Merge pull request #13324 from jcogs33/jcogs33/shared-sink-kind-validation

Shared: share MaD kind validation across languages
2025-12-23 04:06:37 +01:00 · 2023-06-20 11:56:12 -04:00
parent 865c050226 35591113c2
commit 5259a6ecfc
16 changed files with 282 additions and 113 deletions
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -6,6 +6,7 @@ extractor: csharp
 library: true
 upgrades: upgrades
 dependencies:
+  codeql/mad: ${workspace}
  codeql/ssa: ${workspace}
  codeql/tutorial: ${workspace}
  codeql/util: ${workspace}
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
@@ -95,6 +95,7 @@ private import internal.DataFlowPublic
 private import internal.FlowSummaryImpl::Public
 private import internal.FlowSummaryImpl::Private::External
 private import internal.FlowSummaryImplSpecific
+private import codeql.mad.ModelValidation as SharedModelVal

 /** Holds if a source model exists for the given parameters. */
 predicate sourceModel = Extensions::sourceModel/9;
@@ -204,30 +205,18 @@ module ModelValidation {
    )
  }

-  private string getInvalidModelKind() {
-    exists(string kind | summaryModel(_, _, _, _, _, _, _, _, kind, _) |
-      not kind = ["taint", "value"] and
-      result = "Invalid kind \"" + kind + "\" in summary model."
-    )
-    or
-    exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) |
-      not kind =
-        ["code-injection", "sql-injection", "js-injection", "html-injection", "file-content-store"] and
-      not kind.matches("encryption-%") and
-      result = "Invalid kind \"" + kind + "\" in sink model."
-    )
-    or
-    exists(string kind | sourceModel(_, _, _, _, _, _, _, kind, _) |
-      not kind = ["local", "remote", "file", "file-write"] and
-      result = "Invalid kind \"" + kind + "\" in source model."
-    )
-    or
-    exists(string kind | neutralModel(_, _, _, _, kind, _) |
-      not kind = ["summary", "source", "sink"] and
-      result = "Invalid kind \"" + kind + "\" in neutral model."
-    )
+  private module KindValConfig implements SharedModelVal::KindValidationConfigSig {
+    predicate summaryKind(string kind) { summaryModel(_, _, _, _, _, _, _, _, kind, _) }
+
+    predicate sinkKind(string kind) { sinkModel(_, _, _, _, _, _, _, kind, _) }
+
+    predicate sourceKind(string kind) { sourceModel(_, _, _, _, _, _, _, kind, _) }
+
+    predicate neutralKind(string kind) { neutralModel(_, _, _, _, kind, _) }
  }

+  private module KindVal = SharedModelVal::KindValidation<KindValConfig>;
+
  private string getInvalidModelSignature() {
    exists(
      string pred, string namespace, string type, string name, string signature, string ext,
@@ -269,7 +258,7 @@ module ModelValidation {
    msg =
      [
        getInvalidModelSignature(), getInvalidModelInput(), getInvalidModelOutput(),
-        getInvalidModelKind()
+        KindVal::getInvalidModelKind()
      ]
  }
 }