hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor tests which extends Configuration

Browse Source
This commit is contained in:
Ed Minnix
2023-04-16 01:30:17 -04:00
parent 66f971e70d
commit 49521f6de8
7 changed files with 65 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/test/library-tests/dataflow/capture/test.ql
View File

@@ -1,17 +1,16 @@
import java
import semmle.code.java.dataflow.DataFlow
import DataFlow
StringLiteral src() { result.getCompilationUnit().fromSource() }
class Conf extends Configuration {
Conf() { this = "qq capture" }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node n) { n.asExpr() = src() }
override predicate isSource(Node n) { n.asExpr() = src() }
override predicate isSink(Node n) { any() }
predicate isSink(DataFlow::Node n) { any() }
}
from Node src, Node sink, Conf conf
where conf.hasFlow(src, sink)
module Flow = DataFlow::Global<Config>;
from DataFlow::Node src, DataFlow::Node sink
where Flow::flow(src, sink)
select src, sink

15
java/ql/test/library-tests/dataflow/records/test.ql
View File

@@ -1,15 +1,14 @@
import java
import semmle.code.java.dataflow.DataFlow
import DataFlow
class Conf extends Configuration {
Conf() { this = "qqconf" }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
override predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
override predicate isSink(Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
predicate isSink(DataFlow::Node n) { n.asExpr().(Argument).getCall().getCallee().hasName("sink") }
}
from Conf conf, Node src, Node sink
where conf.hasFlow(src, sink)
module Flow = DataFlow::Global<Config>;
from DataFlow::Node src, DataFlow::Node sink
where Flow::flow(src, sink)
select src, sink

15
java/ql/test/library-tests/dataflow/switchexpr/switchexprflow.ql
View File

@@ -1,15 +1,14 @@
import java
import semmle.code.java.dataflow.DataFlow
import DataFlow
class Conf extends Configuration {
Conf() { this = "qqconf" }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
override predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
override predicate isSink(Node n) { any() }
predicate isSink(DataFlow::Node n) { any() }
}
from Conf c, Node sink
where c.hasFlow(_, sink)
module Flow = DataFlow::Global<Config>;
from DataFlow::Node sink
where Flow::flowTo(sink)
select sink

17
java/ql/test/library-tests/dataflow/taintgettersetter/taintgettersetter.ql
View File

@@ -1,25 +1,24 @@
import java
import semmle.code.java.dataflow.DataFlow
import DataFlow
class Conf extends Configuration {
Conf() { this = "taintgettersetter" }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("taint") }
override predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("taint") }
override predicate isSink(Node n) {
predicate isSink(DataFlow::Node n) {
exists(MethodAccess sink |
sink.getAnArgument() = n.asExpr() and sink.getMethod().hasName("sink")
)
}
override predicate isAdditionalFlowStep(Node n1, Node n2) {
predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) {
exists(AddExpr add |
add.getType() instanceof TypeString and add.getAnOperand() = n1.asExpr() and n2.asExpr() = add
)
}
}
from Node src, Node sink, Conf conf
where conf.hasFlow(src, sink)
module Flow = DataFlow::Global<Config>;
from DataFlow::Node src, DataFlow::Node sink
where Flow::flow(src, sink)
select src, sink

34
java/ql/test/library-tests/dataflow/taintreturn/taintreturn.ql
View File

@@ -1,6 +1,5 @@
import java
import semmle.code.java.dataflow.TaintTracking
import DataFlow
predicate step(Expr e1, Expr e2) {
exists(MethodAccess ma |
@@ -17,28 +16,35 @@ predicate isSink0(Expr sink) {
)
}
class Conf1 extends Configuration {
Conf1() { this = "testconf1" }
module FirstConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("src") }
override predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("src") }
predicate isSink(DataFlow::Node n) { any() }
override predicate isSink(Node n) { any() }
override predicate isAdditionalFlowStep(Node n1, Node n2) { step(n1.asExpr(), n2.asExpr()) }
predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) {
step(n1.asExpr(), n2.asExpr())
}
}
class Conf2 extends Configuration {
Conf2() { this = "testconf2" }
module FirstFlow = DataFlow::Global<FirstConfig>;
override predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("src") }
module SecondConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node n) { n.asExpr().(MethodAccess).getMethod().hasName("src") }
override predicate isSink(Node n) { isSink0(n.asExpr()) }
predicate isSink(DataFlow::Node n) { isSink0(n.asExpr()) }
override predicate isAdditionalFlowStep(Node n1, Node n2) { step(n1.asExpr(), n2.asExpr()) }
predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) {
step(n1.asExpr(), n2.asExpr())
}
}
module SecondFlow = DataFlow::Global<SecondConfig>;
from int i1, int i2
where
i1 = count(Node src, Node sink, Conf1 c | c.hasFlow(src, sink) and isSink0(sink.asExpr())) and
i2 = count(Node src, Node sink, Conf2 c | c.hasFlow(src, sink))
i1 =
count(DataFlow::Node src, DataFlow::Node sink |
FirstFlow::flow(src, sink) and isSink0(sink.asExpr())
) and
i2 = count(DataFlow::Node src, DataFlow::Node sink | SecondFlow::flow(src, sink))
select i1, i2

17
java/ql/test/library-tests/dataflow/this-flow/this-flow.ql
View File

@@ -1,19 +1,18 @@
import java
import semmle.code.java.dataflow.DataFlow
import DataFlow
class ThisFlowConfig extends Configuration {
ThisFlowConfig() { this = "ThisFlowConfig" }
override predicate isSource(Node src) {
exists(PostUpdateNode cie | cie.asExpr() instanceof ClassInstanceExpr |
module ThisFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node src) {
exists(DataFlow::PostUpdateNode cie | cie.asExpr() instanceof ClassInstanceExpr |
cie.getPreUpdateNode() = src or cie = src
)
}
override predicate isSink(Node sink) { any() }
predicate isSink(DataFlow::Node sink) { any() }
}
from Node n, ThisFlowConfig conf
where conf.hasFlow(_, n)
module ThisFlow = DataFlow::Global<ThisFlowConfig>;
from DataFlow::Node n
where ThisFlow::flowTo(n)
select n

16
java/ql/test/library-tests/dataflow/typepruning/test.ql
View File

@@ -2,18 +2,16 @@ import java
import semmle.code.java.dataflow.DataFlow
import DataFlow
class Conf extends Configuration {
Conf() { this = "test types" }
module Config implements DataFlow::ConfigSig {
predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
override predicate isSource(Node n) { n.asExpr().(MethodAccess).getMethod().hasName("source") }
override predicate isSink(Node n) {
predicate isSink(Node n) {
exists(MethodAccess sink |
sink.getAnArgument() = n.asExpr() and sink.getMethod().hasName("sink")
)
}
override predicate isAdditionalFlowStep(Node n1, Node n2) {
predicate isAdditionalFlowStep(Node n1, Node n2) {
exists(MethodAccess ma |
ma.getMethod().hasName("customStep") and
ma.getAnArgument() = n1.asExpr() and
@@ -22,6 +20,8 @@ class Conf extends Configuration {
}
}
from Node src, Node sink, Conf conf
where conf.hasFlow(src, sink)
module Flow = DataFlow::Global<Config>;
from Node src, Node sink
where Flow::flow(src, sink)
select src, sink, sink.getEnclosingCallable()