Skip to content

Commit cc2e5aa

Browse files
ESS-ENNESS-ENN
authored
Update YAML rule for $APP.UseDeveloperExceptionPage and snapshot file
1 parent d6616fc commit cc2e5aa

File tree

2 files changed

+45
-37
lines changed

2 files changed

+45
-37
lines changed

rules/csharp/security/stacktrace-disclosure-csharp.yml

Lines changed: 33 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -14,32 +14,40 @@ note: >-
1414
ast-grep-essentials: true
1515

1616
utils:
17-
$APP.UseDeveloperExceptionPage(...):
17+
kind_invocation_expression:
1818
kind: invocation_expression
19-
pattern: $APP.UseDeveloperExceptionPage($$$)
2019
all:
21-
- not:
22-
inside:
23-
stopBy: end
24-
any:
25-
- kind: postfix_unary_expression
26-
- kind: member_access_expression
27-
inside:
28-
kind: invocation_expression
29-
- not:
30-
inside:
31-
stopBy: neighbor
32-
kind: block
33-
follows:
34-
stopBy: end
35-
any:
36-
- kind: invocation_expression
37-
pattern: $ENV.IsDevelopment()
38-
- kind: parenthesized_expression
39-
has:
40-
kind: invocation_expression
41-
pattern: $ENV.IsDevelopment()
42-
inside:
43-
kind: if_statement
20+
- has:
21+
nthChild: 1
22+
kind: member_access_expression
23+
pattern: $ENV.IsDevelopment
24+
- has:
25+
nthChild: 2
26+
kind: argument_list
27+
28+
$APP.UseDeveloperExceptionPage(...):
29+
kind: expression_statement
30+
pattern: $APP.UseDeveloperExceptionPage($$$);
31+
not:
32+
inside:
33+
stopBy: end
34+
kind: if_statement
35+
has:
36+
nthChild: 1
37+
any:
38+
- matches: kind_invocation_expression
39+
- kind: parenthesized_expression
40+
has:
41+
matches: kind_invocation_expression
4442
rule:
43+
kind: expression_statement
4544
matches: $APP.UseDeveloperExceptionPage(...)
45+
all:
46+
- not:
47+
has:
48+
stopBy: end
49+
kind: ERROR
50+
- not:
51+
inside:
52+
stopBy: end
53+
kind: ERROR

tests/__snapshots__/stacktrace-disclosure-csharp-snapshot.yml

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,41 +2,41 @@ id: stacktrace-disclosure-csharp
22
snapshots:
33
? "if (!env.IsDevelopment()) \n {\n app.UseDeveloperExceptionPage(); \n }\n"
44
: labels:
5-
- source: app.UseDeveloperExceptionPage()
5+
- source: app.UseDeveloperExceptionPage();
66
style: primary
77
start: 42
8-
end: 73
8+
end: 74
99
? "if (DateTime.Now.DayOfWeek == DayOfWeek.Monday) \n {\n app.UseDeveloperExceptionPage(); \n }\n"
1010
: labels:
11-
- source: app.UseDeveloperExceptionPage()
11+
- source: app.UseDeveloperExceptionPage();
1212
style: primary
1313
start: 63
14-
end: 94
14+
end: 95
1515
? "if (DateTime.Now.DayOfWeek == DayOfWeek.Monday) \n {\n app.UseDeveloperExceptionPage();\n }\n"
1616
: labels:
17-
- source: app.UseDeveloperExceptionPage()
17+
- source: app.UseDeveloperExceptionPage();
1818
style: primary
1919
start: 64
20-
end: 95
20+
end: 96
2121
? "if (env.IsProduction()) \n {\n app.UseDeveloperExceptionPage(); \n }\n"
2222
: labels:
23-
- source: app.UseDeveloperExceptionPage()
23+
- source: app.UseDeveloperExceptionPage();
2424
style: primary
2525
start: 40
26-
end: 71
26+
end: 72
2727
? "if (environment == \"dev\") \n {\n app.UseDeveloperExceptionPage(); \n }\n"
2828
: labels:
29-
- source: app.UseDeveloperExceptionPage()
29+
- source: app.UseDeveloperExceptionPage();
3030
style: primary
3131
start: 42
32-
end: 73
32+
end: 74
3333
? |
3434
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
3535
{
3636
app.UseDeveloperExceptionPage();
3737
}
3838
: labels:
39-
- source: app.UseDeveloperExceptionPage()
39+
- source: app.UseDeveloperExceptionPage();
4040
style: primary
4141
start: 74
42-
end: 105
42+
end: 106

0 commit comments

Comments
 (0)