From bb34c91b38d5d053b2a7363b189c03bdd7077cd5 Mon Sep 17 00:00:00 2001 From: Max Schaefer Date: Mon, 30 Mar 2020 10:38:25 +0100 Subject: [PATCH 1/2] Add Qldoc for the last few remaining predicates. Apart from a missing module doc comment for `TaintTrackingImpl.qll` which we'll need to synchronize with the other languages (https://github.com/Semmle/ql/pull/3155), this gets us to 100% Qldoc coverage. --- ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll | 2 ++ ql/src/semmle/go/dataflow/internal/TaintTrackingUtil.qll | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll b/ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll index 083e401f635..d1396f86f81 100644 --- a/ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll +++ b/ql/src/semmle/go/dataflow/internal/DataFlowUtil.qll @@ -368,8 +368,10 @@ class ParameterNode extends SsaNode { class ReceiverNode extends ParameterNode { override ReceiverVariable parm; + /** Gets the receiver variable this node initializes. */ ReceiverVariable asReceiverVariable() { result = parm } + /** Holds if this node initializes the receiver variable of `m`. */ predicate isReceiverOf(MethodDecl m) { parm.isReceiverOf(m) } } diff --git a/ql/src/semmle/go/dataflow/internal/TaintTrackingUtil.qll b/ql/src/semmle/go/dataflow/internal/TaintTrackingUtil.qll index b4dd0a007ec..e1ad7eaacb5 100644 --- a/ql/src/semmle/go/dataflow/internal/TaintTrackingUtil.qll +++ b/ql/src/semmle/go/dataflow/internal/TaintTrackingUtil.qll @@ -1,3 +1,7 @@ +/** + * Provides Go-specific definitions for use in the taint-tracking library. + */ + private import go /** From 28ed803faef25d4db294a5f72454fa366c65b010 Mon Sep 17 00:00:00 2001 From: Max Schaefer Date: Mon, 30 Mar 2020 11:21:53 +0100 Subject: [PATCH 2/2] Data flow: Add module doc comment for `TaintTrackingImpl.qll` cf https://github.com/Semmle/ql/pull/3155 --- .../internal/tainttracking1/TaintTrackingImpl.qll | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ql/src/semmle/go/dataflow/internal/tainttracking1/TaintTrackingImpl.qll b/ql/src/semmle/go/dataflow/internal/tainttracking1/TaintTrackingImpl.qll index c05de75bfab..e8b828f5b3e 100644 --- a/ql/src/semmle/go/dataflow/internal/tainttracking1/TaintTrackingImpl.qll +++ b/ql/src/semmle/go/dataflow/internal/tainttracking1/TaintTrackingImpl.qll @@ -1,3 +1,13 @@ +/** + * Provides an implementation of global (interprocedural) taint tracking. + * This file re-exports the local (intraprocedural) taint-tracking analysis + * from `TaintTrackingParameter::Public` and adds a global analysis, mainly + * exposed through the `Configuration` class. For some languages, this file + * exists in several identical copies, allowing queries to use multiple + * `Configuration` classes that depend on each other without introducing + * mutual recursion among those configurations. + */ + import TaintTrackingParameter::Public private import TaintTrackingParameter::Private