Added comments to the test file. Fixed a typo.

Denis Levin · Denis Levin · commit 276deee68c05 · 2018-08-17T10:50:52.000-07:00
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.expected b/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.expected
@@ -1,3 +1,3 @@
-| Test.cs:19:13:19:17 | access to local variable store | Certificate added to the root certificate store. Do not add certificates to root certificate store. |
-| Test.cs:28:13:28:17 | access to local variable store | Certificate added to the root certificate store. Do not add certificates to root certificate store. |
-| Test.cs:69:13:69:17 | access to local variable store | Certificate added to the root certificate store. Do not add certificates to root certificate store. |
+| Test.cs:20:13:20:17 | access to local variable store | Certificate added to the root certificate store. Do not add certificates to root certificate store. |
+| Test.cs:30:13:30:17 | access to local variable store | Certificate added to the root certificate store. Do not add certificates to root certificate store. |
+| Test.cs:75:13:75:17 | access to local variable store | Certificate added to the root certificate store. Do not add certificates to root certificate store. |
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/Test.cs b/csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/Test.cs
@@ -11,20 +11,22 @@ namespace RootCert
 {
     public class Class1
     {
-        public void InstallRoorCert()
+        public void InstallRootCert()
         {
             string file = "mytest.pfx"; // Contains name of certificate file
             X509Store store = new X509Store(StoreName.Root);
             store.Open(OpenFlags.ReadWrite);
+            // BAD: adding a certificate to the Root store
             store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));
             store.Close();
         }
 
-        public void InstallRoorCert2()
+        public void InstallRootCert2()
         {
             string file = "mytest.pfx"; // Contains name of certificate file
             X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
             store.Open(OpenFlags.ReadWrite);
+            // BAD: adding a certificate to the Root store
             store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));
             store.Close();
         }
@@ -34,6 +36,7 @@ public void InstallUserCert()
             string file = "mytest.pfx"; // Contains name of certificate file
             X509Store store = new X509Store(StoreName.My);
             store.Open(OpenFlags.ReadWrite);
+            // GOOD: adding a certificate to My store
             store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));
             store.Close();
         }
@@ -43,6 +46,7 @@ public void RemoveUserCert()
             string file = "mytest.pfx"; // Contains name of certificate file
             X509Store store = new X509Store(StoreName.My);
             store.Open(OpenFlags.ReadWrite);
+            // GOOD: removing a certificate from My store
             store.Remove(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));
             store.Close();
         }
@@ -52,11 +56,12 @@ public void RemoveRootCert()
             string file = "mytest.pfx"; // Contains name of certificate file
             X509Store store = new X509Store(StoreName.Root);
             store.Open(OpenFlags.ReadWrite);
+            // GOOD: removing a certificate from Root store
             store.Remove(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));
             store.Close();
         }
 
-        public void InstallRoorCertRange()
+        public void InstallRootCertRange()
         {
             string file1 = "mytest1.pfx"; // Contains name of certificate file
             string file2 = "mytest2.pfx"; // Contains name of certificate file
@@ -66,6 +71,7 @@ public void InstallRoorCertRange()
             };
             X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
             store.Open(OpenFlags.ReadWrite);
+            // BAD: adding multiple certificates to the Root store
             store.AddRange(new X509Certificate2Collection(certCollection));
             store.Close();
         }

Original file line number	Diff line number	Diff line change
`@@ -11,20 +11,22 @@ namespace RootCert`
`11`	`11`	`{`
`12`	`12`	`public class Class1`
`13`	`13`	`{`
`14`		`- public void InstallRoorCert()`
	`14`	`+ public void InstallRootCert()`
`15`	`15`	`{`
`16`	`16`	`string file = "mytest.pfx"; // Contains name of certificate file`
`17`	`17`	`X509Store store = new X509Store(StoreName.Root);`
`18`	`18`	`store.Open(OpenFlags.ReadWrite);`
	`19`	`+ // BAD: adding a certificate to the Root store`
`19`	`20`	`store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));`
`20`	`21`	`store.Close();`
`21`	`22`	`}`
`22`	`23`
`23`		`- public void InstallRoorCert2()`
	`24`	`+ public void InstallRootCert2()`
`24`	`25`	`{`
`25`	`26`	`string file = "mytest.pfx"; // Contains name of certificate file`
`26`	`27`	`X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);`
`27`	`28`	`store.Open(OpenFlags.ReadWrite);`
	`29`	`+ // BAD: adding a certificate to the Root store`
`28`	`30`	`store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));`
`29`	`31`	`store.Close();`
`30`	`32`	`}`
`@@ -34,6 +36,7 @@ public void InstallUserCert()`
`34`	`36`	`string file = "mytest.pfx"; // Contains name of certificate file`
`35`	`37`	`X509Store store = new X509Store(StoreName.My);`
`36`	`38`	`store.Open(OpenFlags.ReadWrite);`
	`39`	`+ // GOOD: adding a certificate to My store`
`37`	`40`	`store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));`
`38`	`41`	`store.Close();`
`39`	`42`	`}`
`@@ -43,6 +46,7 @@ public void RemoveUserCert()`
`43`	`46`	`string file = "mytest.pfx"; // Contains name of certificate file`
`44`	`47`	`X509Store store = new X509Store(StoreName.My);`
`45`	`48`	`store.Open(OpenFlags.ReadWrite);`
	`49`	`+ // GOOD: removing a certificate from My store`
`46`	`50`	`store.Remove(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));`
`47`	`51`	`store.Close();`
`48`	`52`	`}`
`@@ -52,11 +56,12 @@ public void RemoveRootCert()`
`52`	`56`	`string file = "mytest.pfx"; // Contains name of certificate file`
`53`	`57`	`X509Store store = new X509Store(StoreName.Root);`
`54`	`58`	`store.Open(OpenFlags.ReadWrite);`
	`59`	`+ // GOOD: removing a certificate from Root store`
`55`	`60`	`store.Remove(new X509Certificate2(X509Certificate2.CreateFromCertFile(file)));`
`56`	`61`	`store.Close();`
`57`	`62`	`}`
`58`	`63`
`59`		`- public void InstallRoorCertRange()`
	`64`	`+ public void InstallRootCertRange()`
`60`	`65`	`{`
`61`	`66`	`string file1 = "mytest1.pfx"; // Contains name of certificate file`
`62`	`67`	`string file2 = "mytest2.pfx"; // Contains name of certificate file`
`@@ -66,6 +71,7 @@ public void InstallRoorCertRange()`
`66`	`71`	`};`
`67`	`72`	`X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);`
`68`	`73`	`store.Open(OpenFlags.ReadWrite);`
	`74`	`+ // BAD: adding multiple certificates to the Root store`
`69`	`75`	`store.AddRange(new X509Certificate2Collection(certCollection));`
`70`	`76`	`store.Close();`
`71`	`77`	`}`