Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

C#: Improve arg-param mapping logic to better handle arguments passed to params parameters #15175

Draft
wants to merge 7 commits into
base: main
Choose a base branch
from

Conversation

tamasvajk
Copy link
Contributor

@tamasvajk tamasvajk commented Dec 20, 2023

This PR changes Call::getArgumentForParameter to better cover cases when arguments are passed to params parameters.

Commit-by-commit review is suggested.

@github-actions github-actions bot added the C# label Dec 20, 2023
@tamasvajk tamasvajk marked this pull request as ready for review December 20, 2023 12:02
@tamasvajk tamasvajk requested a review from a team as a code owner December 20, 2023 12:02
@tamasvajk
Copy link
Contributor Author

I checked some of the new issues in the DCA results. There is at least one false positive in cs/dereferenced-value-may-be-null, which reports on the following pattern:

Method(new object(), null);
void Method(params object[] objs)
{
  var x = objs.Length; // reports objs can be null, because of the null arg in the call. 
}

At the same time, there are new true positives found in cs/cleartext-storage-of-sensitive-information because we consider all expressions passed to the params parameter of System.Diagnostics.TraceSource.TraceEvent.TraceMessageSink.

@tamasvajk tamasvajk marked this pull request as draft December 20, 2023 15:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant