options: /r:System.Runtime.Extensions.dll /r:System.IO.FileSystem.dll
+// semmle-extractor-options: /r:System.Runtime.Extensions.dll /r:System.IO.FileSystem.dll /r:System.Collections.Specialized.dll ${testdir}/../../../../resources/stubs/System.Web.cs
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/SystemWebStub.cs b/csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/SystemWebStub.cs
diff --git a/csharp/ql/test/resources/stubs/System.Web.cs b/csharp/ql/test/resources/stubs/System.Web.cs
@@ -346,3 +346,25 @@ public static class AntiForgery
         public static void Validate() { }
     }
 }
+
+namespace System.Web.Script.Serialization
+{
+    // Generated from `System.Web.Script.Serialization.JavaScriptSerializer` in `System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`
+    public class JavaScriptSerializer
+    {
+        public JavaScriptSerializer() => throw null;
+        public JavaScriptSerializer(System.Web.Script.Serialization.JavaScriptTypeResolver resolver) => throw null;
+        public object DeserializeObject(string input) => throw null;
+    }
+
+    // Generated from `System.Web.Script.Serialization.JavaScriptTypeResolver` in `System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`
+    abstract public class JavaScriptTypeResolver
+    {
+    }
+
+    // Generated from `System.Web.Script.Serialization.SimpleTypeResolver` in `System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`
+    public class SimpleTypeResolver : System.Web.Script.Serialization.JavaScriptTypeResolver
+    {
+        public SimpleTypeResolver() => throw null;
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-// semmle-extractor-options: /r:System.Runtime.Extensions.dll /r:System.IO.FileSystem.dll`
	`1`	`+// semmle-extractor-options: /r:System.Runtime.Extensions.dll /r:System.IO.FileSystem.dll /r:System.Collections.Specialized.dll ${testdir}/../../../../resources/stubs/System.Web.cs`