up

2025-12-13 02:22:15 +02:00
parent 564df71bfb
commit 999e26a48e
395 changed files with 25045 additions and 2224 deletions
--- a/datasets/reachability/samples/csharp/simple-reachable/ground-truth.json
+++ b/datasets/reachability/samples/csharp/simple-reachable/ground-truth.json
@@ -0,0 +1,79 @@
+{
+  "schema": "ground-truth-v1",
+  "sampleId": "sample:csharp:simple-reachable:001",
+  "generatedAt": "2025-12-13T12:00:00Z",
+  "generator": {
+    "name": "manual-annotation",
+    "version": "1.0.0",
+    "annotator": "scanner-guild"
+  },
+  "targets": [
+    {
+      "symbolId": "sym:csharp:JsonConvert.DeserializeObject",
+      "display": "Newtonsoft.Json.JsonConvert.DeserializeObject<T>(string, JsonSerializerSettings)",
+      "purl": "pkg:nuget/Newtonsoft.Json@13.0.1",
+      "expected": {
+        "latticeState": "SR",
+        "bucket": "direct",
+        "reachable": true,
+        "confidence": 0.95,
+        "pathLength": 2,
+        "path": [
+          "sym:csharp:Program.Main",
+          "sym:csharp:JsonConvert.DeserializeObject"
+        ]
+      },
+      "reasoning": "Direct call from Main() to JsonConvert.DeserializeObject with TypeNameHandling.All settings"
+    },
+    {
+      "symbolId": "sym:csharp:JsonConvert.SerializeObject",
+      "display": "Newtonsoft.Json.JsonConvert.SerializeObject(object)",
+      "purl": "pkg:nuget/Newtonsoft.Json@13.0.1",
+      "expected": {
+        "latticeState": "SU",
+        "bucket": "unreachable",
+        "reachable": false,
+        "confidence": 0.90,
+        "pathLength": null,
+        "path": null
+      },
+      "reasoning": "SerializeObject is present in the dependency but never called from any entry point"
+    }
+  ],
+  "entryPoints": [
+    {
+      "symbolId": "sym:csharp:Program.Main",
+      "display": "SampleApp.Program.Main(string[])",
+      "phase": "runtime",
+      "source": "manifest"
+    }
+  ],
+  "expectedUncertainty": {
+    "states": [],
+    "aggregateTier": "T4",
+    "riskScore": 0.0
+  },
+  "expectedGateDecisions": [
+    {
+      "vulnId": "CVE-2024-21907",
+      "targetSymbol": "sym:csharp:JsonConvert.DeserializeObject",
+      "requestedStatus": "not_affected",
+      "expectedDecision": "block",
+      "expectedBlockedBy": "LatticeState",
+      "expectedReason": "SR state incompatible with not_affected - code path exists from entry point"
+    },
+    {
+      "vulnId": "CVE-2024-21907",
+      "targetSymbol": "sym:csharp:JsonConvert.DeserializeObject",
+      "requestedStatus": "affected",
+      "expectedDecision": "allow"
+    },
+    {
+      "vulnId": "CVE-2024-21907",
+      "targetSymbol": "sym:csharp:JsonConvert.SerializeObject",
+      "requestedStatus": "not_affected",
+      "expectedDecision": "allow",
+      "expectedReason": "SU state allows not_affected - unreachable code path"
+    }
+  ]
+}
--- a/datasets/reachability/samples/csharp/simple-reachable/manifest.json
+++ b/datasets/reachability/samples/csharp/simple-reachable/manifest.json
@@ -0,0 +1,27 @@
+{
+  "sampleId": "sample:csharp:simple-reachable:001",
+  "version": "1.0.0",
+  "createdAt": "2025-12-13T12:00:00Z",
+  "language": "csharp",
+  "category": "positive",
+  "description": "Simple C# console app with direct call path to vulnerable Newtonsoft.Json TypeNameHandling usage",
+  "source": {
+    "repository": "synthetic",
+    "commit": "synthetic-sample",
+    "buildToolchain": "dotnet:10.0"
+  },
+  "vulnerabilities": [
+    {
+      "vulnId": "CVE-2024-21907",
+      "purl": "pkg:nuget/Newtonsoft.Json@13.0.1",
+      "affectedSymbol": "Newtonsoft.Json.JsonConvert.DeserializeObject"
+    }
+  ],
+  "artifacts": [
+    {
+      "path": "artifacts/app.dll",
+      "hash": "sha256:0000000000000000000000000000000000000000000000000000000000000001",
+      "type": "application/x-msdownload"
+    }
+  ]
+}