github
diff --git a/‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs‎
Lines changed: 4 additions & 20 deletions b/‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.cs‎
Lines changed: 4 additions & 20 deletions
diff --git a/‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnection.cs‎ b/‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnection.cs‎
diff --git a/‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnectionInitializer.expected‎
Lines changed: 4 additions & 0 deletions b/‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnectionInitializer.expected‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎…n/InsecureSQLConnectionInitializer.qlref‎ ‎…r/InsecureSQLConnectionInitializer.qlref‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnectionInitializer.qlref renamed to csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnectionInitializer.qlref b/‎…n/InsecureSQLConnectionInitializer.qlref‎ ‎…r/InsecureSQLConnectionInitializer.qlref‎csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnectionInitializer.qlref renamed to csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnectionInitializer.qlref
@@ -1,4 +1,3 @@
-using System;
 using System.Data.SqlClient;
 
 namespace InsecureSQLConnection
@@ -35,21 +34,21 @@ public void StringInBuilderProperty()
         public void StringInInitializer()
         {
             string connectString = "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false";
-            SqlConnectionStringBuilder conBuilder = new SqlConnectionStringBuilder(connectString) { Encrypt = true}; // False Positive
+            SqlConnectionStringBuilder conBuilder = new SqlConnectionStringBuilder(connectString) { Encrypt = true };
         }
-        
+
 
         public void TriggerThis()
         {
-            // BAD, Encrypt not specified (version dependent)
+            // BAD, Encrypt not specified
             SqlConnection conn = new SqlConnection("Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;");
         }
 
         void Test4()
         {
             string connectString =
                 "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd";
-            // BAD, Encrypt not specified (version dependent)
+            // BAD, Encrypt not specified
             SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);
             var conn = new SqlConnection(builder.ConnectionString);
         }
@@ -62,20 +61,5 @@ void Test5()
             SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);
             var conn = new SqlConnection(builder.ConnectionString);
         }
-
-        void Test6()
-        {
-            var conn = new SqlConnectionStringBuilder(SetToTrueConnStr) { Encrypt = false };    // Bug - cs/insecure-sql-connection-initializer
-        }
-
-        void Test72ndPhase(bool encrypt)
-        {
-            var conn = new SqlConnectionStringBuilder(SetToTrueConnStr) { Encrypt = encrypt };    // Bug - cs/insecure-sql-connection-initializer (sink)
-        }
-
-        void Test7()
-        {
-            Test72ndPhase(false);    // Bug - cs/insecure-sql-connection-initializer (source)
-        }
     }
 }
@@ -0,0 +1,4 @@
+edges
+nodes
+subpaths
+#select
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`		`-using System;`
`2`	`1`	`using System.Data.SqlClient;`
`3`	`2`
`4`	`3`	`namespace InsecureSQLConnection`
`@@ -35,21 +34,21 @@ public void StringInBuilderProperty()`
`35`	`34`	`public void StringInInitializer()`
`36`	`35`	`{`
`37`	`36`	`string connectString = "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false";`
`38`		`- SqlConnectionStringBuilder conBuilder = new SqlConnectionStringBuilder(connectString) { Encrypt = true}; // False Positive`
	`37`	`+ SqlConnectionStringBuilder conBuilder = new SqlConnectionStringBuilder(connectString) { Encrypt = true };`
`39`	`38`	`}`
`40`		`-`
	`39`	`+`
`41`	`40`
`42`	`41`	`public void TriggerThis()`
`43`	`42`	`{`
`44`		`- // BAD, Encrypt not specified (version dependent)`
	`43`	`+ // BAD, Encrypt not specified`
`45`	`44`	`SqlConnection conn = new SqlConnection("Server=myServerName\\myInstanceName;Database=myDataBase;User Id=myUsername;");`
`46`	`45`	`}`
`47`	`46`
`48`	`47`	`void Test4()`
`49`	`48`	`{`
`50`	`49`	`string connectString =`
`51`	`50`	`"Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd";`
`52`		`- // BAD, Encrypt not specified (version dependent)`
	`51`	`+ // BAD, Encrypt not specified`
`53`	`52`	`SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);`
`54`	`53`	`var conn = new SqlConnection(builder.ConnectionString);`
`55`	`54`	`}`
`@@ -62,20 +61,5 @@ void Test5()`
`62`	`61`	`SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(connectString);`
`63`	`62`	`var conn = new SqlConnection(builder.ConnectionString);`
`64`	`63`	`}`
`65`		`-`
`66`		`- void Test6()`
`67`		`- {`
`68`		`- var conn = new SqlConnectionStringBuilder(SetToTrueConnStr) { Encrypt = false }; // Bug - cs/insecure-sql-connection-initializer`
`69`		`- }`
`70`		`-`
`71`		`- void Test72ndPhase(bool encrypt)`
`72`		`- {`
`73`		`- var conn = new SqlConnectionStringBuilder(SetToTrueConnStr) { Encrypt = encrypt }; // Bug - cs/insecure-sql-connection-initializer (sink)`
`74`		`- }`
`75`		`-`
`76`		`- void Test7()`
`77`		`- {`
`78`		`- Test72ndPhase(false); // Bug - cs/insecure-sql-connection-initializer (source)`
`79`		`- }`
`80`	`64`	`}`
`81`	`65`	`}`
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +edges
 +nodes
 +subpaths
 +#select