hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7245 from erik-krogh/explicit-this-all-the-places

Browse Source 
All langs: apply the explicit-this patch to all remaining code
This commit is contained in:
Erik Krogh Kristensen
2021-12-07 10:40:26 +01:00
committed by GitHub
parent 4e68a4670b 74158f1e3a
commit 3c59aa319e
103 changed files with 478 additions and 450 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/semmle/code/java/Expr.qll
View File

@@ -1275,7 +1275,7 @@ class MemberRefExpr extends FunctionalExpr, @memberref {
*/
RefType getReceiverType() {
exists(Stmt stmt, Expr resultExpr |
stmt = asMethod().getBody().(SingletonBlock).getStmt() and
stmt = this.asMethod().getBody().(SingletonBlock).getStmt() and
(
resultExpr = stmt.(ReturnStmt).getResult()
or

4
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll
View File

@@ -258,9 +258,9 @@ module Public {
/** Gets the field corresponding to this node. */
Field getField() { this = TFieldValueNode(result) }
override string toString() { result = getField().toString() }
override string toString() { result = this.getField().toString() }
override Location getLocation() { result = getField().getLocation() }
override Location getLocation() { result = this.getField().getLocation() }
}
/**

12
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
View File

@@ -231,18 +231,18 @@ class DataFlowCallable extends TDataFlowCallable {
Field asFieldScope() { this = TFieldScope(result) }
RefType getDeclaringType() {
result = asCallable().getDeclaringType() or
result = asFieldScope().getDeclaringType()
result = this.asCallable().getDeclaringType() or
result = this.asFieldScope().getDeclaringType()
}
string toString() {
result = asCallable().toString() or
result = "Field scope: " + asFieldScope().toString()
result = this.asCallable().toString() or
result = "Field scope: " + this.asFieldScope().toString()
}
Location getLocation() {
result = asCallable().getLocation() or
result = asFieldScope().getLocation()
result = this.asCallable().getLocation() or
result = this.asFieldScope().getLocation()
}
}

6
java/ql/src/AlertSuppression.ql
View File

@@ -18,9 +18,9 @@ class SuppressionComment extends Javadoc {
(
isEolComment(this)
or
isNormalComment(this) and exists(int line | hasLocationInfo(_, line, _, line, _))
isNormalComment(this) and exists(int line | this.hasLocationInfo(_, line, _, line, _))
) and
exists(string text | text = getChild(0).getText() |
exists(string text | text = this.getChild(0).getText() |
// match `lgtm[...]` anywhere in the comment
annotation = text.regexpFind("(?i)\\blgtm\\s*\\[[^\\]]*\\]", _, _)
or
@@ -32,7 +32,7 @@ class SuppressionComment extends Javadoc {
/**
* Gets the text of this suppression comment.
*/
string getText() { result = getChild(0).getText() }
string getText() { result = this.getChild(0).getText() }
/** Gets the suppression annotation in this comment. */
string getAnnotation() { result = annotation }

17
java/ql/src/AlertSuppressionAnnotations.ql
View File

@@ -33,8 +33,11 @@ class SuppressionAnnotation extends SuppressWarningsAnnotation {
string getText() { result = text }
private Annotation getASiblingAnnotation() {
result = getAnnotatedElement().(Annotatable).getAnAnnotation() and
(getAnnotatedElement() instanceof Callable or getAnnotatedElement() instanceof RefType)
result = this.getAnnotatedElement().(Annotatable).getAnAnnotation() and
(
this.getAnnotatedElement() instanceof Callable or
this.getAnnotatedElement() instanceof RefType
)
}
private Annotation firstAnnotation() {
@@ -50,11 +53,13 @@ class SuppressionAnnotation extends SuppressWarningsAnnotation {
* to column `endcolumn` of line `endline` in file `filepath`.
*/
predicate covers(string filepath, int startline, int startcolumn, int endline, int endcolumn) {
if firstAnnotation().hasLocationInfo(filepath, _, _, _, _)
if this.firstAnnotation().hasLocationInfo(filepath, _, _, _, _)
then
getAnnotatedElement().hasLocationInfo(filepath, _, _, endline, endcolumn) and
firstAnnotation().hasLocationInfo(filepath, startline, startcolumn, _, _)
else getAnnotatedElement().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
this.getAnnotatedElement().hasLocationInfo(filepath, _, _, endline, endcolumn) and
this.firstAnnotation().hasLocationInfo(filepath, startline, startcolumn, _, _)
else
this.getAnnotatedElement()
.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
}
/** Gets the scope of this suppression. */

2
java/ql/src/Compatibility/JDK9/JdkInternalAccess.ql
View File

@@ -59,7 +59,7 @@ abstract class JdkInternalAccess extends Element {
class JdkInternalTypeAccess extends JdkInternalAccess, TypeAccess {
JdkInternalTypeAccess() { jdkInternalApi(this.getType().(RefType).getPackage().getName()) }
override string getAccessedApi() { result = getType().(RefType).getQualifiedName() }
override string getAccessedApi() { result = this.getType().(RefType).getQualifiedName() }
override string getReplacement() {
exists(RefType t | this.getType() = t |

10
java/ql/src/Likely Bugs/Collections/ContainsTypeMismatch.ql
View File

@@ -98,14 +98,14 @@ predicate containerAccess(string package, string type, int p, string signature,
class MismatchedContainerAccess extends MethodAccess {
MismatchedContainerAccess() {
exists(string package, string type, int i |
containerAccess(package, type, _, getCallee().getSignature(), i)
containerAccess(package, type, _, this.getCallee().getSignature(), i)
|
getCallee()
this.getCallee()
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName(package, type) and
getCallee().getParameter(i).getType() instanceof TypeObject
this.getCallee().getParameter(i).getType() instanceof TypeObject
)
}
@@ -115,9 +115,9 @@ class MismatchedContainerAccess extends MethodAccess {
*/
RefType getReceiverElementType(int i) {
exists(RefType t, GenericType g, string package, string type, int p |
containerAccess(package, type, p, getCallee().getSignature(), i)
containerAccess(package, type, p, this.getCallee().getSignature(), i)
|
t = getCallee().getDeclaringType() and
t = this.getCallee().getDeclaringType() and
t.getASupertype*().getSourceDeclaration() = g and
g.hasQualifiedName(package, type) and
indirectlyInstantiates(t, g, p, result)

10
java/ql/src/Likely Bugs/Collections/RemoveTypeMismatch.ql
View File

@@ -68,14 +68,14 @@ predicate containerModification(string package, string type, int p, string signa
class MismatchedContainerModification extends MethodAccess {
MismatchedContainerModification() {
exists(string package, string type, int i |
containerModification(package, type, _, getCallee().getSignature(), i)
containerModification(package, type, _, this.getCallee().getSignature(), i)
|
getCallee()
this.getCallee()
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName(package, type) and
getCallee().getParameter(i).getType() instanceof TypeObject
this.getCallee().getParameter(i).getType() instanceof TypeObject
)
}
@@ -85,9 +85,9 @@ class MismatchedContainerModification extends MethodAccess {
*/
RefType getReceiverElementType(int i) {
exists(RefType t, GenericType g, string package, string type, int p |
containerModification(package, type, p, getCallee().getSignature(), i)
containerModification(package, type, p, this.getCallee().getSignature(), i)
|
t = getCallee().getDeclaringType() and
t = this.getCallee().getDeclaringType() and
t.getASupertype*().getSourceDeclaration() = g and
g.hasQualifiedName(package, type) and
indirectlyInstantiates(t, g, p, result)

2
java/ql/src/Likely Bugs/Comparison/InconsistentCompareTo.ql
View File

@@ -35,7 +35,7 @@ class CompareToMethod extends Method {
// To implement `Comparable<T>.compareTo`, the parameter must either have type `T` or `Object`.
exists(RefType typeArg, Type firstParamType |
implementsComparableOn(this.getDeclaringType(), typeArg) and
firstParamType = getParameter(0).getType() and
firstParamType = this.getParameter(0).getType() and
(firstParamType = typeArg or firstParamType instanceof TypeObject)
)
}

6
java/ql/src/Likely Bugs/Concurrency/LazyInitStaticField.ql
View File

@@ -28,12 +28,12 @@ class StaticFieldInit extends AssignExpr {
IfStmt getAnEnclosingNullCheck() {
result.getThen().getAChild*() = this.getEnclosingStmt() and
result.getCondition().(NullEQExpr).getAChildExpr() = getField().getAnAccess()
result.getCondition().(NullEQExpr).getAChildExpr() = this.getField().getAnAccess()
}
IfStmt getNearestNullCheck() {
result = getAnEnclosingNullCheck() and
not result.getAChild+() = getAnEnclosingNullCheck()
result = this.getAnEnclosingNullCheck() and
not result.getAChild+() = this.getAnEnclosingNullCheck()
}
}

2
java/ql/src/Likely Bugs/Likely Typos/StringBufferCharInit.ql
View File

@@ -13,7 +13,7 @@
import java
class NewStringBufferOrBuilder extends ClassInstanceExpr {
NewStringBufferOrBuilder() { getConstructedType() instanceof StringBuildingType }
NewStringBufferOrBuilder() { this.getConstructedType() instanceof StringBuildingType }
string getName() { result = this.getConstructedType().getName() }
}

8
java/ql/src/Metrics/Internal/Extents.qll
View File

@@ -25,7 +25,7 @@ class RangeCallable extends Callable {
or
not exists(this.getBody()) and
(
lastParameter().hasLocationInfo(path, _, _, el, ec)
this.lastParameter().hasLocationInfo(path, _, _, el, ec)
or
not exists(this.getAParameter()) and el = elSuper and ec = ecSuper
)
@@ -33,8 +33,8 @@ class RangeCallable extends Callable {
}
private Parameter lastParameter() {
result = getAParameter() and
not getAParameter().getPosition() > result.getPosition()
result = this.getAParameter() and
not this.getAParameter().getPosition() > result.getPosition()
}
}
@@ -45,7 +45,7 @@ class RangeCallable extends Callable {
class RangeRefType extends RefType {
override predicate hasLocationInfo(string path, int sl, int sc, int el, int ec) {
exists(int elSuper, int ecSuper | super.hasLocationInfo(path, sl, sc, elSuper, ecSuper) |
lastMember().hasLocationInfo(path, _, _, el, ec)
this.lastMember().hasLocationInfo(path, _, _, el, ec)
or
not exists(this.getAMember()) and el = elSuper and ec = ecSuper
)

6
java/ql/src/Security/CWE/CWE-129/ArraySizing.qll
View File

@@ -42,7 +42,7 @@ private predicate arrayIndexOutOfBoundExceptionCaught(ArrayAccess arrayAccess) {
*/
class PointlessLoop extends WhileStmt {
PointlessLoop() {
getCondition().(BooleanLiteral).getBooleanValue() = true and
this.getCondition().(BooleanLiteral).getBooleanValue() = true and
// The only `break` must be the last statement.
forall(BreakStmt break | break.(JumpStmt).getTarget() = this |
this.getStmt().(BlockStmt).getLastStmt() = break
@@ -65,7 +65,7 @@ class CheckableArrayAccess extends ArrayAccess {
// Array accesses within loops can make it difficult to verify whether the index is checked
// prior to access. Ignore "pointless" loops of the sort found in Juliet test cases.
not exists(LoopStmt loop |
loop.getBody().getAChild*() = getEnclosingStmt() and
loop.getBody().getAChild*() = this.getEnclosingStmt() and
not loop instanceof PointlessLoop
) and
// The possible exception is not caught
@@ -76,7 +76,7 @@ class CheckableArrayAccess extends ArrayAccess {
* Holds if we believe this indexing expression can throw an `ArrayIndexOutOfBoundsException`.
*/
predicate canThrowOutOfBounds(Expr index) {
index = getIndexExpr() and
index = this.getIndexExpr() and
not (
// There is a condition dominating this expression ensuring that the index is >= 0.
lowerBound(index) >= 0 and

6
java/ql/src/Security/CWE/CWE-190/ArithmeticWithExtremeValues.ql
View File

@@ -19,7 +19,7 @@ import ArithmeticCommon
import DataFlow::PathGraph
abstract class ExtremeValueField extends Field {
ExtremeValueField() { getType() instanceof IntegralType }
ExtremeValueField() { this.getType() instanceof IntegralType }
}
class MinValueField extends ExtremeValueField {
@@ -43,7 +43,7 @@ class MaxValueFlowConfig extends DataFlow::Configuration {
override predicate isSink(DataFlow::Node sink) { overflowSink(_, sink.asExpr()) }
override predicate isBarrierIn(DataFlow::Node n) { isSource(n) }
override predicate isBarrierIn(DataFlow::Node n) { this.isSource(n) }
override predicate isBarrier(DataFlow::Node n) { overflowBarrier(n) }
}
@@ -57,7 +57,7 @@ class MinValueFlowConfig extends DataFlow::Configuration {
override predicate isSink(DataFlow::Node sink) { underflowSink(_, sink.asExpr()) }
override predicate isBarrierIn(DataFlow::Node n) { isSource(n) }
override predicate isBarrierIn(DataFlow::Node n) { this.isSource(n) }
override predicate isBarrier(DataFlow::Node n) { underflowBarrier(n) }
}

4
java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql
View File

@@ -23,11 +23,11 @@ import semmle.code.java.security.InformationLeak
*/
class PrintStackTraceMethod extends Method {
PrintStackTraceMethod() {
getDeclaringType()
this.getDeclaringType()
.getSourceDeclaration()
.getASourceSupertype*()
.hasQualifiedName("java.lang", "Throwable") and
getName() = "printStackTrace"
this.getName() = "printStackTrace"
}
}

6
java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql
View File

@@ -18,14 +18,14 @@ import semmle.code.java.dispatch.VirtualDispatch
import PathGraph
private class ShortStringLiteral extends StringLiteral {
ShortStringLiteral() { getValue().length() < 100 }
ShortStringLiteral() { this.getValue().length() < 100 }
}
class InsecureAlgoLiteral extends ShortStringLiteral {
InsecureAlgoLiteral() {
// Algorithm identifiers should be at least two characters.
getValue().length() > 1 and
exists(string s | s = getValue() |
this.getValue().length() > 1 and
exists(string s | s = this.getValue() |
not s.regexpMatch(getSecureAlgorithmRegex()) and
// Exclude results covered by another query.
not s.regexpMatch(getInsecureAlgorithmRegex())

2
java/ql/src/Security/CWE/CWE-338/JHipsterGeneratedPRNG.ql
View File

@@ -30,7 +30,7 @@ private class PredictableApacheRandomStringUtilsMethodAccess extends MethodAcces
private class VulnerableJHipsterRandomUtilClass extends Class {
VulnerableJHipsterRandomUtilClass() {
// The package name that JHipster generated the 'RandomUtil' class in was dynamic. Thus 'hasQualifiedName' can not be used here.
getName() = "RandomUtil"
this.getName() = "RandomUtil"
}
}

4
java/ql/src/Security/CWE/CWE-807/TaintedPermissionsCheck.ql
View File

@@ -41,7 +41,7 @@ class PermissionsCheckMethodAccess extends MethodAccess, PermissionsConstruction
)
}
override Expr getInput() { result = getArgument(0) }
override Expr getInput() { result = this.getArgument(0) }
}
class WCPermissionConstruction extends ClassInstanceExpr, PermissionsConstruction {
@@ -49,7 +49,7 @@ class WCPermissionConstruction extends ClassInstanceExpr, PermissionsConstructio
this.getConstructor().getDeclaringType() instanceof TypeShiroWCPermission
}
override Expr getInput() { result = getArgument(0) }
override Expr getInput() { result = this.getArgument(0) }
}
class TaintedPermissionsCheckFlowConfig extends TaintTracking::Configuration {

2
java/ql/src/Security/CWE/CWE-833/LockOrderInconsistency.ql
View File

@@ -15,7 +15,7 @@ import java
/** A variable of type `ReentrantLock`. */
class LockVariable extends Variable {
LockVariable() {
getType().(RefType).hasQualifiedName("java.util.concurrent.locks", "ReentrantLock")
this.getType().(RefType).hasQualifiedName("java.util.concurrent.locks", "ReentrantLock")
}
/** An access to method `lock` on this variable. */

12
java/ql/src/Telemetry/ExternalAPI.qll
View File

@@ -16,7 +16,7 @@ class ExternalAPI extends Callable {
ExternalAPI() { not this.fromSource() }
/** Holds if this API is not worth supporting */
predicate isUninteresting() { isTestLibrary() or isParameterlessConstructor() }
predicate isUninteresting() { this.isTestLibrary() or this.isParameterlessConstructor() }
/** Holds if this API is is a constructor without parameters */
predicate isParameterlessConstructor() {
@@ -24,7 +24,7 @@ class ExternalAPI extends Callable {
}
/** Holds if this API is part of a common testing library or framework */
private predicate isTestLibrary() { getDeclaringType() instanceof TestLibrary }
private predicate isTestLibrary() { this.getDeclaringType() instanceof TestLibrary }
/**
* Gets information about the external API in the form expected by the CSV modeling framework.
@@ -38,7 +38,9 @@ class ExternalAPI extends Callable {
/**
* Gets the jar file containing this API. Normalizes the Java Runtime to "rt.jar" despite the presence of modules.
*/
string jarContainer() { result = containerAsJar(this.getCompilationUnit().getParentContainer*()) }
string jarContainer() {
result = this.containerAsJar(this.getCompilationUnit().getParentContainer*())
}
private string containerAsJar(Container container) {
if container instanceof JarFile then result = container.getBaseName() else result = "rt.jar"
@@ -75,12 +77,12 @@ class ExternalAPI extends Callable {
predicate isSink() { sinkNode(this.getAnInput(), _) }
/** Holds if this API is supported by existing CodeQL libraries, that is, it is either a recognized source or sink or has a flow summary. */
predicate isSupported() { hasSummary() or isSource() or isSink() }
predicate isSupported() { this.hasSummary() or this.isSource() or this.isSink() }
}
private class TestLibrary extends RefType {
TestLibrary() {
getPackage()
this.getPackage()
.getName()
.matches([
"org.junit%", "junit.%", "org.mockito%", "org.assertj%",

6
java/ql/src/Violations of Best Practice/Comments/CommentedCode.qll
View File

@@ -122,9 +122,9 @@ class CommentedOutCode extends JavadocFirst {
}
override predicate hasLocationInfo(string path, int sl, int sc, int el, int ec) {
path = getLocation().getFile().getAbsolutePath() and
sl = getLocation().getStartLine() and
sc = getLocation().getStartColumn() and
path = this.getLocation().getFile().getAbsolutePath() and
sl = this.getLocation().getStartLine() and
sc = this.getLocation().getStartColumn() and
exists(Location end | end = this.getLastSuccessor().getLocation() |
el = end.getEndLine() and
ec = end.getEndColumn()

2
java/ql/src/Violations of Best Practice/Declarations/NoConstantsOnly.ql
View File

@@ -21,7 +21,7 @@ predicate typeWithConstantField(RefType t) { exists(ConstantField f | f.getDecla
class ConstantRefType extends RefType {
ConstantRefType() {
fromSource() and
this.fromSource() and
(
this instanceof Interface
or

34
java/ql/src/experimental/Security/CWE/CWE-016/SpringBootActuators.qll
View File

@@ -42,8 +42,8 @@ class TypeEndpointRequest extends Class {
/** A call to `EndpointRequest.toAnyEndpoint` method. */
class ToAnyEndpointCall extends MethodAccess {
ToAnyEndpointCall() {
getMethod().hasName("toAnyEndpoint") and
getMethod().getDeclaringType() instanceof TypeEndpointRequest
this.getMethod().hasName("toAnyEndpoint") and
this.getMethod().getDeclaringType() instanceof TypeEndpointRequest
}
}
@@ -52,9 +52,9 @@ class ToAnyEndpointCall extends MethodAccess {
*/
class RequestMatcherCall extends MethodAccess {
RequestMatcherCall() {
getMethod().hasName("requestMatcher") and
getMethod().getDeclaringType() instanceof TypeHttpSecurity and
getArgument(0) instanceof ToAnyEndpointCall
this.getMethod().hasName("requestMatcher") and
this.getMethod().getDeclaringType() instanceof TypeHttpSecurity and
this.getArgument(0) instanceof ToAnyEndpointCall
}
}
@@ -64,25 +64,25 @@ class RequestMatcherCall extends MethodAccess {
*/
class RequestMatchersCall extends MethodAccess {
RequestMatchersCall() {
getMethod().hasName("requestMatchers") and
getMethod().getDeclaringType() instanceof TypeHttpSecurity and
getArgument(0).(LambdaExpr).getExprBody() instanceof ToAnyEndpointCall
this.getMethod().hasName("requestMatchers") and
this.getMethod().getDeclaringType() instanceof TypeHttpSecurity and
this.getArgument(0).(LambdaExpr).getExprBody() instanceof ToAnyEndpointCall
}
}
/** A call to `HttpSecurity.authorizeRequests` method. */
class AuthorizeRequestsCall extends MethodAccess {
AuthorizeRequestsCall() {
getMethod().hasName("authorizeRequests") and
getMethod().getDeclaringType() instanceof TypeHttpSecurity
this.getMethod().hasName("authorizeRequests") and
this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
}
}
/** A call to `AuthorizedUrl.permitAll` method. */
class PermitAllCall extends MethodAccess {
PermitAllCall() {
getMethod().hasName("permitAll") and
getMethod().getDeclaringType() instanceof TypeAuthorizedUrl
this.getMethod().hasName("permitAll") and
this.getMethod().getDeclaringType() instanceof TypeAuthorizedUrl
}
/** Holds if `permitAll` is called on request(s) mapped to actuator endpoint(s). */
@@ -137,8 +137,8 @@ class PermitAllCall extends MethodAccess {
/** A call to `AbstractRequestMatcherRegistry.anyRequest` method. */
class AnyRequestCall extends MethodAccess {
AnyRequestCall() {
getMethod().hasName("anyRequest") and
getMethod().getDeclaringType() instanceof TypeAbstractRequestMatcherRegistry
this.getMethod().hasName("anyRequest") and
this.getMethod().getDeclaringType() instanceof TypeAbstractRequestMatcherRegistry
}
}
@@ -148,8 +148,8 @@ class AnyRequestCall extends MethodAccess {
*/
class RegistryRequestMatchersCall extends MethodAccess {
RegistryRequestMatchersCall() {
getMethod().hasName("requestMatchers") and
getMethod().getDeclaringType() instanceof TypeAbstractRequestMatcherRegistry and
getAnArgument() instanceof ToAnyEndpointCall
this.getMethod().hasName("requestMatchers") and
this.getMethod().getDeclaringType() instanceof TypeAbstractRequestMatcherRegistry and
this.getAnArgument() instanceof ToAnyEndpointCall
}
}

12
java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjectionLib.qll
View File

@@ -84,25 +84,25 @@ private class TaintPropagatingCall extends Call {
}
private class JakartaType extends RefType {
JakartaType() { getPackage().hasName(["javax.el", "jakarta.el"]) }
JakartaType() { this.getPackage().hasName(["javax.el", "jakarta.el"]) }
}
private class ELProcessor extends JakartaType {
ELProcessor() { hasName("ELProcessor") }
ELProcessor() { this.hasName("ELProcessor") }
}
private class ExpressionFactory extends JakartaType {
ExpressionFactory() { hasName("ExpressionFactory") }
ExpressionFactory() { this.hasName("ExpressionFactory") }
}
private class ValueExpression extends JakartaType {
ValueExpression() { hasName("ValueExpression") }
ValueExpression() { this.hasName("ValueExpression") }
}
private class MethodExpression extends JakartaType {
MethodExpression() { hasName("MethodExpression") }
MethodExpression() { this.hasName("MethodExpression") }
}
private class LambdaExpression extends JakartaType {
LambdaExpression() { hasName("LambdaExpression") }
LambdaExpression() { this.hasName("LambdaExpression") }
}

6
java/ql/src/experimental/Security/CWE/CWE-094/JythonInjection.ql
View File

@@ -25,7 +25,7 @@ class PythonInterpreter extends RefType {
class InterpretExprMethod extends Method {
InterpretExprMethod() {
this.getDeclaringType().getAnAncestor*() instanceof PythonInterpreter and
getName().matches(["exec%", "run%", "eval", "compile"])
this.getName().matches(["exec%", "run%", "eval", "compile"])
}
}
@@ -46,7 +46,7 @@ predicate runsCode(MethodAccess ma, Expr sink) {
class LoadClassMethod extends Method {
LoadClassMethod() {
this.getDeclaringType().getAnAncestor*() instanceof BytecodeLoader and
hasName(["makeClass", "makeCode"])
this.hasName(["makeClass", "makeCode"])
}
}
@@ -71,7 +71,7 @@ class Py extends RefType {
class PyCompileMethod extends Method {
PyCompileMethod() {
this.getDeclaringType().getAnAncestor*() instanceof Py and
getName().matches("compile%")
this.getName().matches("compile%")
}
}

4
java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql
View File

@@ -15,9 +15,9 @@ import semmle.code.xml.WebXML
private class HttpOnlyConfig extends WebContextParameter {
HttpOnlyConfig() { this.getParamName().getValue() = "useHttpOnly" }
string getParamValueElementValue() { result = getParamValue().getValue() }
string getParamValueElementValue() { result = this.getParamValue().getValue() }
predicate isHTTPOnlySet() { getParamValueElementValue().toLowerCase() = "false" }
predicate isHTTPOnlySet() { this.getParamValueElementValue().toLowerCase() = "false" }
}
from HttpOnlyConfig config

2
java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSource.qll
View File

@@ -47,7 +47,7 @@ class GetContentIntentConfig extends TaintTracking2::Configuration {
or
// Allow the wrapped intent created by Intent.getChooser to be consumed
// by at the sink:
isSink(node) and
this.isSink(node) and
allowIntentExtrasImplicitRead(node, content)
}
}

28
java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll
View File

@@ -22,11 +22,11 @@ abstract private class ProduceCryptoCall extends MethodAccess {
/** A method call that produces a MAC. */
private class ProduceMacCall extends ProduceCryptoCall {
ProduceMacCall() {
getMethod().getDeclaringType().hasQualifiedName("javax.crypto", "Mac") and
this.getMethod().getDeclaringType().hasQualifiedName("javax.crypto", "Mac") and
(
getMethod().hasStringSignature(["doFinal()", "doFinal(byte[])"]) and this = output
this.getMethod().hasStringSignature(["doFinal()", "doFinal(byte[])"]) and this = output
or
getMethod().hasStringSignature("doFinal(byte[], int)") and getArgument(0) = output
this.getMethod().hasStringSignature("doFinal(byte[], int)") and this.getArgument(0) = output
)
}
@@ -36,11 +36,11 @@ private class ProduceMacCall extends ProduceCryptoCall {
/** A method call that produces a signature. */
private class ProduceSignatureCall extends ProduceCryptoCall {
ProduceSignatureCall() {
getMethod().getDeclaringType().hasQualifiedName("java.security", "Signature") and
this.getMethod().getDeclaringType().hasQualifiedName("java.security", "Signature") and
(
getMethod().hasStringSignature("sign()") and this = output
this.getMethod().hasStringSignature("sign()") and this = output
or
getMethod().hasStringSignature("sign(byte[], int, int)") and getArgument(0) = output
this.getMethod().hasStringSignature("sign(byte[], int, int)") and this.getArgument(0) = output
)
}
@@ -79,15 +79,15 @@ private class ProduceCiphertextCall extends ProduceCryptoCall {
m.hasStringSignature(["doFinal()", "doFinal(byte[])", "doFinal(byte[], int, int)"]) and
this = output
or
m.hasStringSignature("doFinal(byte[], int)") and getArgument(0) = output
m.hasStringSignature("doFinal(byte[], int)") and this.getArgument(0) = output
or
m.hasStringSignature([
"doFinal(byte[], int, int, byte[])", "doFinal(byte[], int, int, byte[], int)"
]) and
getArgument(3) = output
this.getArgument(3) = output
or
m.hasStringSignature("doFinal(ByteBuffer, ByteBuffer)") and
getArgument(1) = output
this.getArgument(1) = output
)
) and
exists(InitializeEncryptorConfig config |
@@ -193,18 +193,18 @@ class CryptoOperationSource extends DataFlow::Node {
/** Methods that use a non-constant-time algorithm for comparing inputs. */
private class NonConstantTimeEqualsCall extends MethodAccess {
NonConstantTimeEqualsCall() {
getMethod()
this.getMethod()
.hasQualifiedName("java.lang", "String", ["equals", "contentEquals", "equalsIgnoreCase"]) or
getMethod().hasQualifiedName("java.nio", "ByteBuffer", ["equals", "compareTo"])
this.getMethod().hasQualifiedName("java.nio", "ByteBuffer", ["equals", "compareTo"])
}
}
/** A static method that uses a non-constant-time algorithm for comparing inputs. */
private class NonConstantTimeComparisonCall extends StaticMethodAccess {
NonConstantTimeComparisonCall() {
getMethod().hasQualifiedName("java.util", "Arrays", ["equals", "deepEquals"]) or
getMethod().hasQualifiedName("java.util", "Objects", "deepEquals") or
getMethod()
this.getMethod().hasQualifiedName("java.util", "Arrays", ["equals", "deepEquals"]) or
this.getMethod().hasQualifiedName("java.util", "Objects", "deepEquals") or
this.getMethod()
.hasQualifiedName("org.apache.commons.lang3", "StringUtils",
["equals", "equalsAny", "equalsAnyIgnoreCase", "equalsIgnoreCase"])
}

8
java/ql/src/experimental/Security/CWE/CWE-326/InsufficientKeySize.ql
View File

@@ -21,16 +21,16 @@ class ECGenParameterSpec extends RefType {
/** The `init` method declared in `javax.crypto.KeyGenerator`. */
class KeyGeneratorInitMethod extends Method {
KeyGeneratorInitMethod() {
getDeclaringType() instanceof KeyGenerator and
hasName("init")
this.getDeclaringType() instanceof KeyGenerator and
this.hasName("init")
}
}
/** The `initialize` method declared in `java.security.KeyPairGenerator`. */
class KeyPairGeneratorInitMethod extends Method {
KeyPairGeneratorInitMethod() {
getDeclaringType() instanceof KeyPairGenerator and
hasName("initialize")
this.getDeclaringType() instanceof KeyPairGenerator and
this.hasName("initialize")
}
}

8
java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjectionLib.qll
View File

@@ -61,8 +61,8 @@ class SpringControllerRequestMappingGetMethod extends SpringControllerGetMethod
*/
class JsonpBuilderExpr extends AddExpr {
JsonpBuilderExpr() {
getRightOperand().(CompileTimeConstantExpr).getStringValue().regexpMatch("\\);?") and
getLeftOperand()
this.getRightOperand().(CompileTimeConstantExpr).getStringValue().regexpMatch("\\);?") and
this.getLeftOperand()
.(AddExpr)
.getLeftOperand()
.(AddExpr)
@@ -73,11 +73,11 @@ class JsonpBuilderExpr extends AddExpr {
/** Get the jsonp function name of this expression. */
Expr getFunctionName() {
result = getLeftOperand().(AddExpr).getLeftOperand().(AddExpr).getLeftOperand()
result = this.getLeftOperand().(AddExpr).getLeftOperand().(AddExpr).getLeftOperand()
}
/** Get the json data of this expression. */
Expr getJsonExpr() { result = getLeftOperand().(AddExpr).getRightOperand() }
Expr getJsonExpr() { result = this.getLeftOperand().(AddExpr).getRightOperand() }
}
/** A data flow configuration tracing flow from remote sources to jsonp function name. */

11
java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql
View File

@@ -29,17 +29,20 @@ private class DefaultTomcatServlet extends WebServletClass {
*/
class DirectoryListingInitParam extends WebXMLElement {
DirectoryListingInitParam() {
getName() = "init-param" and
getAChild("param-name").getTextValue() = "listings" and
this.getName() = "init-param" and
this.getAChild("param-name").getTextValue() = "listings" and
exists(WebServlet servlet |
getParent() = servlet and servlet.getAChild("servlet-class") instanceof DefaultTomcatServlet
this.getParent() = servlet and
servlet.getAChild("servlet-class") instanceof DefaultTomcatServlet
)
}
/**
* Check the `<param-value>` element (true - enabled, false - disabled)
*/
predicate isListingEnabled() { getAChild("param-value").getTextValue().toLowerCase() = "true" }
predicate isListingEnabled() {
this.getAChild("param-value").getTextValue().toLowerCase() = "true"
}
}
from DirectoryListingInitParam initp

10
java/ql/src/experimental/Security/CWE/CWE-939/IncorrectURLVerification.ql
View File

@@ -26,8 +26,8 @@ class AndroidRString extends RefType {
*/
class Uri extends RefType {
Uri() {
hasQualifiedName("android.net", "Uri") or
hasQualifiedName("java.net", "URL")
this.hasQualifiedName("android.net", "Uri") or
this.hasQualifiedName("java.net", "URL")
}
}
@@ -36,9 +36,9 @@ class Uri extends RefType {
*/
class UriGetHostMethod extends Method {
UriGetHostMethod() {
getDeclaringType() instanceof Uri and
hasName("getHost") and
getNumberOfParameters() = 0
this.getDeclaringType() instanceof Uri and
this.hasName("getHost") and
this.getNumberOfParameters() = 0
}
}

6
java/ql/src/experimental/semmle/code/xml/StrutsXML.qll
View File

@@ -19,7 +19,7 @@ class StrutsXMLElement extends XMLElement {
/**
* Gets the value for this element, with leading and trailing whitespace trimmed.
*/
string getValue() { result = allCharactersString().trim() }
string getValue() { result = this.allCharactersString().trim() }
}
/**
@@ -31,10 +31,10 @@ class ConstantParameter extends StrutsXMLElement {
/**
* Gets the value of the `name` attribute of this `<constant>`.
*/
string getNameValue() { result = getAttributeValue("name") }
string getNameValue() { result = this.getAttributeValue("name") }
/**
* Gets the value of the `value` attribute of this `<constant>`.
*/
string getValueValue() { result = getAttributeValue("value") }
string getValueValue() { result = this.getAttributeValue("value") }
}

48
java/ql/src/external/Clover.qll vendored
View File

@@ -46,64 +46,66 @@ class CloverMetrics extends XMLElement {
private int attr(string name) { result = this.getAttribute(name).getValue().toInt() }
private float ratio(string name) { result = attr("covered" + name) / attr(name).(float) }
private float ratio(string name) {
result = this.attr("covered" + name) / this.attr(name).(float)
}
/** Gets the value of the `conditionals` attribute. */
int getNumConditionals() { result = attr("conditionals") }
int getNumConditionals() { result = this.attr("conditionals") }
/** Gets the value of the `coveredconditionals` attribute. */
int getNumCoveredConditionals() { result = attr("coveredconditionals") }
int getNumCoveredConditionals() { result = this.attr("coveredconditionals") }
/** Gets the value of the `statements` attribute. */
int getNumStatements() { result = attr("statements") }
int getNumStatements() { result = this.attr("statements") }
/** Gets the value of the `coveredstatements` attribute. */
int getNumCoveredStatements() { result = attr("coveredstatements") }
int getNumCoveredStatements() { result = this.attr("coveredstatements") }
/** Gets the value of the `elements` attribute. */
int getNumElements() { result = attr("elements") }
int getNumElements() { result = this.attr("elements") }
/** Gets the value of the `coveredelements` attribute. */
int getNumCoveredElements() { result = attr("coveredelements") }
int getNumCoveredElements() { result = this.attr("coveredelements") }
/** Gets the value of the `methods` attribute. */
int getNumMethods() { result = attr("methods") }
int getNumMethods() { result = this.attr("methods") }
/** Gets the value of the `coveredmethods` attribute. */
int getNumCoveredMethods() { result = attr("coveredmethods") }
int getNumCoveredMethods() { result = this.attr("coveredmethods") }
/** Gets the value of the `loc` attribute. */
int getNumLoC() { result = attr("loc") }
int getNumLoC() { result = this.attr("loc") }
/** Gets the value of the `ncloc` attribute. */
int getNumNonCommentedLoC() { result = attr("ncloc") }
int getNumNonCommentedLoC() { result = this.attr("ncloc") }
/** Gets the value of the `packages` attribute. */
int getNumPackages() { result = attr("packages") }
int getNumPackages() { result = this.attr("packages") }
/** Gets the value of the `files` attribute. */
int getNumFiles() { result = attr("files") }
int getNumFiles() { result = this.attr("files") }
/** Gets the value of the `classes` attribute. */
int getNumClasses() { result = attr("classes") }
int getNumClasses() { result = this.attr("classes") }
/** Gets the value of the `complexity` attribute. */
int getCloverComplexity() { result = attr("complexity") }
int getCloverComplexity() { result = this.attr("complexity") }
/** Gets the ratio of the `coveredconditionals` attribute over the `conditionals` attribute. */
float getConditionalCoverage() { result = ratio("conditionals") }
float getConditionalCoverage() { result = this.ratio("conditionals") }
/** Gets the ratio of the `coveredstatements` attribute over the `statements` attribute. */
float getStatementCoverage() { result = ratio("statements") }
float getStatementCoverage() { result = this.ratio("statements") }
/** Gets the ratio of the `coveredelements` attribute over the `elements` attribute. */
float getElementCoverage() { result = ratio("elements") }
float getElementCoverage() { result = this.ratio("elements") }
/** Gets the ratio of the `coveredmethods` attribute over the `methods` attribute. */
float getMethodCoverage() { result = ratio("methods") }
float getMethodCoverage() { result = this.ratio("methods") }
/** Gets the ratio of the `ncloc` attribute over the `loc` attribute. */
float getNonCommentedLoCRatio() { result = attr("ncloc") / attr("loc") }
float getNonCommentedLoCRatio() { result = this.attr("ncloc") / this.attr("loc") }
}
/**
@@ -124,7 +126,7 @@ class CloverPackage extends CloverMetricsContainer {
}
/** Gets the Java package for this Clover package. */
Package getRealPackage() { result.hasName(getAttribute("name").getValue()) }
Package getRealPackage() { result.hasName(this.getAttribute("name").getValue()) }
}
/**
@@ -147,13 +149,13 @@ class CloverClass extends CloverMetricsContainer {
}
/** Gets the Clover package for this Clover class. */
CloverPackage getPackage() { result = getParent().(CloverFile).getParent() }
CloverPackage getPackage() { result = this.getParent().(CloverFile).getParent() }
/** Gets the Java type for this Clover class. */
RefType getRealClass() {
result
.hasQualifiedName(this.getPackage().getAttribute("name").getValue(),
getAttribute("name").getValue())
this.getAttribute("name").getValue())
}
}

30
java/ql/src/utils/stub-generator/Stubs.qll
View File

@@ -39,7 +39,7 @@ abstract private class GeneratedType extends ClassOrInterface {
result =
this.stubAbstractModifier() + this.stubStaticModifier() + this.stubAccessibilityModifier() +
this.stubKeyword() + " " + this.getName() + stubGenericArguments(this, true) +
stubBaseTypesString() + "\n{\n" + stubMembers() + "}"
this.stubBaseTypesString() + "\n{\n" + this.stubMembers() + "}"
}
private RefType getAnInterestingBaseType() {
@@ -51,19 +51,19 @@ abstract private class GeneratedType extends ClassOrInterface {
}
private string stubBaseTypesString() {
if exists(getAnInterestingBaseType())
if exists(this.getAnInterestingBaseType())
then
exists(string cls, string interface, string int_kw | result = cls + int_kw + interface |
(
if exists(getAnInterestingBaseType().(Class))
then cls = " extends " + stubTypeName(getAnInterestingBaseType().(Class))
if exists(this.getAnInterestingBaseType().(Class))
then cls = " extends " + stubTypeName(this.getAnInterestingBaseType().(Class))
else cls = ""
) and
(
if exists(getAnInterestingBaseType().(Interface))
if exists(this.getAnInterestingBaseType().(Interface))
then (
(if this instanceof Class then int_kw = " implements " else int_kw = " extends ") and
interface = concat(stubTypeName(getAnInterestingBaseType().(Interface)), ", ")
interface = concat(stubTypeName(this.getAnInterestingBaseType().(Interface)), ", ")
) else (
int_kw = "" and interface = ""
)
@@ -96,15 +96,15 @@ abstract private class GeneratedType extends ClassOrInterface {
}
final Type getAGeneratedType() {
result = getAnInterestingBaseType()
result = this.getAnInterestingBaseType()
or
result = getAGeneratedMember().(Callable).getReturnType()
result = this.getAGeneratedMember().(Callable).getReturnType()
or
result = getAGeneratedMember().(Callable).getAParameter().getType()
result = this.getAGeneratedMember().(Callable).getAParameter().getType()
or
result = getAGeneratedMember().(Field).getType()
result = this.getAGeneratedMember().(Field).getType()
or
result = getAGeneratedMember().(NestedType)
result = this.getAGeneratedMember().(NestedType)
}
}
@@ -449,7 +449,7 @@ class GeneratedTopLevel extends TopLevelType {
private string stubAnImport() {
exists(RefType t, string pkg, string name |
t = getAnImportedType() and
t = this.getAnImportedType() and
(t instanceof Class or t instanceof Interface) and
t.hasQualifiedName(pkg, name) and
t != this and
@@ -459,7 +459,7 @@ class GeneratedTopLevel extends TopLevelType {
)
}
private string stubImports() { result = concat(stubAnImport()) + "\n" }
private string stubImports() { result = concat(this.stubAnImport()) + "\n" }
private string stubPackage() {
if this.getPackage().getName() != ""
@@ -474,6 +474,8 @@ class GeneratedTopLevel extends TopLevelType {
/** Creates a full stub for the file containing this type. */
string stubFile() {
result = stubComment() + stubPackage() + stubImports() + this.(GeneratedType).getStub() + "\n"
result =
this.stubComment() + this.stubPackage() + this.stubImports() + this.(GeneratedType).getStub() +
"\n"
}
}