Skip to content

Commit

Permalink
Fix S5332 FP: Add "schemas.microsoft.com" to commonly used known sche…
Browse files Browse the repository at this point in the history 
…ma domain (#5610)
  • Loading branch information
@csaba-sagi-sonarsource
csaba-sagi-sonarsource authored May 2, 2022
1 parent 7148eb9 commit 5179e61
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 16 deletions.
8 changes: 5 additions & 3 deletions analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/ClearTextProtocolsAreSensitive.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ public sealed class ClearTextProtocolsAreSensitive : HotspotDiagnosticAnalyzer
"purl.org",
"xmlns.com",
"schemas.google.com",
"schemas.microsoft.com",
"a9.com",
"ns.adobe.com",
"ltsc.ieee.org",
Expand All @@ -79,7 +80,7 @@ public sealed class ClearTextProtocolsAreSensitive : HotspotDiagnosticAnalyzer
private readonly string[] localhostAddresses = {"localhost", "127.0.0.1", "::1"};

private readonly CSharpObjectInitializationTracker objectInitializationTracker =
new CSharpObjectInitializationTracker(constantValue => constantValue is bool value && value,
new(constantValue => constantValue is bool value && value,
ImmutableArray.Create(KnownType.System_Net_Mail_SmtpClient, KnownType.System_Net_FtpWebRequest),
propertyName => propertyName == EnableSslName);

Expand All @@ -89,7 +90,8 @@ public sealed class ClearTextProtocolsAreSensitive : HotspotDiagnosticAnalyzer
private readonly Regex telnetRegexForIdentifier;
private readonly Regex validServerRegex;

public override ImmutableArray<DiagnosticDescriptor> SupportedDiagnostics => ImmutableArray.Create(DefaultRule, EnableSslRule);
public override ImmutableArray<DiagnosticDescriptor> SupportedDiagnostics =>
ImmutableArray.Create(DefaultRule, EnableSslRule);

public ClearTextProtocolsAreSensitive() : this(AnalyzerConfiguration.Hotspot) { }

Expand Down Expand Up @@ -216,7 +218,7 @@ private static bool TokenContainsNamespace(SyntaxToken token) =>
token.Text.IndexOf("Namespace", StringComparison.OrdinalIgnoreCase) != -1;

private static Regex CompileRegex(string pattern, bool ignoreCase = true) =>
new Regex(pattern, ignoreCase
new(pattern, ignoreCase
? RegexOptions.Compiled | RegexOptions.IgnoreCase
: RegexOptions.Compiled);
}
Expand Down
31 changes: 18 additions & 13 deletions analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/ClearTextProtocolsAreSensitiveTest.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,28 +32,33 @@ namespace SonarAnalyzer.UnitTest.Rules
[TestClass]
public class ClearTextProtocolsAreSensitiveTest
{
private readonly VerifierBuilder builder = new VerifierBuilder().AddAnalyzer(() => new ClearTextProtocolsAreSensitive(AnalyzerConfiguration.AlwaysEnabled));

[TestMethod]
public void ClearTextProtocolsAreSensitive() =>
OldVerifier.VerifyAnalyzer(
@"TestCases\Hotspots\ClearTextProtocolsAreSensitive.cs",
new ClearTextProtocolsAreSensitive(AnalyzerConfiguration.AlwaysEnabled),
ParseOptionsHelper.FromCSharp8,
AdditionalReferences);
builder.AddPaths(@"Hotspots\ClearTextProtocolsAreSensitive.cs")
.AddReferences(AdditionalReferences)
.WithOptions(ParseOptionsHelper.FromCSharp8)
.Verify();

#if NET

[TestMethod]
public void ClearTextProtocolsAreSensitive_CSharp9() =>
OldVerifier.VerifyAnalyzerFromCSharp9Console(
@"TestCases\Hotspots\ClearTextProtocolsAreSensitive.CSharp9.cs",
new ClearTextProtocolsAreSensitive(AnalyzerConfiguration.AlwaysEnabled),
AdditionalReferences);
builder.AddPaths(@"Hotspots\ClearTextProtocolsAreSensitive.CSharp9.cs")
.WithTopLevelStatements()
.AddReferences(AdditionalReferences)
.WithOptions(ParseOptionsHelper.FromCSharp9)
.Verify();

[TestMethod]
public void ClearTextProtocolsAreSensitive_CSharp10() =>
OldVerifier.VerifyAnalyzerFromCSharp10Console(
@"TestCases\Hotspots\ClearTextProtocolsAreSensitive.CSharp10.cs",
new ClearTextProtocolsAreSensitive(AnalyzerConfiguration.AlwaysEnabled),
AdditionalReferences);
builder.AddPaths(@"Hotspots\ClearTextProtocolsAreSensitive.CSharp10.cs")
.WithTopLevelStatements()
.AddReferences(AdditionalReferences)
.WithOptions(ParseOptionsHelper.FromCSharp10)
.Verify();

#endif

internal static IEnumerable<MetadataReference> AdditionalReferences =>
Expand Down
5 changes: 5 additions & 0 deletions analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/ClearTextProtocolsAreSensitive.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,9 @@ public void Smtp()
using var notSet = new SmtpClient("host", 25); // Noncompliant {{EnableSsl should be set to true.}}
using var constructorFalse = new SmtpClient("host", 25) { EnableSsl = false }; // Noncompliant

using var constructor42 = new SmtpClient("host", 25) { EnableSsl = 42 }; // Error [CS0029] Cannot implicitly convert type 'int' to 'bool'
// Noncompliant@-1 FP

using var localhosting = new SmtpClient("localhosting", 25); // Noncompliant
using var localhost = new SmtpClient("localhost", 25); // Compliant due to well known value
using var loopback = new SmtpClient("127.0.0.1", 25); // Compliant due to well known value
Expand Down Expand Up @@ -169,6 +172,7 @@ public void TelnetExample() // This line is compliant, even when it contains "Te
"http://purl.org",
"http://xmlns.com",
"http://schemas.google.com",
"http://schemas.microsoft.com",
"http://a9.com",
"http://ns.adobe.com",
"http://ltsc.ieee.org",
Expand All @@ -188,6 +192,7 @@ public void TelnetExample() // This line is compliant, even when it contains "Te
"http://subdomain.purl.org", // Noncompliant
"http://subdomain.xmlns.com", // Noncompliant
"http://subdomain.schemas.google.com", // Noncompliant
"http://subdomain.schemas.microsoft.com", // Noncompliant
"http://subdomain.a9.com", // Noncompliant
"http://subdomain.ns.adobe.com", // Noncompliant
"http://subdomain.ltsc.ieee.org", // Noncompliant
Expand Down

0 comments on commit 5179e61

Please sign in to comment.