C#: Re-factor containerContent into standalone predicate in DataFlow library.

2026-04-30 11:15:13 +02:00 · 2022-03-09 15:32:17 +01:00
parent 5d03e510d2
commit 665e3c9326
5 changed files with 21 additions and 21 deletions
--- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
@@ -256,6 +256,16 @@ class SyntheticFieldContent extends Content, TSyntheticFieldContent {
  override string toString() { result = s.toString() }
 }

+/**
+ * Holds if the the content `c` is a container.
+ */
+predicate containerContent(Content c) {
+  c instanceof ArrayContent or
+  c instanceof CollectionContent or
+  c instanceof MapKeyContent or
+  c instanceof MapValueContent
+}
+
 /**
 * A guard that validates some expression.
 *
--- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
@@ -54,7 +54,7 @@ private module Cached {
    FlowSummaryImpl::Private::Steps::summaryThroughStep(src, sink, false)
    or
    // Treat container flow as taint for the local taint flow relation
-    exists(DataFlow::Content c | containerContent(c) |
+    exists(DataFlow::Content c | DataFlow::containerContent(c) |
      readStep(src, c, sink) or
      storeStep(src, c, sink) or
      FlowSummaryImpl::Private::Steps::summaryGetterStep(src, c, sink) or
@@ -62,13 +62,6 @@ private module Cached {
    )
  }

-  private predicate containerContent(DataFlow::Content c) {
-    c instanceof DataFlow::ArrayContent or
-    c instanceof DataFlow::CollectionContent or
-    c instanceof DataFlow::MapKeyContent or
-    c instanceof DataFlow::MapValueContent
-  }
-
  /**
   * Holds if taint can flow in one local step from `src` to `sink` excluding
   * local data flow steps. That is, `src` and `sink` are likely to represent
@@ -87,7 +80,7 @@ private module Cached {
      not sink.getTypeBound() instanceof BoxedType and
      not sink.getTypeBound() instanceof NumberType and
      (
-        containerContent(f)
+        DataFlow::containerContent(f)
        or
        f instanceof TaintInheritingContent
      )
--- a/java/ql/src/utils/model-generator/ModelGeneratorUtilsSpecific.qll
+++ b/java/ql/src/utils/model-generator/ModelGeneratorUtilsSpecific.qll
@@ -122,21 +122,13 @@ predicate isRelevantTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
      else any()
  )
  or
-  exists(DataFlow::Content f | storeStep(node1, f, node2) |
-    f instanceof DataFlow::ArrayContent or
-    f instanceof DataFlow::CollectionContent or
-    f instanceof DataFlow::MapKeyContent or
-    f instanceof DataFlow::MapValueContent
-  )
+  exists(DataFlow::Content f | storeStep(node1, f, node2) | DataFlow::containerContent(f))
 }

 predicate isRelevantContent(DataFlow::Content f) {
  isRelevantType(f.(DataFlow::FieldContent).getField().getType()) or
  isRelevantType(f.(DataFlow::FieldContent).getField().getType()) or
-  f instanceof DataFlow::ArrayContent or
-  f instanceof DataFlow::CollectionContent or
-  f instanceof DataFlow::MapKeyContent or
-  f instanceof DataFlow::MapValueContent
+  DataFlow::containerContent(f)
 }

 private string parameterAccess(Parameter p) {