Skip to content

Commit

Permalink
enable .NET analyzer, fix security warnings (#1175)
Browse files Browse the repository at this point in the history 
- fix security warnings and some low hanging fruit refactoring
  • Loading branch information
@mregen
mregen committed May 14, 2021
1 parent a85b368 commit c7ee673
Show file tree
Hide file tree
Showing 32 changed files with 304 additions and 266 deletions.
358 changes: 190 additions & 168 deletions .editorconfig
View file

Large diffs are not rendered by default.

7 changes: 7 additions & 0 deletions common.props
View file
Expand Up @@ -13,6 +13,7 @@
<PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
<PackageTags>Industrial;Industrial IoT;Manufacturing;Azure;IoT;.NET</PackageTags>
<HighEntropyVA>true</HighEntropyVA>
<EnableNETAnalyzers>true</EnableNETAnalyzers>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<NeutralLanguage>en-US</NeutralLanguage>
<LangVersion>8.0</LangVersion>
Expand Down Expand Up @@ -40,6 +41,12 @@
<PropertyGroup Condition="'$(FX_COP)' != ''">
<TreatWarningsAsErrors>false</TreatWarningsAsErrors>
</PropertyGroup>
<ItemGroup Condition="'$(SDL)' == 'true'">
<PackageReference Include="Roslynator.Analyzers" Version="3.1.0" PrivateAssets="All" />
</ItemGroup>
<PropertyGroup Condition="'$(SDL)' == 'true'">
<TreatWarningsAsErrors>false</TreatWarningsAsErrors>
</PropertyGroup>
<PropertyGroup>
<PrereleaseSuffix>$(PrereleaseVersionNoLeadingHyphen)-$(GitCommitIdShort)</PrereleaseSuffix>
<PrereleaseVersion Condition="'$(BUILD_SOURCEVERSION)' != ''">[$(NuGetPackageVersion)]</PrereleaseVersion>
Expand Down
3 changes: 3 additions & 0 deletions common/src/Microsoft.Azure.IIoT.Core/src/Extensions/ByteArrayEx.cs
View file
Expand Up @@ -69,11 +69,14 @@ public static class ByteArrayEx {
return Convert.ToBase64String(value);
}


/// <summary>
/// Hashes the string
/// </summary>
/// <param name="bytestr">string to hash</param>
/// <returns></returns>
[Diagnostics.CodeAnalysis.SuppressMessage("Security", "CA5350:Do Not Use Weak Cryptographic Algorithms",
Justification = "SHA1 not used for crypto operation.")]
public static string ToSha1Hash(this byte[] bytestr) {
if (bytestr == null) {
return null;
Expand Down
7 changes: 6 additions & 1 deletion common/src/Microsoft.Azure.IIoT.Core/src/Extensions/StreamEx.cs
View file
Expand Up @@ -8,6 +8,7 @@ namespace System.IO {
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using System.Xml;

/// <summary>
/// Stream extensions
Expand Down Expand Up @@ -51,7 +52,11 @@ public static class StreamEx {
var reader = new StreamReader(stream);
try {
var serializer = new Xml.Serialization.XmlSerializer(typeof(T));
return (T)serializer.Deserialize(reader);
var xmlReader = new XmlTextReader(reader) {
DtdProcessing = DtdProcessing.Prohibit,
XmlResolver = null
};
return (T)serializer.Deserialize(xmlReader);
}
finally {
reader.Close();
Expand Down
4 changes: 2 additions & 2 deletions common/src/Microsoft.Azure.IIoT.Core/src/Messaging/Default/EventBusHost.cs
View file
Expand Up @@ -58,7 +58,7 @@ public class EventBusHost : IHostProcess {
catch (Exception ex) {
_logger.Error(ex, "Failed to start Event bus host for {type}.",
type.Name);
throw ex;
throw;
}
}
}
Expand All @@ -82,7 +82,7 @@ public class EventBusHost : IHostProcess {
catch (Exception ex) {
_logger.Error(ex, "Failed to stop Event bus host using token {token}.",
token);
throw ex;
throw;
}
}
_handlers.Clear();
Expand Down
2 changes: 1 addition & 1 deletion common/src/Microsoft.Azure.IIoT.Core/src/Utils/HostAutoStart.cs
View file
Expand Up @@ -35,7 +35,7 @@ public class HostAutoStart : IDisposable, IStartable {
}
catch (Exception ex) {
_logger.Error(ex, "Failed to start some hosts.");
throw ex;
throw;
}
}

Expand Down
2 changes: 1 addition & 1 deletion common/src/Microsoft.Azure.IIoT.Http.SignalR/src/Services/SignalRHubClientHost.cs
View file
Expand Up @@ -81,7 +81,7 @@ public class SignalRHubClientHost : ICallbackRegistrar, IHostProcess {
catch (Exception ex) {
_started = false;
_logger.Error(ex, "Error starting SignalR client host.");
throw ex;
throw;
}
finally {
_lock.Release();
Expand Down
3 changes: 3 additions & 0 deletions common/src/Microsoft.Azure.IIoT.Hub.Module.Client/src/Default/IoTSdkFactory.cs
View file
Expand Up @@ -140,7 +140,10 @@ public sealed class IoTSdkFactory : IClientFactory, IDisposable {
_logHook?.Dispose();
}


/// <inheritdoc/>
[System.Diagnostics.CodeAnalysis.SuppressMessage("Security", "CA5359:Do Not Disable Certificate Validation",
Justification = "<Pending>")]
public async Task<IClient> CreateAsync(string product, IProcessControl ctrl) {

if (_bypassCertValidation) {
Expand Down
8 changes: 4 additions & 4 deletions common/src/Microsoft.Azure.IIoT.Hub.Module.Framework/src/Hosting/ModuleHost.cs
View file
Expand Up @@ -92,7 +92,7 @@ public sealed class ModuleHost : IModuleHost, ITwinProperties, IEventEmitter,
}
finally {
kModuleStart.WithLabels(DeviceId ?? "", ModuleId ?? "", _moduleGuid, "",
DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.FFFFFFFK",
DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.FFFFFFFK",
CultureInfo.InvariantCulture)).Set(0);
Client?.Dispose();
Client = null;
Expand Down Expand Up @@ -153,7 +153,7 @@ public sealed class ModuleHost : IModuleHost, ITwinProperties, IEventEmitter,
return;
}
}
catch (Exception ex) {
catch (Exception) {
kModuleStart.WithLabels(DeviceId ?? "", ModuleId ?? "",
_moduleGuid, version,
DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.FFFFFFFK",
Expand All @@ -166,7 +166,7 @@ public sealed class ModuleHost : IModuleHost, ITwinProperties, IEventEmitter,
ModuleId = null;
SiteId = null;
Gateway = null;
throw ex;
throw;
}
finally {
_lock.Release();
Expand Down Expand Up @@ -544,7 +544,7 @@ public sealed class ModuleHost : IModuleHost, ITwinProperties, IEventEmitter,
private static readonly Gauge kModuleStart = Metrics
.CreateGauge("iiot_edge_module_start", "starting module",
new GaugeConfiguration {
LabelNames = new[] {"deviceid", "module", "runid", "version", "timestamp_utc" }
LabelNames = new[] { "deviceid", "module", "runid", "version", "timestamp_utc" }
});
}
}
6 changes: 3 additions & 3 deletions common/src/Microsoft.Azure.IIoT.Hub.Module.Framework/src/Hosting/SettingsRouter.cs
View file
Expand Up @@ -444,7 +444,7 @@ private class PropertyInvoker {
_logger.Warning(e,
"Exception during setter {controller} {name} invocation",
_controller.Target.GetType().Name, _property.Name);
throw e;
throw;
}
}

Expand Down Expand Up @@ -475,7 +475,7 @@ private class PropertyInvoker {
_logger.Warning(e,
"Exception during getter {controller} {name} invocation",
_controller.Target.GetType().Name, _property.Name);
throw e;
throw;
}
}

Expand Down Expand Up @@ -508,7 +508,7 @@ private class PropertyInvoker {
_logger.Warning(e,
"Exception collecting all indexed values on {controller}.",
_controller.Target.GetType().Name);
throw e;
throw;
}
}

Expand Down
2 changes: 1 addition & 1 deletion common/src/Microsoft.Azure.IIoT.Hub.Processor/src/EventHub/EventProcessorHost.cs
View file
Expand Up @@ -103,7 +103,7 @@ public sealed class EventProcessorHost : IDisposable, IEventProcessingHost, IHos
catch (Exception ex) {
_logger.Error(ex, "Error starting event processor host.");
_host = null;
throw ex;
throw;
}
finally {
_lock.Release();
Expand Down
6 changes: 3 additions & 3 deletions common/src/Microsoft.Azure.IIoT.Messaging.ServiceBus/src/Clients/ServiceBusClientFactory.cs
View file
Expand Up @@ -141,7 +141,7 @@ public class ServiceBusClientFactory : IServiceBusClientFactory {
continue;
}
_logger.Error(ex, "Failed to create subscription client.");
throw ex;
throw;
}
}
}
Expand Down Expand Up @@ -172,7 +172,7 @@ public class ServiceBusClientFactory : IServiceBusClientFactory {
continue; // 429
}
_logger.Error(ex, "Failed to create queue client.");
throw ex;
throw;
}
}
}
Expand Down Expand Up @@ -202,7 +202,7 @@ public class ServiceBusClientFactory : IServiceBusClientFactory {
continue; // 429
}
_logger.Error(ex, "Failed to create topic client.");
throw ex;
throw;
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion common/src/Microsoft.Azure.IIoT.Messaging.ServiceBus/src/Services/ServiceBusEventBus.cs
View file
Expand Up @@ -112,7 +112,7 @@ public class ServiceBusEventBus : IEventBus {
eventName);
}
else {
throw ex;
throw;
}
}
handlers = new Dictionary<string, Subscription>();
Expand Down
2 changes: 1 addition & 1 deletion common/src/Microsoft.Azure.IIoT.Messaging.SignalR/src/Services/SignalRServiceHost.cs
View file
Expand Up @@ -84,7 +84,7 @@ public SignalRServiceHost(ISignalRServiceConfig config, ILogger logger)
}
catch (Exception ex) {
_logger.Error(ex, "Failed to start SignalR service host.");
throw ex;
throw;
}
}

Expand Down
8 changes: 4 additions & 4 deletions components/opc-ua/src/Microsoft.Azure.IIoT.OpcUa.Cdm/src/Storage/CdmFileStorageAdapter.cs
View file
Expand Up @@ -70,7 +70,7 @@ public class CdmFileStorageAdapter : NetworkAdapter, IStorageAdapter, IDisposabl
}
catch (Exception ex) {
_logger.Error(ex, "Failed to read data from {corpus}", corpusPath);
throw ex;
throw;
}
}

Expand All @@ -89,7 +89,7 @@ public class CdmFileStorageAdapter : NetworkAdapter, IStorageAdapter, IDisposabl
}
catch (Exception ex) {
_logger.Error(ex, "Failed to write data to {corpus}", corpusPath);
throw ex;
throw;
}
}

Expand All @@ -111,7 +111,7 @@ public class CdmFileStorageAdapter : NetworkAdapter, IStorageAdapter, IDisposabl
}
catch (Exception ex) {
_logger.Error(ex, "Failed to write data to {corpus}", corpusPath);
throw ex;
throw;
}
}

Expand All @@ -124,7 +124,7 @@ public class CdmFileStorageAdapter : NetworkAdapter, IStorageAdapter, IDisposabl
}
catch (Exception ex) {
_logger.Error(ex, "Failed to get files in {corpus}", folderCorpusPath);
throw ex;
throw;
}
}

Expand Down
10 changes: 5 additions & 5 deletions ...nents/opc-ua/src/Microsoft.Azure.IIoT.OpcUa.Protocol/src/Extensions/EndpointServicesEx.cs
View file
Expand Up @@ -20,8 +20,8 @@ public static class EndpointServicesEx {
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="client"></param>
/// <param name="ct"></param>
/// <param name="connection"></param>
/// <param name="ct"></param>
/// <param name="service"></param>
/// <returns></returns>
public static Task<T> ExecuteServiceAsync<T>(this IEndpointServices client,
Expand All @@ -34,8 +34,8 @@ public static class EndpointServicesEx {
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="client"></param>
/// <param name="ct"></param>
/// <param name="connection"></param>
/// <param name="ct"></param>
/// <param name="service"></param>
/// <param name="handler"></param>
/// <returns></returns>
Expand Down Expand Up @@ -73,8 +73,8 @@ public static class EndpointServicesEx {
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="client"></param>
/// <param name="elevation"></param>
/// <param name="endpoint"></param>
/// <param name="elevation"></param>
/// <param name="timeout"></param>
/// <param name="service"></param>
/// <returns></returns>
Expand Down Expand Up @@ -107,8 +107,8 @@ public static class EndpointServicesEx {
/// <typeparam name="T"></typeparam>
/// <param name="client"></param>
/// <param name="elevation"></param>
/// <param name="priority"></param>
/// <param name="endpoint"></param>
/// <param name="priority"></param>
/// <param name="ct"></param>
/// <param name="service"></param>
/// <returns></returns>
Expand All @@ -125,8 +125,8 @@ public static class EndpointServicesEx {
/// <typeparam name="T"></typeparam>
/// <param name="client"></param>
/// <param name="elevation"></param>
/// <param name="priority"></param>
/// <param name="endpoint"></param>
/// <param name="priority"></param>
/// <param name="ct"></param>
/// <param name="service"></param>
/// <param name="handler"></param>
Expand Down
16 changes: 8 additions & 8 deletions components/opc-ua/src/Microsoft.Azure.IIoT.OpcUa.Protocol/src/Extensions/FilterEncoderEx.cs
View file
Expand Up @@ -36,8 +36,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to stack model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <param name="noDefaultFilter"></param>
/// <returns></returns>
public static EventFilter Decode(this IVariantEncoder encoder, EventFilterModel model,
Expand All @@ -60,8 +60,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to stack model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <returns></returns>
public static EventFilterModel Encode(this IVariantEncoder encoder, EventFilter model) {
if (model == null) {
Expand All @@ -78,8 +78,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to stack model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <param name="onlySimpleAttributeOperands"></param>
/// <returns></returns>
public static ContentFilter Decode(this IVariantEncoder encoder, ContentFilterModel model,
Expand All @@ -97,8 +97,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to service model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <returns></returns>
public static ContentFilterModel Encode(this IVariantEncoder encoder, ContentFilter model) {
if (model == null) {
Expand All @@ -114,8 +114,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to stack model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <param name="onlySimpleAttributeOperands"></param>
/// <returns></returns>
public static ContentFilterElement Decode(this IVariantEncoder encoder,
Expand All @@ -135,8 +135,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to service model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <returns></returns>
public static ContentFilterElementModel Encode(this IVariantEncoder encoder,
ContentFilterElement model) {
Expand All @@ -156,8 +156,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to stack model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <param name="onlySimpleAttributeOperands"></param>
/// <returns></returns>
public static FilterOperand Decode(this IVariantEncoder encoder,
Expand Down Expand Up @@ -197,8 +197,8 @@ public static class FilterEncoderEx {
/// <summary>
/// Convert to service model
/// </summary>
/// <param name="model"></param>
/// <param name="encoder"></param>
/// <param name="model"></param>
/// <returns></returns>
public static FilterOperandModel Encode(this IVariantEncoder encoder,
FilterOperand model) {
Expand Down
2 changes: 1 addition & 1 deletion ...onents/opc-ua/src/Microsoft.Azure.IIoT.OpcUa.Protocol/src/Extensions/OperationResultEx.cs
View file
Expand Up @@ -34,8 +34,8 @@ public static class OperationResultEx {
/// <typeparam name="T"></typeparam>
/// <param name="operation"></param>
/// <param name="results"></param>
/// <param name="diagnostics"></param>
/// <param name="operations"></param>
/// <param name="diagnostics"></param>
/// <param name="requested"></param>
/// <param name="traceOnly"></param>
public static void Validate<T>(string operation,
Expand Down

0 comments on commit c7ee673

Please sign in to comment.