Merging the scenarios.

raulgarciamsft · raulgarciamsft · commit 2521848322a4 · 2019-03-14T10:57:22.000-07:00
diff --git a/.gitignore b/.gitignore
@@ -13,3 +13,7 @@
 /.vs/ql/v15/Browse.VC.db
 /.vs/ProjectSettings.json
 
+/.vs/VSWorkspaceState.json
+/.vs/ql_ICryptoTransformLmbda/v15/Browse.VC.opendb
+/.vs/ql_ICryptoTransformLmbda/v15/Browse.VC.db
+/.vs/ql_ICryptoTransformLmbda/v15/.suo
diff --git a/csharp/ql/src/Likely Bugs/ParallelSink.qll b/csharp/ql/src/Likely Bugs/ParallelSink.qll
@@ -16,3 +16,13 @@ class LambdaParallelSink extends ParallelSink {
       )
   }
 }
+
+class ThreadStartParallelSink extends ParallelSink {
+  ThreadStartParallelSink() {
+    exists( DelegateCreation dc, Expr e | 
+      e = this.asExpr() |
+      dc.getArgument() = e
+      and dc.getType().getName().matches("%Start")
+    )
+  }
+}
diff --git a/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql b/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql
@@ -18,22 +18,6 @@ import semmle.code.csharp.dataflow.DataFlow
 import ParallelSink
 import ICryptoTransform
 
-class NotThreadSafeCryptoUsageIntoStartingCallingConfig extends TaintTracking::Configuration  {
-  NotThreadSafeCryptoUsageIntoStartingCallingConfig() { this = "NotThreadSafeCryptoUsageIntoStartingCallingConfig" }
- 
-  override predicate isSource(DataFlow::Node source) {    
-    source instanceof LambdaCapturingICryptoTransformSource
-  }
- 
-  override predicate isSink(DataFlow::Node sink) {
-    exists( DelegateCreation dc, Expr e | 
-      e = sink.asExpr() |
-      dc.getArgument() = e
-      and dc.getType().getName().matches("%Start")
-    )
-  }
-}
-
 class NotThreadSafeCryptoUsageIntoParallelInvokeConfig extends TaintTracking::Configuration  {
   NotThreadSafeCryptoUsageIntoParallelInvokeConfig() { this = "NotThreadSafeCryptoUsageIntoParallelInvokeConfig" }
  
@@ -46,14 +30,8 @@ class NotThreadSafeCryptoUsageIntoParallelInvokeConfig extends TaintTracking::Co
   }
 }
 
-from Expr e, string m, LambdaExpr l
+from Expr e, string m, LambdaExpr l, NotThreadSafeCryptoUsageIntoParallelInvokeConfig config
 where 
-  exists( NotThreadSafeCryptoUsageIntoParallelInvokeConfig  config |
-    config.hasFlow(DataFlow::exprNode(l), DataFlow::exprNode(e))
-    and m = "A $@ seems to be used to start a new thread using System.Threading.Tasks.Parallel.Invoke, and is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type."  	
-  )
-  or exists ( NotThreadSafeCryptoUsageIntoStartingCallingConfig  config |
-    config.hasFlow(DataFlow::exprNode(l), DataFlow::exprNode(e))
-    and m = "A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type."
-  )
+  config.hasFlow(DataFlow::exprNode(l), DataFlow::exprNode(e))
+  and m = "A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type."
 select e, m, l, "lambda expression"
diff --git a/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.expected b/csharp/ql/test/query-tests/Likely Bugs/ThreadUnsafeICryptoTransformLambda/ThreadUnsafeICryptoTransformLambda.expected
@@ -1,4 +1,4 @@
 | ThreadUnsafeICryptoTransformLambda.cs:27:62:27:66 | access to local variable start | A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type. | ThreadUnsafeICryptoTransformLambda.cs:17:24:23:9 | (...) => ... | lambda expression |
 | ThreadUnsafeICryptoTransformLambda.cs:89:62:89:66 | access to local variable start | A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type. | ThreadUnsafeICryptoTransformLambda.cs:81:24:87:9 | (...) => ... | lambda expression |
-| ThreadUnsafeICryptoTransformLambda.cs:143:29:147:17 | (...) => ... | A $@ seems to be used to start a new thread using System.Threading.Tasks.Parallel.Invoke, and is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type. | ThreadUnsafeICryptoTransformLambda.cs:143:29:147:17 | (...) => ... | lambda expression |
-| ThreadUnsafeICryptoTransformLambda.cs:148:17:152:17 | (...) => ... | A $@ seems to be used to start a new thread using System.Threading.Tasks.Parallel.Invoke, and is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type. | ThreadUnsafeICryptoTransformLambda.cs:148:17:152:17 | (...) => ... | lambda expression |
+| ThreadUnsafeICryptoTransformLambda.cs:143:29:147:17 | (...) => ... | A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type. | ThreadUnsafeICryptoTransformLambda.cs:143:29:147:17 | (...) => ... | lambda expression |
+| ThreadUnsafeICryptoTransformLambda.cs:148:17:152:17 | (...) => ... | A $@ seems to be used to start a new thread is capturing a local variable that either implements 'System.Security.Cryptography.ICryptoTransform' or has a field of this type. | ThreadUnsafeICryptoTransformLambda.cs:148:17:152:17 | (...) => ... | lambda expression |

Original file line number	Diff line number	Diff line change
`@@ -16,3 +16,13 @@ class LambdaParallelSink extends ParallelSink {`
`16`	`16`	`)`
`17`	`17`	`}`
`18`	`18`	`}`
	`19`	`+`
	`20`	`+class ThreadStartParallelSink extends ParallelSink {`
	`21`	`+ ThreadStartParallelSink() {`
	`22`	`+ exists( DelegateCreation dc, Expr e \|`
	`23`	`+ e = this.asExpr() \|`
	`24`	`+ dc.getArgument() = e`
	`25`	`+ and dc.getType().getName().matches("%Start")`
	`26`	`+ )`
	`27`	`+ }`
	`28`	`+}`