CodeQL library for C#
codeql/csharp-all 0.8.12 (changelog, source)
Search

Class UnsafeDeserializer

An unsafe deserializer.

Import path

import semmle.code.csharp.serialization.Deserializers

Direct supertypes

Indirect supertypes

Known direct subtypes

Inherited predicates

calls

Holds if callee is potentially called from this callable. That is, callee is a potential run-time target of a call in the body of this callable.

from Callable
canReturn

Holds if this callable can return expression e.

from Callable
canYieldReturn

Holds if this callable can yield return the expression e.

from Callable
compiledFromSource

Holds if this element was compiled from source code that is also present in the database. That is, this element corresponds to another element from source.

from NamedElement
fromLibrary

Holds if this element is from an assembly.

from Element
fromSource

Holds if this element is from source code.

from Element
getACall

Gets a Call that has this callable as a target.

from Callable
getAChild

Gets a child of this element, if any.

from Element
getAChildExpr

Gets a child expression of this element, if any.

from ExprOrStmtParent
getAChildStmt

Gets a child statement of this element, if any.

from ExprOrStmtParent
getALocation

Gets a location of this element, including sources and assemblies.

from Element
getAParameter

Gets a parameter, if any.

from Callable
getAPrimaryQlClass

Gets the name of a primary CodeQL class to which this element belongs.

from Element
getARawParameter

Gets a raw parameter (including the qualifier), if any.

from Parameterizable
getAStatementBody

DEPRECATED: Use getStatementBody instead.

from Callable
getAnnotatedReturnType

Gets the annotated return type of this callable.

from Callable
getBody

Gets the body of this callable, if any.

from Callable
getChild

Gets the ith child of this element (zero-based).

from ExprOrStmtParent
getChildExpr

Gets the ith child expression of this element (zero-based).

from ExprOrStmtParent
getChildStmt

Gets the ith child statement of this element (zero-based).

from ExprOrStmtParent
getCyclomaticComplexity

Gets the number of branching statements (if, while, do, for, foreach switch, case, catch) plus the number of branching expressions (?, &&, ||, ??) plus one. Callables with a high cyclomatic complexity (> 10) are hard to test and maintain, given their large number of possible execution paths. They should be refactored.

from Callable
getDeclaringType

Gets the type containing this declaration, if any.

from Declaration
getEnclosingCallable

Gets the enclosing callable of this callable, if any.

from Callable
getEntryPoint

Gets the entry point in the control graph for this callable.

from Callable
getExitPoint

Gets the exit point in the control graph for this callable.

from Callable
getExpressionBody

Gets the expression body of this callable (if any), specified by =>.

from Callable
getFile

Gets the file containing this element.

from Element
getFullyQualifiedName

Gets the fully qualified name of this element, for example the fully qualified name of M on line 3 is N.C.M in

from NamedElement
getFullyQualifiedNameWithTypes

Gets the fully qualified name of this declaration, including types, for example the fully qualified name with types of M on line 3 is N.C.M(int, string) in

from Declaration
getIndex

Gets the index of this element among its parent’s other children (zero-based).

from Element
getLabel

Gets a unique string label for this element.

from Callable
getLanguage

Gets the “language” of this program element, as defined by the extension of the filename. For example, C# has language “cs”, and Visual Basic has language “vb”.

from Element
getLocation

Gets the location of this element. Where an element has locations in source and assemblies, choose the source location. If there are multiple assembly locations, choose only one.

from Element
getName

Gets the name of this element.

from NamedElement
getNumberOfChildren

Gets the number of children of this element.

from Element
getNumberOfLines

Gets the total number of lines in this callable.

from Callable
getNumberOfLinesOfCode

Gets the number of lines containing code in this callable.

from Callable
getNumberOfLinesOfComments

Gets the number of lines containing comments in this callable.

from Callable
getNumberOfParameters

Gets the number of parameters of this callable.

from Parameterizable
getParameter

Gets the ith parameter, excluding the this parameter.

from Parameterizable
getParent

Gets the parent of this element, if any.

from Element
getPrimaryQlClasses

Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs.

from Element
getQualifiedName

Gets the fully qualified name of this element, for example the fully qualified name of M on line 3 is N.C.M in

from NamedElement
getQualifiedNameWithTypes

DEPRECATED: Use getFullyQualifiedNameWithTypes instead.

from Declaration
getRawParameter

Gets raw parameter i, including the this parameter at index 0.

from Parameterizable
getReturnType

Gets the return type of this callable.

from Callable
getStatementBody

Gets the statement body of this callable, if any.

from Callable
getUnboundDeclaration

Gets the unbound version of this declaration, that is, the declaration where all type arguments have been removed. For example, in

from Callable
getUndecoratedName

Gets the name of this declaration, without additional decoration such as <...>.

from Declaration
hasBody

Holds if this callable has a body or an implementation.

from Callable
hasExpressionBody

Holds if this callable has an expression body.

from Callable
hasFullyQualifiedName

Holds if this element has the fully qualified name qualifier.name.

from Declaration
hasName

Holds if this element has name ‘name’.

from NamedElement
hasNoParameters

Holds if this declaration has no parameters.

from Parameterizable
hasNonEmptyBody

Holds if this callable has a non-empty body. That is, either it has an expression body, or it has a non-empty statement body.

from Callable
hasQualifiedName

DEPRECATED: Use hasFullyQualifiedName instead.

from Declaration
hasStatementBody

Holds if this callable has a statement body.

from Callable
hasUndecoratedName

Holds if this element has undecorated name ‘name’.

from Declaration
isCompilerGenerated

Holds if this declaration has been generated by the compiler, for example implicit constructors or accessors.

from Declaration
isSourceDeclaration

Holds if this declaration is unconstructed and in source code.

from Declaration
isUnboundDeclaration

Holds if this declaration is unbound.

from Declaration
matchesHandle

Holds if other has the same metadata handle in the same assembly.

from NamedElement
parameterTypesToString

Gets the types of the parameters of this declaration as a comma-separated string.

from Parameterizable
toString

Gets a textual representation of this element.

from Declaration
toStringWithTypes

Gets the full textual representation of this element, including type information.

from Callable