QL: Merge pull request #114 from github/erik-krogh/consistency

fix the signature of regexpCapture and regexpFind

ql/consistency-queries/BuildinsConsistency.ql

@@ -0,0 +1 @@
+import codeql_ql.ast.internal.Builtins::BuildinsConsistency

ql/src/codeql_ql/ast/Ast.qll

@@ -201,7 +201,7 @@ class PredicateOrBuiltin extends TPredOrBuiltin, AstNode {
 
   Type getReturnType() { none() }
 
-  int getArity() { result = count(this.getParameterType(_)) }
+  int getArity() { result = count(int i | exists(this.getParameterType(i))) }
 
   predicate isPrivate() { none() }
 }

ql/src/codeql_ql/ast/internal/Builtins.qll

@@ -35,8 +35,8 @@ predicate isBuiltinMember(string sig) {
       "string int.toString()", "string string.charAt(int)", "int string.indexOf(string)",
       "int string.indexOf(string, int, int)", "predicate string.isLowercase()",
       "predicate string.isUppercase()", "int string.length()", "predicate string.matches(string)",
-      "string string.prefix(int)", "string regexpCapture(string, int)",
-      "string regexpFind(string, int, int)", "predicate string.regexpMatch(string)",
+      "string string.prefix(int)", "string string.regexpCapture(string, int)",
+      "string string.regexpFind(string, int, int)", "predicate string.regexpMatch(string)",
       "string string.regexpReplaceAll(string, string)", "string string.replaceAll(string, string)",
       "string string.splitAt(string)", "string string.splitAt(string, int)",
       "string string.substring(int, int)", "string string.suffix(int)", "date string.toDate()",
@@ -58,6 +58,18 @@ predicate isBuiltinMember(string qual, string ret, string name, string args) {
   )
 }
 
+module BuildinsConsistency {
+  query predicate noBuildinParse(string sig) {
+    isBuiltinMember(sig) and
+    not exists(sig.regexpCapture("(\\w+) (\\w+)\\.(\\w+)\\(([\\w, ]*)\\)", _))
+  }
+
+  query predicate noBuildinClasslessParse(string sig) {
+    isBuiltinClassless(sig) and
+    not exists(sig.regexpCapture("(\\w+) (\\w+)\\(([\\w, ]*)\\)", _))
+  }
+}
+
 bindingset[args]
 string getArgType(string args, int i) { result = args.splitAt(",", i).trim() }
 

ql/test/callgraph/Foo.qll

@@ -31,3 +31,9 @@ module Aliases {
     alias0() // <- works
   }
 }
+
+module Buildins {
+  predicate replaceAll(string s) { "foo".replaceAll("foo", "bar") = s }
+
+  predicate regexpCapture(string s) { "foo".regexpCapture("\\w", 1) = s }
+}

ql/test/callgraph/callgraph.expected

@@ -6,3 +6,5 @@
 | Foo.qll:29:5:29:16 | PredicateCall | Foo.qll:26:3:26:32 | ClasslessPredicate alias2 |
 | Foo.qll:31:5:31:12 | PredicateCall | Foo.qll:22:3:22:32 | ClasslessPredicate myThing0 |
 | Foo.qll:31:5:31:12 | PredicateCall | Foo.qll:24:3:24:32 | ClasslessPredicate alias0 |
+| Foo.qll:36:36:36:65 | MemberCall | file://:0:0:0:0 | replaceAll |
+| Foo.qll:38:39:38:67 | MemberCall | file://:0:0:0:0 | regexpCapture |

ql/test/printAst/printAst.expected

@@ -220,6 +220,8 @@ nodes
 | file://:0:0:0:0 | none | semmle.label | [BuiltinPredicate] none |
 | file://:0:0:0:0 | pow | semmle.label | [BuiltinPredicate] pow |
 | file://:0:0:0:0 | prefix | semmle.label | [BuiltinPredicate] prefix |
+| file://:0:0:0:0 | regexpCapture | semmle.label | [BuiltinPredicate] regexpCapture |
+| file://:0:0:0:0 | regexpFind | semmle.label | [BuiltinPredicate] regexpFind |
 | file://:0:0:0:0 | regexpMatch | semmle.label | [BuiltinPredicate] regexpMatch |
 | file://:0:0:0:0 | regexpReplaceAll | semmle.label | [BuiltinPredicate] regexpReplaceAll |
 | file://:0:0:0:0 | replaceAll | semmle.label | [BuiltinPredicate] replaceAll |