Merge pull request #16861 from michaelnebel/modelgen/sourcesinklift

C#/Java: Do not lift source and sink models.

java/ql/src/utils/modelgenerator/internal/CaptureModels.qll

@@ -38,7 +38,9 @@ class DataFlowSourceTargetApi = SourceTargetApi;
 class DataFlowSinkTargetApi = SinkTargetApi;
 
 private module ModelPrintingInput implements ModelPrintingSig {
-  class Api = TargetApiBase;
+  class SummaryApi = DataFlowSummaryTargetApi;
+
+  class SourceOrSinkApi = SourceOrSinkTargetApi;
 
   string getProvenance() { result = "df-generated" }
 }

java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll

@@ -83,25 +83,25 @@ predicate isUninterestingForDataFlowModels(Callable api) {
 }
 
 /**
- * A class of callables that are potentially relevant for generating summary and
- * neutral models.
+ * A class of callables that are potentially relevant for generating source or
+ * sink models.
  */
-class SummaryTargetApi extends TargetApiBase {
-  SummaryTargetApi() { not hasManualSummaryModel(this.lift()) }
+class SourceOrSinkTargetApi extends Callable {
+  SourceOrSinkTargetApi() { relevant(this) }
 }
 
 /**
  * A class of callables that are potentially relevant for generating sink models.
  */
-class SinkTargetApi extends TargetApiBase {
-  SinkTargetApi() { not hasManualSinkModel(this.lift()) }
+class SinkTargetApi extends SourceOrSinkTargetApi {
+  SinkTargetApi() { not hasManualSinkModel(this) }
 }
 
 /**
  * A class of callables that are potentially relevant for generating source models.
  */
-class SourceTargetApi extends TargetApiBase {
-  SourceTargetApi() { not hasManualSourceModel(this.lift()) }
+class SourceTargetApi extends SourceOrSinkTargetApi {
+  SourceTargetApi() { not hasManualSourceModel(this) }
 }
 
 /**
@@ -112,16 +112,19 @@ class SourceTargetApi extends TargetApiBase {
 predicate isUninterestingForTypeBasedFlowModels(Callable api) { none() }
 
 /**
- * A class of callables that are potentially relevant for generating summary, source, sink
- * and neutral models.
+ * A class of callables that are potentially relevant for generating summary or
+ * neutral models.
  *
  * In the Standard library and 3rd party libraries it is the callables (or callables that have a
  * super implementation) that can be called from outside the library itself.
  */
-class TargetApiBase extends Callable {
+class SummaryTargetApi extends Callable {
   private Callable lift;
 
-  TargetApiBase() { lift = liftedImpl(this) }
+  SummaryTargetApi() {
+    lift = liftedImpl(this) and
+    not hasManualSummaryModel(lift)
+  }
 
   /**
    * Gets the callable that a model will be lifted to.

java/ql/src/utils/modelgenerator/internal/CaptureTypeBasedSummaryModels.qll

@@ -284,7 +284,9 @@ private predicate output(Callable callable, TypeVariable tv, string output) {
 }
 
 module ModelPrintingInput implements ModelPrintingSig {
-  class Api = TypeBasedFlowTargetApi;
+  class SummaryApi = TypeBasedFlowTargetApi;
+
+  class SourceOrSinkApi = Specific::SourceOrSinkTargetApi;
 
   string getProvenance() { result = "tb-generated" }
 }

java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.ext.yml

@@ -5,6 +5,7 @@ extensions:
       extensible: sinkModel
     data:
       - [ "p", "Sinks", False, "sink", "(Object)", "", "Argument[0]", "test-sink", "manual" ]
+      - [ "p", "Sinks", False, "sink2", "(Object)", "", "Argument[0]", "test-sink2", "manual" ]
       - [ "p", "Sinks", False, "manualSinkAlreadyDefined", "(Object)", "", "Argument[0]", "test-sink", "manual" ]
 
   - addsTo:

java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.ext.yml

@@ -5,6 +5,7 @@ extensions:
       extensible: sourceModel
     data:
       - [ "p", "Sources", False, "source", "()", "", "ReturnValue", "test-source", "manual" ]
+      - [ "p", "Sources", False, "source2", "()", "", "ReturnValue", "test-source2", "manual" ]
       - [ "p", "Sources", False, "manualSourceAlreadyDefined", "()", "", "ReturnValue", "test-source", "manual" ]
 
   - addsTo:

java/ql/test/utils/modelgenerator/dataflow/p/ImplOfExternalSPI.java

@@ -6,7 +6,7 @@ import java.nio.file.Files;
 
 public class ImplOfExternalSPI extends AbstractImplOfExternalSPI {
 
-  // sink=p;AbstractImplOfExternalSPI;true;accept;(File);;Argument[0];path-injection;df-generated
+  // sink=p;ImplOfExternalSPI;true;accept;(File);;Argument[0];path-injection;df-generated
   // neutral=p;ImplOfExternalSPI;accept;(File);summary;df-generated
   @Override
   public boolean accept(File pathname) {

java/ql/test/utils/modelgenerator/dataflow/p/PrivateFlowViaPublicInterface.java

@@ -29,7 +29,6 @@ public class PrivateFlowViaPublicInterface {
     }
 
     // summary=p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated
-    // sink=p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];path-injection;df-generated
     @Override
     public OutputStream openStream() throws IOException {
       return new FileOutputStream(file);

java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java

@@ -17,6 +17,10 @@ public class Sinks {
   // neutral=p;Sinks;sink;(Object);summary;df-generated
   public void sink(Object o) {}
 
+  // Defined as a sink in the model file next to the test.
+  // neutral=p;Sinks;sink2;(Object);summary;df-generated
+  public void sink2(Object o) {}
+
   // sink=p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];path-injection;df-generated
   // sink=p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];path-injection;df-generated
   // neutral=p;Sinks;copyFileToDirectory;(Path,Path,CopyOption[]);summary;df-generated
@@ -77,4 +81,27 @@ public class Sinks {
   public void manualSinkAlreadyDefined(Object o) {
     sink(o);
   }
+
+  public abstract class DataWriter {
+    // neutral=p;Sinks$DataWriter;write;(String);summary;df-generated
+    public abstract void write(String s);
+  }
+
+  public class DataWriterKind1 extends DataWriter {
+    // sink=p;Sinks$DataWriterKind1;true;write;(String);;Argument[0];test-sink;df-generated
+    // neutral=p;Sinks$DataWriterKind1;write;(String);summary;df-generated
+    @Override
+    public void write(String s) {
+      sink(s);
+    }
+  }
+
+  public class DataWriterKind2 extends DataWriter {
+    // sink=p;Sinks$DataWriterKind2;true;write;(String);;Argument[0];test-sink2;df-generated
+    // neutral=p;Sinks$DataWriterKind2;write;(String);summary;df-generated
+    @Override
+    public void write(String s) {
+      sink2(s);
+    }
+  }
 }

java/ql/test/utils/modelgenerator/dataflow/p/Sources.java

@@ -14,6 +14,12 @@ public class Sources {
     return "";
   }
 
+  // Defined as a source in the model file next to the test.
+  // neutral=p;Sources;source2;();summary;df-generated
+  public String source2() {
+    return "";
+  }
+
   // source=p;Sources;true;readUrl;(URL);;ReturnValue;remote;df-generated
   // sink=p;Sources;true;readUrl;(URL);;Argument[0];request-forgery;df-generated
   // neutral=p;Sources;readUrl;(URL);summary;df-generated
@@ -79,4 +85,27 @@ public class Sources {
   public String manualSourceAlreadyDefined() {
     return source();
   }
+
+  public abstract class DataReader {
+    // neutral=p;Sources$DataReader;read;();summary;df-generated
+    public abstract String read();
+  }
+
+  public class DataReaderKind1 extends DataReader {
+    // source=p;Sources$DataReaderKind1;true;read;();;ReturnValue;test-source;df-generated
+    // neutral=p;Sources$DataReaderKind1;read;();summary;df-generated
+    @Override
+    public String read() {
+      return source();
+    }
+  }
+
+  public class DataReaderKind2 extends DataReader {
+    // source=p;Sources$DataReaderKind2;true;read;();;ReturnValue;test-source2;df-generated
+    // neutral=p;Sources$DataReaderKind2;read;();summary;df-generated
+    @Override
+    public String read() {
+      return source2();
+    }
+  }
 }