Enabling static analysis on indexer plugin and fixing errors (#5220)

* Enabling code analysis, and treating warnings as errors * Error CA1724 The type name Settings conflicts in whole or in part with the namespace name 'Microsoft.PowerToys.Settings'. Change either name to eliminate the conflict. Microsoft.Plugin.Indexer C:\repos\powertoys\src\modules\launcher\Plugins\Microsoft.Plugin.Indexer\Settings.cs 9 Active * Removing keyword "Interface" from namespace to fix fxcop warnings * Fixing static analysis warnings on ContextMenuLoader * Fixing general exception warnings for static analysis * Fixing public list variables, non static methods, and general exception warning * Implementing IDisposable on OleDBSearch although in practice these objects were already being disposed. Also Validated we were not using user input directly for sql strings. * Removing VS generated comments from dispose methods as per PR feedback. * Setting translated text to use current culture as per PR feedback. * Explicity specifying 'internal' access modifier for Indexer 'Main' class, as per PR feedback * Updating to FxCop 3.0.0
2026-04-08 20:27:36 +02:00 · 2020-07-30 16:39:47 -07:00
parent aa8c31e79b
commit 8f17f7297d
12 changed files with 287 additions and 215 deletions
--- a/src/modules/launcher/Plugins/Microsoft.Plugin.Indexer/SearchHelper/OleDBSearch.cs
+++ b/src/modules/launcher/Plugins/Microsoft.Plugin.Indexer/SearchHelper/OleDBSearch.cs
@@ -1,16 +1,19 @@
-using Microsoft.Plugin.Indexer.Interface;
-using System;
+using System;
 using System.Collections.Generic;
 using System.Data.OleDb;

 namespace Microsoft.Plugin.Indexer.SearchHelper
 {
-    public class OleDBSearch : ISearch
+    public class OleDBSearch : ISearch, IDisposable
    {
        private OleDbCommand command;
        private OleDbConnection conn;
-        private OleDbDataReader WDSResults;
-
+        private OleDbDataReader WDSResults;
+        private bool disposedValue;
+
+        [System.Diagnostics.CodeAnalysis.SuppressMessage("Security", "CA2100:Review SQL queries for security vulnerabilities", 
+            Justification = "sqlQuery does not come from user input but is generated via the ISearchQueryHelper::GenerateSqlFromUserQuery " +
+            " see: https://docs.microsoft.com/en-us/windows/win32/search/-search-3x-wds-qryidx-searchqueryhelper#using-the-generatesqlfromuserquery-method")]
        public List<OleDBResult> Query(string connectionString, string sqlQuery)
        {
            List<OleDBResult> result = new List<OleDBResult>();
@@ -75,6 +78,37 @@ namespace Microsoft.Plugin.Indexer.SearchHelper
            }

            return commandDisposed && resultDisposed && connDisposed;
-        }
+        }
+
+        protected virtual void Dispose(bool disposing)
+        {
+            if (!disposedValue)
+            {
+                if (disposing)
+                {
+                    command?.Dispose();
+                    conn?.Dispose();
+                    WDSResults?.Dispose();
+                }
+
+                // TODO: free unmanaged resources (unmanaged objects) and override finalizer
+                // TODO: set large fields to null
+                disposedValue = true;
+            }
+        }
+
+        // // TODO: override finalizer only if 'Dispose(bool disposing)' has code to free unmanaged resources
+        // ~OleDBSearch()
+        // {
+        //     // Do not change this code. Put cleanup code in 'Dispose(bool disposing)' method
+        //     Dispose(disposing: false);
+        // }
+
+        public void Dispose()
+        {
+            // Do not change this code. Put cleanup code in 'Dispose(bool disposing)' method
+            Dispose(disposing: true);
+            GC.SuppressFinalize(this);
+        }
    }
 }