C#: update MaD for HttpRequestMessage and UriBuilder

[LWSimpkins]

Update MaD for C# related to SSRF and URL path traversal scenarios. Some of these are regressions from 2.19.4 to 2.20.0 upgrade, some were missing before that.

HttpRequestMessage

• Change MaD so constructor for Uri parameter matches string parameter, where the taint is to the class object instead of an internal synthetic field

• Example:

  HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, new Uri(untrustedUrl)); // Fixed regression. Now the `request` variable is considered tainted again
  (new HttpClient()).SendAsync(request); // SSRF can be flagged again
  

UriBuilder

• Add missing variants of the constructor

  • https://learn.microsoft.com/en-us/dotnet/api/system.uribuilder.-ctor?view=net-9.0

• Add get/set property methods to support dataflow for MemberInitializer in ObjectInitializer

• Examples:

  (new HttpClient()).GetAsync(new UriBuilder("https", untrustedHost).Uri); // Fixed regression. Now `untrustedHost` flows to synthetic `Uri` field, which is used in the `get_Uri` MaD model
  
  (new HttpClient()).GetAsync(new UriBuilder("https", untrustedHost, 443).Uri); // Added constructor variant that was previously missing
  
  // Added get/set property methods for MemberInitializer in ObjectInitializer
    var uriBuilder = new UriBuilder
    {
        Scheme = "https",
        Host = untrustedHost,
        Port = 443,
    };
    (new HttpClient()).GetAsync(uriBuilder.Uri);
  

[LWSimpkins]

Merged from upstream