Searching all execution paths of a codebase to see where "Int.TryParse" is called

Question

I have a system which reads strings from the parameters of a GET request, then parses and sends the data along through a very large and complex codebase, which I can't reasonably wrap my head around. These parameters were originally generated from integers at the client, so at it would have been valid to parse these string parameters into ints, since the business rules guaranteed this.

The client has been changed to build URLs with strings and ints for GET parameters.

Can anyone suggest a method for browsing through all execution paths of a code base and finding out if these string parameters are ever parsed to ints? Would this be an appropriate application for reflection? Although I know there probably is no bullet proof way to do this, solutions that cover the majority of cases would be wonderful.

I am programming VB.NET/C# and .NET4

Answer 1

There may be other ways of doing this, but NDepend can tackle this and has a trial version to get you going. It has a very powerful Code Query Language which can be used to run sql-like queries against compiled code. From my limited experience, it sounds very suitable to your issue as you can query for code-execution paths and get a graphical representation.

You can start with:

SELECT METHODS WHERE 
DepthOfIsUsing "System.Int32.TryParse(String,Int32&)" >= 0 
ORDER BY DepthOfIsUsing

Executing this query against your assemblies will return all methods that directly and (in your case more importantly) indirectly use "TryParse". This in effect will give you information on those methods which directly use "TryParse" and methods which call these methods, and methods which call those methods, and so on.

After running this query in NDepend, you can right-click on the results "n Methods matched" header and select from the context menu "Export n methods matched to Graph". This will give you a graphical representation of all the call trees that end in "TryParse".

So for the following code:

using System;

namespace Scratch
{
    public class Program
    {
        private static void Main()
        {
            new Test2().DoSomething2("hello");
            new Test4().DoSomething4("world");
        }
    }

    public class Test2
    {
        public void DoSomething2(string s)
        {
            new Test3().DoSomething3(s);
        }
    }

    public class Test3
    {
        public void DoSomething3(string s)
        {
            int i;
            Console.WriteLine(int.TryParse(s, out i));
        }
    }

    public class Test4
    {
        public void DoSomething4(string s)
        {
            int i;
            Console.WriteLine(int.TryParse(s, out i));
        }
    }
}

The query results are:

And the generated graph is:

Answer 2

If you can execute your appliation with a test GET request in Runtime Flow, it can find you all Int.TryParse methods executed. Also, if you provide rather unique string for the request, you can find all usages of this string as a parameter or return value.