You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/customizing-library-models-for-csharp.rst
+2-4Lines changed: 2 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -56,7 +56,7 @@ Extensible predicates used to create custom models in C#
56
56
The CodeQL library for C# analysis exposes the following extensible predicates:
57
57
58
58
- ``sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance)``. This is used to model sources of potentially tainted data.
59
-
- ``sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance)``. This is used to model sinks where tainted data maybe used in a way that makes the code vulnerable.
59
+
- ``sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance)``. This is used to model sinks where tainted data may be used in a way that makes the code vulnerable.
60
60
- ``summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance)``. This is used to model flow through elements.
61
61
- ``neutralModel(namespace, type, name, signature, kind, provenance)``. This is similar to a summary model but used to model the flow of values that have only a minor impact on the dataflow analysis.
62
62
@@ -76,10 +76,8 @@ This is the constructor of the ``SqlCommand`` class, which is located in the ``S
SqlCommandcommand=newSqlCommand(query, connection) // The argument to this method is a SQL injection sink.
81
80
...
82
-
}
83
81
}
84
82
85
83
We need to add a tuple to the ``sinkModel``\(namespace, type, subtypes, name, signature, ext, input, kind, provenance) extensible predicate by updating a data extension file.
@@ -270,7 +268,7 @@ These are the same for both of the rows above as we are adding two summaries for
270
268
- The first value ``System.Linq`` is the namespace name.
271
269
- The second value ``Enumerable`` is the class (type) name.
272
270
- The third value ``False`` is a flag that indicates whether or not the summary also applies to all overrides of the method.
273
-
- The fourth value ``Select<TSource,TResult>`` is the method name, along with the generics for the method. The names of the generic type parameters provided in the model must match the names of the generic type parameters in the method signature in the source code.
271
+
- The fourth value ``Select<TSource,TResult>`` is the method name, along with the type parameters for the method. The names of the generic type parameters provided in the model must match the names of the generic type parameters in the method signature in the source code.
274
272
- The fifth value ``(System.Collections.Generic.IEnumerable<TSource>,System.Func<TSource,TResult>)`` is the method input type signature. The generics in the signature must match the generics in the method signature in the source code.
275
273
276
274
The sixth value should be left empty and is out of scope for this documentation.
0 commit comments