From a7aebe65ed378adfd7e071f4a05e18a19aba5b24 Mon Sep 17 00:00:00 2001 From: Arthur van de Vondervoort Date: Mon, 8 Jan 2024 17:43:54 +0100 Subject: [PATCH] Prep for SecretText on IsolatedStorage --- Design/Rule0043SecretText.cs | 51 ++++++++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/Design/Rule0043SecretText.cs b/Design/Rule0043SecretText.cs index 104235a0..2fe2c07e 100644 --- a/Design/Rule0043SecretText.cs +++ b/Design/Rule0043SecretText.cs @@ -11,6 +11,7 @@ public class Rule0043SecretText : DiagnosticAnalyzer public override ImmutableArray SupportedDiagnostics { get; } = ImmutableArray.Create(DiagnosticDescriptors.Rule0043SecretText); private static readonly string authorization = "Authorization"; + private static readonly List buildInMethodNames = new List { "add", @@ -18,7 +19,48 @@ public class Rule0043SecretText : DiagnosticAnalyzer "tryaddwithoutvalidation" }; - public override void Initialize(AnalysisContext context) => context.RegisterOperationAction(new Action(this.AnalyzeHttpObjects), OperationKind.InvocationExpression); + public override void Initialize(AnalysisContext context) + { + context.RegisterOperationAction(new Action(this.AnalyzeHttpObjects), OperationKind.InvocationExpression); + // TODO: enable after Spring2024OrGreater release + // context.RegisterOperationAction(new Action(this.AnalyzeIsolatedStorage), OperationKind.InvocationExpression); + } + + private void AnalyzeIsolatedStorage(OperationAnalysisContext ctx) + { + // TODO: enable after Spring2024OrGreater release + // if (!VersionChecker.IsSupported(ctx.ContainingSymbol, VersionCompatibility.Spring2024OrGreater)) return; + + if (ctx.ContainingSymbol.GetContainingObjectTypeSymbol().IsObsoletePending || ctx.ContainingSymbol.GetContainingObjectTypeSymbol().IsObsoleteRemoved) return; + if (ctx.ContainingSymbol.IsObsoletePending || ctx.ContainingSymbol.IsObsoleteRemoved) return; + + IInvocationExpression operation = (IInvocationExpression)ctx.Operation; + if (operation.Arguments.Count() < 3) return; + + IMethodSymbol targetMethod = operation.TargetMethod; + if (targetMethod == null || targetMethod.ContainingSymbol.Kind != SymbolKind.Class) return; + if (!SemanticFacts.IsSameName(targetMethod.ContainingSymbol.Name, "IsolatedStorage")) return; + + int argumentIndex; + switch (operation.TargetMethod.Name.ToLowerInvariant()) + { + case "get": + argumentIndex = 2; + break; + case "set": + case "setencrypted": + argumentIndex = 1; + break; + default: + argumentIndex = -1; + break; + } + + if (argumentIndex == -1) return; + + if (!IsArgumentOfTypeSecretText(operation.Arguments[argumentIndex])) + ctx.ReportDiagnostic(Diagnostic.Create(DiagnosticDescriptors.Rule0043SecretText, ctx.Operation.Syntax.GetLocation())); + } private void AnalyzeHttpObjects(OperationAnalysisContext ctx) { @@ -51,10 +93,15 @@ private void AnalyzeHttpObjects(OperationAnalysisContext ctx) if (!IsAuthorizationArgument(operation.Arguments[0])) return; - if (operation.Arguments[1].Parameter.OriginalDefinition.GetTypeSymbol().GetNavTypeKindSafe() != NavTypeKind.SecretText) + if (!IsArgumentOfTypeSecretText(operation.Arguments[1])) ctx.ReportDiagnostic(Diagnostic.Create(DiagnosticDescriptors.Rule0043SecretText, ctx.Operation.Syntax.GetLocation())); } + private bool IsArgumentOfTypeSecretText(IArgument argument) + { + return argument.Parameter.OriginalDefinition.GetTypeSymbol().GetNavTypeKindSafe() == NavTypeKind.SecretText; + } + private static bool IsAuthorizationArgument(IArgument argument) { switch (argument.Syntax.Kind)