Enabling static analysis on indexer plugin and fixing errors (#5220)

* Enabling code analysis, and treating warnings as errors

* Error CA1724 The type name Settings conflicts in whole or in part with the namespace name 'Microsoft.PowerToys.Settings'. Change either name to eliminate the conflict. Microsoft.Plugin.Indexer C:\repos\powertoys\src\modules\launcher\Plugins\Microsoft.Plugin.Indexer\Settings.cs 9 Active

* Removing keyword "Interface" from namespace to fix fxcop warnings

* Fixing static analysis warnings on ContextMenuLoader

* Fixing general exception warnings for static analysis

* Fixing public list variables, non static methods, and general exception warning

* Implementing IDisposable on OleDBSearch although in practice these objects were already being disposed.

Also Validated we were not using user input directly for sql strings.

* Removing VS generated comments from dispose methods as per PR feedback.

* Setting translated text to use current culture as per PR feedback.

* Explicity specifying 'internal' access modifier for Indexer 'Main' class, as per PR feedback

* Updating to FxCop 3.0.0

src/modules/launcher/Plugins/Microsoft.Plugin.Indexer/SearchHelper/OleDBResult.cs

@@ -8,11 +8,11 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
 {
     public class OleDBResult
     {
-        public List<object> fieldData;
+        public List<object> FieldData { get; }
 
         public OleDBResult(List<object> fieldData)
         {
-            this.fieldData = fieldData;
+            FieldData = fieldData;
         }
     }
 }

src/modules/launcher/Plugins/Microsoft.Plugin.Indexer/SearchHelper/OleDBSearch.cs

@@ -1,16 +1,19 @@
-using Microsoft.Plugin.Indexer.Interface;
-using System;
+using System;
 using System.Collections.Generic;
 using System.Data.OleDb;
 
 namespace Microsoft.Plugin.Indexer.SearchHelper
 {
-    public class OleDBSearch : ISearch
+    public class OleDBSearch : ISearch, IDisposable
     {
         private OleDbCommand command;
         private OleDbConnection conn;
-        private OleDbDataReader WDSResults;
-
+        private OleDbDataReader WDSResults;
+        private bool disposedValue;
+
+        [System.Diagnostics.CodeAnalysis.SuppressMessage("Security", "CA2100:Review SQL queries for security vulnerabilities", 
+            Justification = "sqlQuery does not come from user input but is generated via the ISearchQueryHelper::GenerateSqlFromUserQuery " +
+            " see: https://docs.microsoft.com/en-us/windows/win32/search/-search-3x-wds-qryidx-searchqueryhelper#using-the-generatesqlfromuserquery-method")]
         public List<OleDBResult> Query(string connectionString, string sqlQuery)
         {
             List<OleDBResult> result = new List<OleDBResult>();
@@ -75,6 +78,37 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
             }
 
             return commandDisposed && resultDisposed && connDisposed;
-        }
+        }
+
+        protected virtual void Dispose(bool disposing)
+        {
+            if (!disposedValue)
+            {
+                if (disposing)
+                {
+                    command?.Dispose();
+                    conn?.Dispose();
+                    WDSResults?.Dispose();
+                }
+
+                // TODO: free unmanaged resources (unmanaged objects) and override finalizer
+                // TODO: set large fields to null
+                disposedValue = true;
+            }
+        }
+
+        // // TODO: override finalizer only if 'Dispose(bool disposing)' has code to free unmanaged resources
+        // ~OleDBSearch()
+        // {
+        //     // Do not change this code. Put cleanup code in 'Dispose(bool disposing)' method
+        //     Dispose(disposing: false);
+        // }
+
+        public void Dispose()
+        {
+            // Do not change this code. Put cleanup code in 'Dispose(bool disposing)' method
+            Dispose(disposing: true);
+            GC.SuppressFinalize(this);
+        }
     }
 }

src/modules/launcher/Plugins/Microsoft.Plugin.Indexer/SearchHelper/WindowsSearchAPI.cs

@@ -1,6 +1,5 @@
 using System;
 using System.Collections.Generic;
-using Microsoft.Plugin.Indexer.Interface;
 using Microsoft.Search.Interop;
 
 namespace Microsoft.Plugin.Indexer.SearchHelper
@@ -21,6 +20,11 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
 
         public List<SearchResult> ExecuteQuery(ISearchQueryHelper queryHelper, string keyword)
         {
+            if(queryHelper == null)
+            {
+                throw new ArgumentNullException(paramName: nameof(queryHelper));
+            }
+
             List<SearchResult> _Result = new List<SearchResult>();
 
             // Generate SQL from our parameters, converting the userQuery from AQS->WHERE clause
@@ -32,21 +36,21 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
             // Loop over all records from the database
             foreach (OleDBResult oleDBResult in oleDBResults)
             {
-                if (oleDBResult.fieldData[0] == DBNull.Value || oleDBResult.fieldData[1] == DBNull.Value || oleDBResult.fieldData[2] == DBNull.Value)
+                if (oleDBResult.FieldData[0] == DBNull.Value || oleDBResult.FieldData[1] == DBNull.Value || oleDBResult.FieldData[2] == DBNull.Value)
                 {
                     continue;
                 }
 
-                UInt32 fileAttributes = (UInt32)((Int64)oleDBResult.fieldData[2]);
+                UInt32 fileAttributes = (UInt32)((Int64)oleDBResult.FieldData[2]);
                 bool isFileHidden = (fileAttributes & FILE_ATTRIBUTE_HIDDEN) == FILE_ATTRIBUTE_HIDDEN;
 
                 if (DisplayHiddenFiles || !isFileHidden)
                 {
-                    var uri_path = new Uri((string)oleDBResult.fieldData[0]);
+                    var uri_path = new Uri((string)oleDBResult.FieldData[0]);
                     var result = new SearchResult
                     {
                         Path = uri_path.LocalPath,
-                        Title = (string)oleDBResult.fieldData[1]
+                        Title = (string)oleDBResult.FieldData[1]
                     };
                     _Result.Add(result);
                 }
@@ -56,15 +60,25 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
         }
 
 
-        public void ModifyQueryHelper(ref ISearchQueryHelper queryHelper, string pattern)
+        public static void ModifyQueryHelper(ref ISearchQueryHelper queryHelper, string pattern)
         {
+            if(pattern == null)
+            {
+                throw new ArgumentNullException(paramName: nameof(pattern));
+            }
+
+            if (queryHelper == null)
+            {
+                throw new ArgumentNullException(paramName: nameof(queryHelper));
+            }
+
             // convert file pattern if it is not '*'. Don't create restriction for '*' as it includes all files.
             if (pattern != "*")
             {
-                pattern = pattern.Replace("*", "%");
-                pattern = pattern.Replace("?", "_");
+                pattern = pattern.Replace("*", "%", StringComparison.InvariantCulture);
+                pattern = pattern.Replace("?", "_", StringComparison.InvariantCulture);
 
-                if (pattern.Contains("%") || pattern.Contains("_"))
+                if (pattern.Contains("%", StringComparison.InvariantCulture) || pattern.Contains("_", StringComparison.InvariantCulture))
                 {
                     queryHelper.QueryWhereRestrictions += " AND System.FileName LIKE '" + pattern + "' ";
                 }
@@ -76,7 +90,7 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
             }
         }
 
-        public void InitQueryHelper(out ISearchQueryHelper queryHelper, int maxCount)
+        public static void InitQueryHelper(out ISearchQueryHelper queryHelper, int maxCount)
         {
             // This uses the Microsoft.Search.Interop assembly
             CSearchManager manager = new CSearchManager();