FilesExpand file tree

 1.0.2

/

AvoidUsingPlainTextForPassword.cs

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

120 lines (107 loc) · 4.69 KB

 1.0.2

/

AvoidUsingPlainTextForPassword.cs

Top

File metadata and controls

• Code
• Blame

120 lines (107 loc) · 4.69 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

//

// Copyright (c) Microsoft Corporation.

//

// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN

// THE SOFTWARE.

//

using System;

using System.Collections.Generic;

using System.Management.Automation.Language;

using Microsoft.Windows.PowerShell.ScriptAnalyzer.Generic;

using System.ComponentModel.Composition;

using System.Globalization;

using System.Reflection;

namespace Microsoft.Windows.PowerShell.ScriptAnalyzer.BuiltinRules

{

/// <summary>

/// AvoidUsingPlainTextForPassword: Check that parameter "password", "passphrase" do not use plaintext

/// (they should be of the type SecureString).

/// </summary>

[Export(typeof(IScriptRule))]

public class AvoidUsingPlainTextForPassword : IScriptRule

{

/// <summary>

/// AvoidUsingPlainTextForPassword: Check that parameter "password", "passphrase" and do not use plaintext.

/// </summary>

public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)

{

if (ast == null) throw new ArgumentNullException(Strings.NullAstErrorMessage);

// Finds all ParamAsts.

IEnumerable<Ast> paramAsts = ast.FindAll(testAst => testAst is ParameterAst, true);

List<String> passwords = new List<String>() {"Password", "Passphrase"};

// Iterrates all ParamAsts and check if their names are on the list.

foreach (ParameterAst paramAst in paramAsts)

{

TypeInfo paramType = (TypeInfo) paramAst.StaticType;

bool hasPwd = false;

String paramName = paramAst.Name.VariablePath.ToString();

foreach (String password in passwords)

{

if (paramName.IndexOf(password, StringComparison.OrdinalIgnoreCase) != -1)

{

hasPwd = true;

break;

}

}

if (hasPwd && ((!paramType.IsArray && (paramType == typeof(String) || paramType == typeof(object)))

|| (paramType.IsArray && (paramType.GetElementType() == typeof(String) || paramType.GetElementType() == typeof(object)))))

{

yield return new DiagnosticRecord(

String.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingPlainTextForPasswordError, paramAst.Name),

paramAst.Extent, GetName(), DiagnosticSeverity.Warning, fileName);

}

}

}

/// <summary>

/// GetName: Retrieves the name of this rule.

/// </summary>

/// <returns>The name of this rule</returns>

public string GetName()

{

return string.Format(CultureInfo.CurrentCulture, Strings.NameSpaceFormat, GetSourceName(), Strings.AvoidUsingPlainTextForPasswordName);

}

/// <summary>

/// GetCommonName: Retrieves the common name of this rule.

/// </summary>

/// <returns>The common name of this rule</returns>

public string GetCommonName()

{

return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingPlainTextForPasswordCommonName);

}

/// <summary>

/// GetDescription: Retrieves the description of this rule.

/// </summary>

/// <returns>The description of this rule</returns>

public string GetDescription()

{

return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingPlainTextForPasswordDescription);

}

/// <summary>

/// GetSourceType: Retrieves the type of the rule: builtin, managed or module.

/// </summary>

public SourceType GetSourceType()

{

return SourceType.Builtin;

}

/// <summary>

/// GetSeverity: Retrieves the severity of the rule: error, warning of information.

/// </summary>

/// <returns></returns>

public RuleSeverity GetSeverity()

{

return RuleSeverity.Warning;

}

/// <summary>

/// GetSourceName: Retrieves the module/assembly name the rule is from.

/// </summary>

public string GetSourceName()

{

return string.Format(CultureInfo.CurrentCulture, Strings.SourceName);

}

}

}