github
diff --git a/‎csharp/ql/test/library-tests/dataflow/global/Capture.cs
Lines changed: 153 additions & 2 deletions b/‎csharp/ql/test/library-tests/dataflow/global/Capture.cs
Lines changed: 153 additions & 2 deletions
diff --git a/‎csharp/ql/test/library-tests/dataflow/global/DataFlow.expected
Lines changed: 18 additions & 7 deletions b/‎csharp/ql/test/library-tests/dataflow/global/DataFlow.expected
Lines changed: 18 additions & 7 deletions
@@ -111,10 +111,12 @@ void M()
         string sink40 = "";
         void CaptureOutMultipleLambdas()
         {
-            RunAction(() => {
+            RunAction(() =>
+            {
                 sink40 = "taint source";
             });
-            RunAction(() => {
+            RunAction(() =>
+            {
                 nonSink0 = "not tainted";
             });
         };
@@ -197,10 +199,159 @@ string Id(string s)
         Check(nonSink0);
     }
 
+    void M1(string s)
+    {
+        Action a = () =>
+        {
+            Check(s);
+        };
+        a();
+    }
+
+    void M2() => M1("taint source");
+
+    Action M3(string s)
+    {
+        return () =>
+        {
+            Check(s); // missing flow from lines 221 and 223
+        };
+    }
+
+    void M4() => M3("taint source")();
+
+    void M5() => RunAction(M3("taint source"));
+
+    void M6()
+    {
+        List<int> xs = new List<int> { 0, 1, 2 };
+        var x = "taint source";
+        xs.ForEach(_ =>
+        {
+            Check(x);
+            x = "taint source";
+        });
+        Check(x);
+    }
+
+    public string Field;
+
+    void M7()
+    {
+        var c = new Capture();
+        c.Field = "taint source";
+
+        Action a = () =>
+        {
+            Check(c.Field); // missing flow from line 242
+            c.Field = "taint source";
+        };
+        a();
+
+        Check(c.Field); // missing flow from line 247
+    }
+
+    void M7(bool b)
+    {
+        var c = new Capture();
+        if (b)
+        {
+            c = null;
+        }
+
+        Action a = () =>
+        {
+            c.Field = "taint source";
+        };
+        a();
+
+        Check(c.Field); // missing flow from line 264
+    }
+
+    void M8()
+    {
+        RunAction(x => Check(x), "taint source");
+    }
+
+    void M9()
+    {
+        var x = "taint source";
+
+        Action middle = () =>
+        {
+            Action inner = () =>
+            {
+                Check(x);
+                x = "taint source";
+            };
+            inner();
+        };
+
+        middle();
+
+        Check(x);
+    }
+
+    void M10()
+    {
+        this.Field = "taint source";
+
+        Action a = () =>
+        {
+            Check(this.Field); // missing flow from line 297
+            this.Field = "taint source";
+        };
+        a();
+
+        Check(this.Field); // missing flow from line 302
+    }
+
+    void M11()
+    {
+        var x = "taint source";
+        Check(x);
+        x = "safe";
+        Check(x);
+
+        Action a = () =>
+        {
+            x = "taint source";
+            Check(x);
+            x = "safe";
+            Check(x);
+        };
+        a();
+    }
+
+    void M12()
+    {
+        var x = "taint source";
+
+        void CapturedLocalFunction() => Check(x); // missing flow from line 328
+
+        void CapturingLocalFunction() => CapturedLocalFunction();
+    }
+
+    void M13()
+    {
+        var x = "taint source";
+
+        Action capturedLambda = () => Check(x);
+
+        Action capturingLambda = () => capturedLambda();
+
+        capturingLambda();
+    }
+
     static void Check<T>(T x) { }
 
     static void RunAction(Action a)
     {
         a.Invoke();
     }
+
+    static void RunAction<T>(Action<T> a, T x)
+    {
+        a(x);
+    }
 }
@@ -5,13 +5,24 @@
 | Capture.cs:72:15:72:20 | access to local variable sink30 |
 | Capture.cs:84:15:84:20 | access to local variable sink31 |
 | Capture.cs:93:15:93:20 | access to local variable sink32 |
-| Capture.cs:122:15:122:20 | access to local variable sink40 |
-| Capture.cs:133:15:133:20 | access to local variable sink33 |
-| Capture.cs:145:15:145:20 | access to local variable sink34 |
-| Capture.cs:154:15:154:20 | access to local variable sink35 |
-| Capture.cs:161:15:161:20 | access to local variable sink36 |
-| Capture.cs:169:15:169:20 | access to local variable sink37 |
-| Capture.cs:195:15:195:20 | access to local variable sink38 |
+| Capture.cs:124:15:124:20 | access to local variable sink40 |
+| Capture.cs:135:15:135:20 | access to local variable sink33 |
+| Capture.cs:147:15:147:20 | access to local variable sink34 |
+| Capture.cs:156:15:156:20 | access to local variable sink35 |
+| Capture.cs:163:15:163:20 | access to local variable sink36 |
+| Capture.cs:171:15:171:20 | access to local variable sink37 |
+| Capture.cs:197:15:197:20 | access to local variable sink38 |
+| Capture.cs:206:19:206:19 | access to parameter s |
+| Capture.cs:231:19:231:19 | access to local variable x |
+| Capture.cs:234:15:234:15 | access to local variable x |
+| Capture.cs:251:15:251:21 | access to field Field |
+| Capture.cs:273:30:273:30 | access to parameter x |
+| Capture.cs:284:23:284:23 | access to local variable x |
+| Capture.cs:292:15:292:15 | access to local variable x |
+| Capture.cs:306:15:306:24 | access to field Field |
+| Capture.cs:312:15:312:15 | access to local variable x |
+| Capture.cs:319:19:319:19 | access to local variable x |
+| Capture.cs:339:45:339:45 | access to local variable x |
 | GlobalDataFlow.cs:19:15:19:29 | access to field SinkField0 |
 | GlobalDataFlow.cs:27:15:27:32 | access to property SinkProperty0 |
 | GlobalDataFlow.cs:45:50:45:59 | access to parameter sinkParam2 |