diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll index f92bb0d2f44a..ee345780654d 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll @@ -39,6 +39,15 @@ private module ConditionalBypassConfig implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node sink) { sink instanceof Sink } predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer } + + predicate observeDiffInformedIncrementalMode() { any() } + + Location getASelectedSinkLocation(DataFlow::Node sink) { + result = sink.getLocation() + or + // from ConditionalBypass.ql + result = sink.(Sink).getSensitiveMethodCall().getLocation() + } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll index f1a64f6810b8..419296fcc233 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll @@ -78,6 +78,8 @@ private module RemoteSourceToExternalApiConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource } predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode } + + predicate observeDiffInformedIncrementalMode() { any() } } /** A module for tracking flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s. */ diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll index 5d9d18dcbac6..27f6ab6935f7 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll @@ -59,6 +59,10 @@ private module TaintToObjectMethodTrackingConfig implements DataFlow::ConfigSig predicate isSink(DataFlow::Node sink) { sink instanceof InstanceMethodSink } predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer } + + predicate observeDiffInformedIncrementalMode() { + any() // used in one of the disjuncts in UnsafeDeserializationUntrustedInput.ql + } } /** @@ -77,6 +81,10 @@ private module JsonConvertTrackingConfig implements DataFlow::ConfigSig { } predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer } + + predicate observeDiffInformedIncrementalMode() { + any() // used in one of the disjuncts in UnsafeDeserializationUntrustedInput.ql + } } /** @@ -133,6 +141,10 @@ private module TypeNameTrackingConfig implements DataFlow::ConfigSig { ) ) } + + predicate observeDiffInformedIncrementalMode() { + none() // Only used as secondary config in UnsafeDeserializationUntrustedInput.ql + } } /** @@ -149,6 +161,10 @@ private module TaintToConstructorOrStaticMethodTrackingConfig implements DataFlo predicate isSink(DataFlow::Node sink) { sink instanceof ConstructorOrStaticMethodSink } predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer } + + predicate observeDiffInformedIncrementalMode() { + any() // used in one of the disjuncts in UnsafeDeserializationUntrustedInput.ql + } } /** @@ -186,6 +202,10 @@ private module TaintToObjectTypeTrackingConfig implements DataFlow::ConfigSig { oc.getObjectType() instanceof StrongTypeDeserializer ) } + + predicate observeDiffInformedIncrementalMode() { + none() // only used as secondary config in UnsafeDeserializationUntrustedInput.ql + } } /** @@ -210,6 +230,10 @@ private module WeakTypeCreationToUsageTrackingConfig implements DataFlow::Config sink.asExpr() = mc.getQualifier() ) } + + predicate observeDiffInformedIncrementalMode() { + none() // only used as secondary config in UnsafeDeserializationUntrustedInput.ql + } } /** diff --git a/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql b/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql index 9f70760ba602..8fcef4d4744f 100644 --- a/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql +++ b/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql @@ -24,6 +24,8 @@ module NotThreadSafeCryptoUsageIntoParallelInvokeConfig implements DataFlow::Con } predicate isSink(DataFlow::Node sink) { sink instanceof ParallelSink } + + predicate observeDiffInformedIncrementalMode() { any() } } module NotThreadSafeCryptoUsageIntoParallelInvoke = diff --git a/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql b/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql index 32508fa9d3fb..1e33ed6a1fde 100644 --- a/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql +++ b/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql @@ -38,6 +38,12 @@ module ConnectionStringConfig implements DataFlow::ConfigSig { } predicate isBarrier(DataFlow::Node node) { node instanceof StringFormatSanitizer } + + predicate observeDiffInformedIncrementalMode() { any() } + + Location getASelectedSinkLocation(DataFlow::Node sink) { + any(Call call | call.getAnArgument() = sink.asExpr()).getLocation() = result + } } /** pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy