Merge pull request #10076 from erik-krogh/ql-for-ql-fixes

various QL-for-QL fixes
2025-12-17 01:03:14 +01:00 · 2022-08-18 15:46:48 +02:00
parent 61a2c0dab5 9e7c0c6ab9
commit 4f93f2b9ba
30 changed files with 51 additions and 65 deletions
--- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/SemanticExprSpecific.qll
+++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/SemanticExprSpecific.qll
@@ -292,22 +292,20 @@ module SemanticExprConfig {

  class Guard = IRGuards::IRGuardCondition;

-  predicate guard(Guard guard, BasicBlock block) {
-    block = guard.(IRGuards::IRGuardCondition).getBlock()
-  }
+  predicate guard(Guard guard, BasicBlock block) { block = guard.getBlock() }

  Expr getGuardAsExpr(Guard guard) { result = guard }

  predicate equalityGuard(Guard guard, Expr e1, Expr e2, boolean polarity) {
-    guard.(IRGuards::IRGuardCondition).comparesEq(e1.getAUse(), e2.getAUse(), 0, true, polarity)
+    guard.comparesEq(e1.getAUse(), e2.getAUse(), 0, true, polarity)
  }

  predicate guardDirectlyControlsBlock(Guard guard, BasicBlock controlled, boolean branch) {
-    guard.(IRGuards::IRGuardCondition).controls(controlled, branch)
+    guard.controls(controlled, branch)
  }

  predicate guardHasBranchEdge(Guard guard, BasicBlock bb1, BasicBlock bb2, boolean branch) {
-    guard.(IRGuards::IRGuardCondition).controlsEdge(bb1, bb2, branch)
+    guard.controlsEdge(bb1, bb2, branch)
  }

  Guard comparisonGuard(Expr e) { result = e }
--- a/Management/UsingExpiredStackAddress.ql
+++ b/Management/UsingExpiredStackAddress.ql
@@ -268,7 +268,11 @@ class PathElement extends TPathElement {
  predicate isSink(IRBlock block) { exists(this.asSink(block)) }

  string toString() {
-    result = [asStore().toString(), asCall(_).toString(), asMid().toString(), asSink(_).toString()]
+    result =
+      [
+        this.asStore().toString(), this.asCall(_).toString(), this.asMid().toString(),
+        this.asSink(_).toString()
+      ]
  }

  predicate hasLocationInfo(
--- a/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
@@ -67,7 +67,7 @@ predicate findUseCharacterConversion(Expr exp, string msg) {
  exists(FunctionCall fc |
    fc = exp and
    (
-      exists(Loop lptmp | lptmp = fc.getEnclosingStmt().getParentStmt*()) and
+      fc.getEnclosingStmt().getParentStmt*() instanceof Loop and
      fc.getTarget().hasName(["mbtowc", "mbrtowc", "_mbtowc_l"]) and
      not fc.getArgument(0).isConstant() and
      not fc.getArgument(1).isConstant() and
--- a/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql
@@ -44,11 +44,8 @@ predicate conversionDoneLate(MulExpr mexp) {
      mexp.getEnclosingElement().(ComparisonOperation).hasOperands(mexp, e0) and
      e0.getType().getSize() = mexp.getConversion().getConversion().getType().getSize()
      or
-      e0.(FunctionCall)
-          .getTarget()
-          .getParameter(argumentPosition(e0.(FunctionCall), mexp, _))
-          .getType()
-          .getSize() = mexp.getConversion().getConversion().getType().getSize()
+      e0.(FunctionCall).getTarget().getParameter(argumentPosition(e0, mexp, _)).getType().getSize() =
+        mexp.getConversion().getConversion().getType().getSize()
    )
  )
 }
@@ -75,7 +72,7 @@ predicate signSmallerWithEqualSizes(MulExpr mexp) {
      ae.getRValue().getUnderlyingType().(IntegralType).isUnsigned() and
      ae.getLValue().getUnderlyingType().(IntegralType).isSigned() and
      (
-        not exists(DivExpr de | mexp.getParent*() = de)
+        not mexp.getParent*() instanceof DivExpr
        or
        exists(DivExpr de, Expr ec |
          e2.isConstant() and
--- a/go/ql/lib/semmle/go/AST.qll
+++ b/go/ql/lib/semmle/go/AST.qll
@@ -28,12 +28,12 @@ class AstNode extends @node, Locatable {
  /**
   * Gets a child node of this node.
   */
-  AstNode getAChild() { result = getChild(_) }
+  AstNode getAChild() { result = this.getChild(_) }

  /**
   * Gets the number of child nodes of this node.
   */
-  int getNumChild() { result = count(getAChild()) }
+  int getNumChild() { result = count(this.getAChild()) }

  /**
   * Gets a child with the given index and of the given kind, if one exists.
@@ -63,7 +63,7 @@ class AstNode extends @node, Locatable {
  AstNode getUniquelyNumberedChild(int index) {
    result =
      rank[index + 1](AstNode child, string kind, int i |
-        child = getChildOfKind(kind, i)
+        child = this.getChildOfKind(kind, i)
      |
        child order by kind, i
      )
@@ -74,17 +74,17 @@ class AstNode extends @node, Locatable {

  /** Gets the parent node of this AST node, but without crossing function boundaries. */
  private AstNode parentInSameFunction() {
-    result = getParent() and
+    result = this.getParent() and
    not this instanceof FuncDef
  }

  /** Gets the innermost function definition to which this AST node belongs, if any. */
-  FuncDef getEnclosingFunction() { result = getParent().parentInSameFunction*() }
+  FuncDef getEnclosingFunction() { result = this.getParent().parentInSameFunction*() }

  /**
   * Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs.
   */
-  final string getPrimaryQlClasses() { result = concat(getAPrimaryQlClass(), ",") }
+  final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") }

  /**
   * Gets the name of a primary CodeQL class to which this node belongs.
@@ -116,12 +116,12 @@ class ExprParent extends @exprparent, AstNode {
  /**
   * Gets an expression that is a child node of this node in the AST.
   */
-  Expr getAChildExpr() { result = getChildExpr(_) }
+  Expr getAChildExpr() { result = this.getChildExpr(_) }

  /**
   * Gets the number of child expressions of this node.
   */
-  int getNumChildExpr() { result = count(getAChildExpr()) }
+  int getNumChildExpr() { result = count(this.getAChildExpr()) }
 }

 /**
@@ -139,12 +139,12 @@ class GoModExprParent extends @modexprparent, AstNode {
  /**
   * Gets an expression that is a child node of this node in the AST.
   */
-  GoModExpr getAChildGoModExpr() { result = getChildGoModExpr(_) }
+  GoModExpr getAChildGoModExpr() { result = this.getChildGoModExpr(_) }

  /**
   * Gets the number of child expressions of this node.
   */
-  int getNumChildGoModExpr() { result = count(getAChildGoModExpr()) }
+  int getNumChildGoModExpr() { result = count(this.getAChildGoModExpr()) }
 }

 /**
@@ -162,12 +162,12 @@ class StmtParent extends @stmtparent, AstNode {
  /**
   * Gets a statement that is a child node of this node in the AST.
   */
-  Stmt getAChildStmt() { result = getChildStmt(_) }
+  Stmt getAChildStmt() { result = this.getChildStmt(_) }

  /**
   * Gets the number of child statements of this node.
   */
-  int getNumChildStmt() { result = count(getAChildStmt()) }
+  int getNumChildStmt() { result = count(this.getAChildStmt()) }
 }

 /**
@@ -185,12 +185,12 @@ class DeclParent extends @declparent, AstNode {
  /**
   * Gets a child declaration of this node in the AST.
   */
-  Decl getADecl() { result = getDecl(_) }
+  Decl getADecl() { result = this.getDecl(_) }

  /**
   * Gets the number of child declarations of this node.
   */
-  int getNumDecl() { result = count(getADecl()) }
+  int getNumDecl() { result = count(this.getADecl()) }
 }

 /**
@@ -208,12 +208,12 @@ class FieldParent extends @fieldparent, AstNode {
  /**
   * Gets a child field of this node in the AST.
   */
-  FieldBase getAField() { result = getField(_) }
+  FieldBase getAField() { result = this.getField(_) }

  /**
   * Gets the number of child fields of this node.
   */
-  int getNumFields() { result = count(getAField()) }
+  int getNumFields() { result = count(this.getAField()) }
 }

 /**
--- a/go/ql/lib/semmle/go/Types.qll
+++ b/go/ql/lib/semmle/go/Types.qll
@@ -787,7 +787,7 @@ class InterfaceType extends @interfacetype, CompositeType {
   * Note that the indexes are not contiguous.
   */
  TypeSetLiteralType getDirectlyEmbeddedTypeSetLiteral(int index) {
-    hasDirectlyEmbeddedType(index, result)
+    this.hasDirectlyEmbeddedType(index, result)
  }

  /**
@@ -798,7 +798,7 @@ class InterfaceType extends @interfacetype, CompositeType {
  TypeSetLiteralType getAnEmbeddedTypeSetLiteral() {
    result = this.getDirectlyEmbeddedTypeSetLiteral(_) or
    result =
-      getADirectlyEmbeddedInterface()
+      this.getADirectlyEmbeddedInterface()
          .getUnderlyingType()
          .(InterfaceType)
          .getAnEmbeddedTypeSetLiteral()
--- a/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll
+++ b/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll
@@ -3,7 +3,6 @@
 */

 import go
-private import semmle.go.StringOps

 /**
 * Provides classes for working with concepts relating to the [github.com/elazarl/goproxy](https://pkg.go.dev/github.com/elazarl/goproxy) package.
--- a/go/ql/lib/semmle/go/frameworks/Glog.qll
+++ b/go/ql/lib/semmle/go/frameworks/Glog.qll
@@ -4,7 +4,6 @@
 */

 import go
-private import semmle.go.StringOps

 /**
 * Provides models of commonly used functions in the `github.com/golang/glog` packages and its
--- a/go/ql/lib/semmle/go/frameworks/Logrus.qll
+++ b/go/ql/lib/semmle/go/frameworks/Logrus.qll
@@ -1,7 +1,6 @@
 /** Provides models of commonly used functions in the `github.com/sirupsen/logrus` package. */

 import go
-private import semmle.go.StringOps

 /** Provides models of commonly used functions in the `github.com/sirupsen/logrus` package. */
 module Logrus {
--- a/go/ql/lib/semmle/go/frameworks/Spew.qll
+++ b/go/ql/lib/semmle/go/frameworks/Spew.qll
@@ -3,7 +3,6 @@
 */

 import go
-private import semmle.go.StringOps

 /**
 * Provides models of commonly used functions in the `github.com/davecgh/go-spew/spew` package.
--- a/go/ql/lib/semmle/go/frameworks/Zap.qll
+++ b/go/ql/lib/semmle/go/frameworks/Zap.qll
@@ -3,7 +3,6 @@
 */

 import go
-private import semmle.go.StringOps

 /**
 * Provides models of commonly used functions in the `go.uber.org/zap` package.
--- a/go/ql/lib/semmle/go/frameworks/stdlib/Fmt.qll
+++ b/go/ql/lib/semmle/go/frameworks/stdlib/Fmt.qll
@@ -3,7 +3,6 @@
 */

 import go
-private import semmle.go.StringOps

 /** Provides models of commonly used functions in the `fmt` package. */
 module Fmt {
--- a/go/ql/lib/semmle/go/frameworks/stdlib/Log.qll
+++ b/go/ql/lib/semmle/go/frameworks/stdlib/Log.qll
@@ -3,7 +3,6 @@
 */

 import go
-private import semmle.go.StringOps

 /** Provides models of commonly used functions in the `log` package. */
 module Log {
--- a/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll
@@ -4,7 +4,6 @@
 */

 import go
-private import semmle.go.StringOps

 /**
 * Provides extension points for customizing the data-flow tracking configuration for reasoning
--- a/go/ql/src/experimental/InconsistentCode/GORMErrorNotChecked.ql
+++ b/go/ql/src/experimental/InconsistentCode/GORMErrorNotChecked.ql
@@ -9,7 +9,6 @@
 */

 import go
-import semmle.go.frameworks.SQL

 from DataFlow::MethodCallNode call
 where
--- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql
@@ -3,7 +3,6 @@
 */

 import go
-import semmle.go.dataflow.DataFlow
 import semmle.go.dataflow.ExternalFlow
 import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
 import CsvValidation
--- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql
@@ -1,5 +1,4 @@
 import go
-import semmle.go.dataflow.DataFlow
 import semmle.go.dataflow.ExternalFlow
 import CsvValidation

--- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql
@@ -1,5 +1,4 @@
 import go
-import semmle.go.dataflow.DataFlow
 import semmle.go.dataflow.ExternalFlow
 import CsvValidation

--- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql
@@ -1,5 +1,4 @@
 import go
-import semmle.go.dataflow.DataFlow
 import semmle.go.dataflow.ExternalFlow
 import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
 import CsvValidation
--- a/go/ql/test/library-tests/semmle/go/frameworks/WebSocket/Read.ql
+++ b/go/ql/test/library-tests/semmle/go/frameworks/WebSocket/Read.ql
@@ -1,5 +1,4 @@
 import go
-import semmle.go.frameworks.WebSocket

 from WebSocketReader r, DataFlow::Node nd
 where nd = r.getAnOutput().getNode(r.getACall())
--- a/java/ql/lib/semmle/code/java/frameworks/android/SQLite.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/android/SQLite.qll
@@ -9,21 +9,23 @@ private import semmle.code.java.frameworks.android.Android
 * The class `android.database.sqlite.SQLiteDatabase`.
 */
 class TypeSQLiteDatabase extends Class {
-  TypeSQLiteDatabase() { hasQualifiedName("android.database.sqlite", "SQLiteDatabase") }
+  TypeSQLiteDatabase() { this.hasQualifiedName("android.database.sqlite", "SQLiteDatabase") }
 }

 /**
 * The class `android.database.sqlite.SQLiteQueryBuilder`.
 */
 class TypeSQLiteQueryBuilder extends Class {
-  TypeSQLiteQueryBuilder() { hasQualifiedName("android.database.sqlite", "SQLiteQueryBuilder") }
+  TypeSQLiteQueryBuilder() {
+    this.hasQualifiedName("android.database.sqlite", "SQLiteQueryBuilder")
+  }
 }

 /**
 * The class `android.database.DatabaseUtils`.
 */
 class TypeDatabaseUtils extends Class {
-  TypeDatabaseUtils() { hasQualifiedName("android.database", "DatabaseUtils") }
+  TypeDatabaseUtils() { this.hasQualifiedName("android.database", "DatabaseUtils") }
 }

 /**
--- a/java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll
+++ b/java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll
@@ -53,7 +53,7 @@ private class FileSetRedableMethodAccess extends MethodAccess {
  private predicate isCallToSecondArgumentWithValue(boolean value) {
    this.getMethod().getNumberOfParameters() = 1 and value = true
    or
-    isCallWithArgument(1, value)
+    this.isCallWithArgument(1, value)
  }

  private predicate isCallWithArgument(int index, boolean arg) {
--- a/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll
+++ b/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll
@@ -2,7 +2,6 @@ private import python
 private import semmle.python.Concepts
 private import semmle.python.ApiGraphs
 private import semmle.python.dataflow.new.RemoteFlowSources
-private import semmle.python.dataflow.new.DataFlow

 /**
 * A data flow source of the client ip obtained according to the remote endpoint identifier specified
--- a/python/ql/test/TestUtilities/VerifyApiGraphs.qll
+++ b/python/ql/test/TestUtilities/VerifyApiGraphs.qll
@@ -84,8 +84,8 @@ class Assertion extends Comment {
  string tryExplainFailure() {
    exists(int i, API::Node nd, string prefix, string suffix |
      nd = this.lookup(i) and
-      i < getPathLength() and
-      not exists(this.lookup([i + 1 .. getPathLength()])) and
+      i < this.getPathLength() and
+      not exists(this.lookup([i + 1 .. this.getPathLength()])) and
      prefix = nd + " has no outgoing edge labelled " + this.getEdgeLabel(i) + ";" and
      if exists(nd.getASuccessor())
      then
--- a/python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll
+++ b/python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll
@@ -11,7 +11,7 @@ class XmlRecordedCall extends XMLElement {
  XmlCall getXmlCall() { result.getParent() = this }

  /** DEPRECATED: Alias for getXmlCall */
-  deprecated XMLCall getXMLCall() { result = getXmlCall() }
+  deprecated XMLCall getXMLCall() { result = this.getXmlCall() }

  /** Gets a call matching the recorded information. */
  Call getACall() { result = this.getXmlCall().getACall() }
@@ -20,7 +20,7 @@ class XmlRecordedCall extends XMLElement {
  XmlCallee getXmlCallee() { result.getParent() = this }

  /** DEPRECATED: Alias for getXmlCallee */
-  deprecated XMLCallee getXMLCallee() { result = getXmlCallee() }
+  deprecated XMLCallee getXMLCallee() { result = this.getXmlCallee() }

  /** Gets a python function matching the recorded information of the callee. */
  Function getAPythonCallee() { result = this.getXmlCallee().(XmlPythonCallee).getACallee() }
@@ -90,10 +90,10 @@ class XmlCall extends XMLElement {
      expr.(Name).getId() = bytecode.(XmlBytecodeVariableName).get_name_data()
      or
      expr.(Attribute).getName() = bytecode.(XmlBytecodeAttribute).get_attr_name_data() and
-      matchBytecodeExpr(expr.(Attribute).getObject(),
+      this.matchBytecodeExpr(expr.(Attribute).getObject(),
        bytecode.(XmlBytecodeAttribute).get_object_data())
      or
-      matchBytecodeExpr(expr.(Call).getFunc(), bytecode.(XmlBytecodeCall).get_function_data())
+      this.matchBytecodeExpr(expr.(Call).getFunc(), bytecode.(XmlBytecodeCall).get_function_data())
      //
      // I considered allowing a partial match as well. That is, if the bytecode
      // expression information only tells us `<unknown>.foo()`, and we find an AST
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -176,7 +176,7 @@ private module ParameterNodes {
      )
    }

-    override DataFlowCallable getEnclosingCallable() { isParameterOf(result, _) }
+    override DataFlowCallable getEnclosingCallable() { this.isParameterOf(result, _) }
  }
 }

--- a/swift/ql/lib/codeql/swift/elements/Comment.qll
+++ b/swift/ql/lib/codeql/swift/elements/Comment.qll
@@ -2,7 +2,7 @@ private import codeql.swift.generated.Comment

 class Comment extends CommentBase {
  /** toString */
-  override string toString() { result = getText() }
+  override string toString() { result = this.getText() }
 }

 class SingleLineComment extends Comment {
--- a/swift/ql/lib/codeql/swift/elements/Element.qll
+++ b/swift/ql/lib/codeql/swift/elements/Element.qll
@@ -3,7 +3,7 @@ private import codeql.swift.generated.Element
 class Element extends ElementBase {
  private predicate resolvesFrom(Element e) { e.getResolveStep() = this }

-  override string toString() { result = getPrimaryQlClasses() }
+  override string toString() { result = this.getPrimaryQlClasses() }

  Element getFullyUnresolved() {
    not this.resolvesFrom(_) and result = this
@@ -16,5 +16,5 @@ class Element extends ElementBase {
 }

 class UnknownElement extends Element {
-  UnknownElement() { isUnknown() }
+  UnknownElement() { this.isUnknown() }
 }
--- a/swift/ql/lib/codeql/swift/elements/File.qll
+++ b/swift/ql/lib/codeql/swift/elements/File.qll
@@ -2,13 +2,13 @@ private import codeql.swift.generated.File

 class File extends FileBase {
  /** toString */
-  override string toString() { result = getAbsolutePath() }
+  override string toString() { result = this.getAbsolutePath() }

  /** Gets the absolute path of this file. */
-  string getAbsolutePath() { result = getName() }
+  string getAbsolutePath() { result = this.getName() }

  /** Gets the full name of this file. */
-  string getFullName() { result = getAbsolutePath() }
+  string getFullName() { result = this.getAbsolutePath() }

  /** Gets the URL of this file. */
  string getURL() { result = "file://" + this.getAbsolutePath() + ":0:0:0:0" }
--- a/swift/ql/test/library-tests/controlflow/graph/Cfg.ql
+++ b/swift/ql/test/library-tests/controlflow/graph/Cfg.ql
@@ -7,7 +7,7 @@ import codeql.swift.controlflow.ControlFlowGraph
 import codeql.swift.controlflow.internal.ControlFlowGraphImpl::TestOutput

 class MyRelevantNode extends RelevantNode {
-  MyRelevantNode() { getScope().getLocation().getFile().getName().matches("%swift/ql/test%") }
+  MyRelevantNode() { this.getScope().getLocation().getFile().getName().matches("%swift/ql/test%") }

  private AstNode asAstNode() { result = this.getNode().asAstNode() }