C#: Add test for transitive capture calls.

Author: lcartey

csharp/ql/test/library-tests/dataflow/global/Capture.cs

@@ -47,7 +47,7 @@ void M()
             };
         };
         CaptureIn2NotCalled();
-/*        void CaptureTest(string nonSink0, string sink39)
+        void CaptureTest(string nonSink0, string sink39)
         {
             RunAction(() =>       // Check each lambda captures the correct arguments
             {
@@ -58,7 +58,7 @@ void M()
                 });
             });
         }
-        CaptureTest("not tainted", tainted);*/
+        CaptureTest("not tainted", tainted);
     }
 
     void Out()
@@ -187,8 +187,8 @@ string Id(string s)
 
     static void Check<T>(T x) { }
 
-/*    static void RunAction(Action a)
+    static void RunAction(Action a)
     {
         a.Invoke();
-    }*/
+    }
 }

csharp/ql/test/library-tests/dataflow/global/DataFlow.expected

@@ -1,6 +1,7 @@
 | Capture.cs:12:19:12:24 | access to local variable sink27 |
 | Capture.cs:21:23:21:28 | access to local variable sink28 |
 | Capture.cs:30:19:30:24 | access to local variable sink29 |
+| Capture.cs:57:27:57:32 | access to parameter sink39 |
 | Capture.cs:72:15:72:20 | access to local variable sink30 |
 | Capture.cs:84:15:84:20 | access to local variable sink31 |
 | Capture.cs:93:15:93:20 | access to local variable sink32 |

csharp/ql/test/library-tests/dataflow/global/DataFlowEdges.expected

@@ -7,6 +7,8 @@
 | Capture.cs:7:20:7:26 | tainted | Capture.cs:25:9:25:20 | [implicit argument] tainted |
 | Capture.cs:7:20:7:26 | tainted | Capture.cs:33:9:33:40 | [implicit argument] tainted |
 | Capture.cs:7:20:7:26 | tainted | Capture.cs:33:9:33:40 | [implicit argument] tainted |
+| Capture.cs:7:20:7:26 | tainted | Capture.cs:61:36:61:42 | access to parameter tainted |
+| Capture.cs:7:20:7:26 | tainted | Capture.cs:61:36:61:42 | access to parameter tainted |
 | Capture.cs:9:9:13:9 | SSA capture def(tainted) | Capture.cs:9:9:13:9 | SSA capture def(tainted) |
 | Capture.cs:9:9:13:9 | SSA capture def(tainted) | Capture.cs:11:17:11:32 | SSA def(sink27) |
 | Capture.cs:9:9:13:9 | SSA capture def(tainted) | Capture.cs:11:17:11:32 | SSA def(sink27) |
@@ -175,6 +177,58 @@
 | Capture.cs:46:23:46:30 | access to local variable nonSink0 | Capture.cs:46:23:46:30 | access to local variable nonSink0 |
 | Capture.cs:49:9:49:27 | access to local function CaptureIn2NotCalled | Capture.cs:49:9:49:27 | access to local function CaptureIn2NotCalled |
 | Capture.cs:49:9:49:29 | call to local function CaptureIn2NotCalled | Capture.cs:49:9:49:29 | call to local function CaptureIn2NotCalled |
+| Capture.cs:50:33:50:40 | nonSink0 | Capture.cs:50:33:50:40 | nonSink0 |
+| Capture.cs:50:33:50:40 | nonSink0 | Capture.cs:50:33:50:40 | nonSink0 |
+| Capture.cs:50:33:50:40 | nonSink0 | Capture.cs:52:13:59:14 | [implicit argument] nonSink0 |
+| Capture.cs:50:33:50:40 | nonSink0 | Capture.cs:52:13:59:14 | [implicit argument] nonSink0 |
+| Capture.cs:50:33:50:40 | nonSink0 | Capture.cs:52:13:59:14 | [implicit argument] nonSink0 |
+| Capture.cs:50:33:50:40 | nonSink0 | Capture.cs:52:13:59:14 | [implicit argument] nonSink0 |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:50:50:50:55 | sink39 |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:50:50:50:55 | sink39 |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:52:13:59:14 | [implicit argument] sink39 |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:52:13:59:14 | [implicit argument] sink39 |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:52:13:59:14 | [implicit argument] sink39 |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:52:13:59:14 | [implicit argument] sink39 |
+| Capture.cs:52:13:59:14 | [implicit argument] nonSink0 | Capture.cs:52:13:59:14 | [implicit argument] nonSink0 |
+| Capture.cs:52:13:59:14 | [implicit argument] nonSink0 | Capture.cs:52:23:59:13 | SSA capture def(nonSink0) |
+| Capture.cs:52:13:59:14 | [implicit argument] nonSink0 | Capture.cs:52:23:59:13 | SSA capture def(nonSink0) |
+| Capture.cs:52:13:59:14 | [implicit argument] nonSink0 | Capture.cs:52:23:59:13 | SSA capture def(nonSink0) |
+| Capture.cs:52:13:59:14 | [implicit argument] nonSink0 | Capture.cs:52:23:59:13 | SSA capture def(nonSink0) |
+| Capture.cs:52:13:59:14 | [implicit argument] sink39 | Capture.cs:52:13:59:14 | [implicit argument] sink39 |
+| Capture.cs:52:13:59:14 | [implicit argument] sink39 | Capture.cs:55:27:58:17 | SSA capture def(sink39) |
+| Capture.cs:52:13:59:14 | [implicit argument] sink39 | Capture.cs:55:27:58:17 | SSA capture def(sink39) |
+| Capture.cs:52:13:59:14 | [implicit argument] sink39 | Capture.cs:55:27:58:17 | SSA capture def(sink39) |
+| Capture.cs:52:13:59:14 | [implicit argument] sink39 | Capture.cs:55:27:58:17 | SSA capture def(sink39) |
+| Capture.cs:52:13:59:14 | call to method RunAction | Capture.cs:52:13:59:14 | call to method RunAction |
+| Capture.cs:52:23:59:13 | (...) => ... | Capture.cs:52:23:59:13 | (...) => ... |
+| Capture.cs:52:23:59:13 | (...) => ... | Capture.cs:190:34:190:34 | a |
+| Capture.cs:52:23:59:13 | (...) => ... | Capture.cs:190:34:190:34 | a |
+| Capture.cs:52:23:59:13 | SSA capture def(nonSink0) | Capture.cs:52:23:59:13 | SSA capture def(nonSink0) |
+| Capture.cs:52:23:59:13 | SSA capture def(nonSink0) | Capture.cs:54:23:54:30 | access to parameter nonSink0 |
+| Capture.cs:52:23:59:13 | SSA capture def(nonSink0) | Capture.cs:54:23:54:30 | access to parameter nonSink0 |
+| Capture.cs:52:23:59:13 | SSA capture def(nonSink0) | Capture.cs:54:23:54:30 | access to parameter nonSink0 |
+| Capture.cs:52:23:59:13 | SSA capture def(nonSink0) | Capture.cs:54:23:54:30 | access to parameter nonSink0 |
+| Capture.cs:54:17:54:31 | call to method Check | Capture.cs:54:17:54:31 | call to method Check |
+| Capture.cs:54:23:54:30 | access to parameter nonSink0 | Capture.cs:54:23:54:30 | access to parameter nonSink0 |
+| Capture.cs:55:17:58:18 | call to method RunAction | Capture.cs:55:17:58:18 | call to method RunAction |
+| Capture.cs:55:27:58:17 | (...) => ... | Capture.cs:55:27:58:17 | (...) => ... |
+| Capture.cs:55:27:58:17 | (...) => ... | Capture.cs:190:34:190:34 | a |
+| Capture.cs:55:27:58:17 | (...) => ... | Capture.cs:190:34:190:34 | a |
+| Capture.cs:55:27:58:17 | SSA capture def(sink39) | Capture.cs:55:27:58:17 | SSA capture def(sink39) |
+| Capture.cs:55:27:58:17 | SSA capture def(sink39) | Capture.cs:57:27:57:32 | access to parameter sink39 |
+| Capture.cs:55:27:58:17 | SSA capture def(sink39) | Capture.cs:57:27:57:32 | access to parameter sink39 |
+| Capture.cs:55:27:58:17 | SSA capture def(sink39) | Capture.cs:57:27:57:32 | access to parameter sink39 |
+| Capture.cs:55:27:58:17 | SSA capture def(sink39) | Capture.cs:57:27:57:32 | access to parameter sink39 |
+| Capture.cs:57:21:57:33 | call to method Check | Capture.cs:57:21:57:33 | call to method Check |
+| Capture.cs:57:27:57:32 | access to parameter sink39 | Capture.cs:57:27:57:32 | access to parameter sink39 |
+| Capture.cs:61:9:61:19 | access to local function CaptureTest | Capture.cs:61:9:61:19 | access to local function CaptureTest |
+| Capture.cs:61:9:61:43 | call to local function CaptureTest | Capture.cs:61:9:61:43 | call to local function CaptureTest |
+| Capture.cs:61:21:61:33 | "not tainted" | Capture.cs:50:33:50:40 | nonSink0 |
+| Capture.cs:61:21:61:33 | "not tainted" | Capture.cs:50:33:50:40 | nonSink0 |
+| Capture.cs:61:21:61:33 | "not tainted" | Capture.cs:61:21:61:33 | "not tainted" |
+| Capture.cs:61:36:61:42 | access to parameter tainted | Capture.cs:50:50:50:55 | sink39 |
+| Capture.cs:61:36:61:42 | access to parameter tainted | Capture.cs:50:50:50:55 | sink39 |
+| Capture.cs:61:36:61:42 | access to parameter tainted | Capture.cs:61:36:61:42 | access to parameter tainted |
 | Capture.cs:64:10:64:12 | this | Capture.cs:64:10:64:12 | this |
 | Capture.cs:66:16:66:26 | SSA def(sink30) | Capture.cs:66:16:66:26 | SSA def(sink30) |
 | Capture.cs:66:16:66:26 | String sink30 = ... | Capture.cs:66:16:66:26 | String sink30 = ... |
@@ -585,6 +639,16 @@
 | Capture.cs:184:23:184:24 | "" | Capture.cs:184:23:184:24 | "" |
 | Capture.cs:185:9:185:23 | call to method Check | Capture.cs:185:9:185:23 | call to method Check |
 | Capture.cs:185:15:185:22 | access to local variable nonSink0 | Capture.cs:185:15:185:22 | access to local variable nonSink0 |
+| Capture.cs:190:34:190:34 | a | Capture.cs:190:34:190:34 | a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:190:34:190:34 | a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:190:34:190:34 | a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:192:9:192:9 | access to parameter a | Capture.cs:192:9:192:9 | access to parameter a |
+| Capture.cs:192:9:192:18 | delegate call | Capture.cs:192:9:192:18 | delegate call |
 | GlobalDataFlow.cs:14:17:14:17 | this | GlobalDataFlow.cs:14:17:14:17 | this |
 | GlobalDataFlow.cs:14:17:14:17 | this | GlobalDataFlow.cs:64:9:64:18 | this access |
 | GlobalDataFlow.cs:14:17:14:17 | this | GlobalDataFlow.cs:64:9:64:18 | this access |

csharp/ql/test/library-tests/dataflow/global/DataFlowPath.expected

@@ -2,12 +2,17 @@ edges
 | Capture.cs:7:20:7:26 | tainted | Capture.cs:14:9:14:20 | [implicit argument] tainted |
 | Capture.cs:7:20:7:26 | tainted | Capture.cs:25:9:25:20 | [implicit argument] tainted |
 | Capture.cs:7:20:7:26 | tainted | Capture.cs:33:9:33:40 | [implicit argument] tainted |
+| Capture.cs:7:20:7:26 | tainted | Capture.cs:61:36:61:42 | access to parameter tainted |
 | Capture.cs:9:9:13:9 | SSA capture def(tainted) | Capture.cs:12:19:12:24 | access to local variable sink27 |
 | Capture.cs:14:9:14:20 | [implicit argument] tainted | Capture.cs:9:9:13:9 | SSA capture def(tainted) |
 | Capture.cs:18:13:22:13 | SSA capture def(tainted) | Capture.cs:21:23:21:28 | access to local variable sink28 |
 | Capture.cs:25:9:25:20 | [implicit argument] tainted | Capture.cs:18:13:22:13 | SSA capture def(tainted) |
 | Capture.cs:27:43:32:9 | SSA capture def(tainted) | Capture.cs:30:19:30:24 | access to local variable sink29 |
 | Capture.cs:33:9:33:40 | [implicit argument] tainted | Capture.cs:27:43:32:9 | SSA capture def(tainted) |
+| Capture.cs:50:50:50:55 | sink39 | Capture.cs:52:13:59:14 | [implicit argument] sink39 |
+| Capture.cs:52:13:59:14 | [implicit argument] sink39 | Capture.cs:55:27:58:17 | SSA capture def(sink39) |
+| Capture.cs:55:27:58:17 | SSA capture def(sink39) | Capture.cs:57:27:57:32 | access to parameter sink39 |
+| Capture.cs:61:36:61:42 | access to parameter tainted | Capture.cs:50:50:50:55 | sink39 |
 | Capture.cs:69:13:69:35 | SSA def(sink30) | Capture.cs:71:9:71:21 | SSA call def(sink30) |
 | Capture.cs:69:22:69:35 | "taint source" | Capture.cs:69:13:69:35 | SSA def(sink30) |
 | Capture.cs:71:9:71:21 | SSA call def(sink30) | Capture.cs:72:15:72:20 | access to local variable sink30 |
@@ -227,6 +232,7 @@ edges
 | GlobalDataFlow.cs:181:15:181:19 | access to local variable sink9 | GlobalDataFlow.cs:179:35:179:48 | "taint source" | GlobalDataFlow.cs:181:15:181:19 | access to local variable sink9 | access to local variable sink9 |
 | Splitting.cs:11:19:11:19 | access to local variable x | Splitting.cs:3:28:3:34 | tainted | Splitting.cs:11:19:11:19 | access to local variable x | access to local variable x |
 | Splitting.cs:34:19:34:19 | access to local variable x | Splitting.cs:24:28:24:34 | tainted | Splitting.cs:34:19:34:19 | access to local variable x | access to local variable x |
+| Capture.cs:57:27:57:32 | access to parameter sink39 | Capture.cs:7:20:7:26 | tainted | Capture.cs:57:27:57:32 | access to parameter sink39 | access to parameter sink39 |
 | GlobalDataFlow.cs:237:15:237:24 | access to parameter sinkParam0 | GlobalDataFlow.cs:17:27:17:40 | "taint source" | GlobalDataFlow.cs:237:15:237:24 | access to parameter sinkParam0 | access to parameter sinkParam0 |
 | GlobalDataFlow.cs:242:15:242:24 | access to parameter sinkParam1 | GlobalDataFlow.cs:17:27:17:40 | "taint source" | GlobalDataFlow.cs:242:15:242:24 | access to parameter sinkParam1 | access to parameter sinkParam1 |
 | GlobalDataFlow.cs:44:50:44:59 | access to parameter sinkParam2 | GlobalDataFlow.cs:17:27:17:40 | "taint source" | GlobalDataFlow.cs:44:50:44:59 | access to parameter sinkParam2 | access to parameter sinkParam2 |

csharp/ql/test/library-tests/dataflow/global/TaintTracking.expected

@@ -1,6 +1,7 @@
 | Capture.cs:12:19:12:24 | access to local variable sink27 |
 | Capture.cs:21:23:21:28 | access to local variable sink28 |
 | Capture.cs:30:19:30:24 | access to local variable sink29 |
+| Capture.cs:57:27:57:32 | access to parameter sink39 |
 | Capture.cs:72:15:72:20 | access to local variable sink30 |
 | Capture.cs:84:15:84:20 | access to local variable sink31 |
 | Capture.cs:93:15:93:20 | access to local variable sink32 |