patch upper-case acronyms to be PascalCase

cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql

@@ -34,7 +34,7 @@ class ReturnStackAllocatedMemoryConfig extends MustFlowConfiguration {
     exists(VariableAddressInstruction var, Function func |
       var = source.asInstruction() and
       func = var.getEnclosingFunction() and
-      var.getASTVariable() instanceof StackVariable and
+      var.getAstVariable() instanceof StackVariable and
       // Pointer-to-member types aren't properly handled in the dbscheme.
       not var.getResultType() instanceof PointerToMemberType and
       // Rule out FPs caused by extraction errors.
@@ -84,5 +84,5 @@ where
   // Only raise an alert if we're returning from the _same_ callable as the on that
   // declared the stack variable.
   var.getEnclosingFunction() = sink.getNode().getEnclosingCallable()
-select sink.getNode(), source, sink, "May return stack-allocated memory from $@.", var.getAST(),
-  var.getAST().toString()
+select sink.getNode(), source, sink, "May return stack-allocated memory from $@.", var.getAst(),
+  var.getAst().toString()

cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql

@@ -19,7 +19,7 @@ import semmle.code.cpp.valuenumbering.GlobalValueNumbering
 import semmle.code.cpp.ir.IR
 
 predicate instructionHasVariable(VariableAddressInstruction vai, StackVariable var, Function f) {
-  var = vai.getASTVariable() and
+  var = vai.getAstVariable() and
   f = vai.getEnclosingFunction() and
   // Pointer-to-member types aren't properly handled in the dbscheme.
   not vai.getResultType() instanceof PointerToMemberType and
@@ -108,7 +108,7 @@ predicate inheritanceConversionTypes(
 
 /** Gets the HashCons value of an address computed by `instr`, if any. */
 TGlobalAddress globalAddress(Instruction instr) {
-  result = TGlobalVariable(instr.(VariableAddressInstruction).getASTVariable())
+  result = TGlobalVariable(instr.(VariableAddressInstruction).getAstVariable())
   or
   not instr instanceof LoadInstruction and
   result = globalAddress(instr.(CopyInstruction).getSourceValue())

cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql

@@ -52,7 +52,7 @@ predicate explicitNullTestOfInstruction(Instruction checked, Instruction bool) {
 pragma[noinline]
 predicate candidateResult(LoadInstruction checked, ValueNumber value, IRBlock dominator) {
   explicitNullTestOfInstruction(checked, _) and
-  not checked.getAST().isInMacroExpansion() and
+  not checked.getAst().isInMacroExpansion() and
   value.getAnInstruction() = checked and
   dominator.dominates(checked.getBlock())
 }

cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql

@@ -11,7 +11,7 @@
 import cpp
 import ExternalAPIs
 
-from ExternalAPIUsedWithUntrustedData externalAPI
-select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,
-  externalAPI.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
+from ExternalApiUsedWithUntrustedData externalApi
+select externalApi, count(externalApi.getUntrustedDataNode()) as numberOfUses,
+  externalApi.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
     numberOfUntrustedSources desc

cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll

@@ -9,28 +9,31 @@ private import semmle.code.cpp.models.interfaces.Taint
 import ExternalAPIsSpecific
 
 /** A node representing untrusted data being passed to an external API. */
-class UntrustedExternalAPIDataNode extends ExternalAPIDataNode {
-  UntrustedExternalAPIDataNode() { any(UntrustedDataToExternalAPIConfig c).hasFlow(_, this) }
+class UntrustedExternalApiDataNode extends ExternalApiDataNode {
+  UntrustedExternalApiDataNode() { any(UntrustedDataToExternalApiConfig c).hasFlow(_, this) }
 
   /** Gets a source of untrusted data which is passed to this external API data node. */
   DataFlow::Node getAnUntrustedSource() {
-    any(UntrustedDataToExternalAPIConfig c).hasFlow(result, this)
+    any(UntrustedDataToExternalApiConfig c).hasFlow(result, this)
   }
 }
 
-private newtype TExternalAPI =
-  TExternalAPIParameter(Function f, int index) {
-    exists(UntrustedExternalAPIDataNode n |
+/** DEPRECATED: Alias for UntrustedExternalApiDataNode */
+deprecated class UntrustedExternalAPIDataNode = UntrustedExternalApiDataNode;
+
+private newtype TExternalApi =
+  TExternalApiParameter(Function f, int index) {
+    exists(UntrustedExternalApiDataNode n |
       f = n.getExternalFunction() and
       index = n.getIndex()
     )
   }
 
 /** An external API which is used with untrusted data. */
-class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
+class ExternalApiUsedWithUntrustedData extends TExternalApi {
   /** Gets a possibly untrusted use of this external API. */
-  UntrustedExternalAPIDataNode getUntrustedDataNode() {
-    this = TExternalAPIParameter(result.getExternalFunction(), result.getIndex())
+  UntrustedExternalApiDataNode getUntrustedDataNode() {
+    this = TExternalApiParameter(result.getExternalFunction(), result.getIndex())
   }
 
   /** Gets the number of untrusted sources used with this external API. */
@@ -43,8 +46,11 @@ class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
     exists(Function f, int index, string indexString |
       if index = -1 then indexString = "qualifier" else indexString = "param " + index
     |
-      this = TExternalAPIParameter(f, index) and
+      this = TExternalApiParameter(f, index) and
       result = f.toString() + " [" + indexString + "]"
     )
   }
 }
+
+/** DEPRECATED: Alias for ExternalApiUsedWithUntrustedData */
+deprecated class ExternalAPIUsedWithUntrustedData = ExternalApiUsedWithUntrustedData;

cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll

@@ -8,11 +8,11 @@ import semmle.code.cpp.models.interfaces.DataFlow
 import SafeExternalAPIFunction
 
 /** A node representing untrusted data being passed to an external API. */
-class ExternalAPIDataNode extends DataFlow::Node {
+class ExternalApiDataNode extends DataFlow::Node {
   Call call;
   int i;
 
-  ExternalAPIDataNode() {
+  ExternalApiDataNode() {
     // Argument to call to a function
     (
       this.asExpr() = call.getArgument(i)
@@ -27,7 +27,7 @@ class ExternalAPIDataNode extends DataFlow::Node {
       not f instanceof DataFlowFunction and
       not f instanceof TaintFunction and
       // Not a call to a known safe external API
-      not f instanceof SafeExternalAPIFunction
+      not f instanceof SafeExternalApiFunction
     )
   }
 
@@ -41,9 +41,12 @@ class ExternalAPIDataNode extends DataFlow::Node {
   string getFunctionDescription() { result = this.getExternalFunction().toString() }
 }
 
-/** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalAPIDataNode`s. */
-class UntrustedDataToExternalAPIConfig extends TaintTracking::Configuration {
-  UntrustedDataToExternalAPIConfig() { this = "UntrustedDataToExternalAPIConfig" }
+/** DEPRECATED: Alias for ExternalApiDataNode */
+deprecated class ExternalAPIDataNode = ExternalApiDataNode;
+
+/** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalApiDataNode`s. */
+class UntrustedDataToExternalApiConfig extends TaintTracking::Configuration {
+  UntrustedDataToExternalApiConfig() { this = "UntrustedDataToExternalAPIConfig" }
 
   override predicate isSource(DataFlow::Node source) {
     exists(RemoteFlowSourceFunction remoteFlow |
@@ -52,5 +55,8 @@ class UntrustedDataToExternalAPIConfig extends TaintTracking::Configuration {
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalAPIDataNode }
+  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
 }
+
+/** DEPRECATED: Alias for UntrustedDataToExternalApiConfig */
+deprecated class UntrustedDataToExternalAPIConfig = UntrustedDataToExternalApiConfig;

cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql

@@ -11,7 +11,7 @@
 import cpp
 import ir.ExternalAPIs
 
-from ExternalAPIUsedWithUntrustedData externalAPI
-select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,
-  externalAPI.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
+from ExternalApiUsedWithUntrustedData externalApi
+select externalApi, count(externalApi.getUntrustedDataNode()) as numberOfUses,
+  externalApi.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
     numberOfUntrustedSources desc

cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql

@@ -15,8 +15,8 @@ import ir.ExternalAPIs
 import semmle.code.cpp.security.FlowSources
 import DataFlow::PathGraph
 
-from UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
+from UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
 where config.hasFlowPath(source, sink)
 select sink, source, sink,
-  "Call to " + sink.getNode().(ExternalAPIDataNode).getExternalFunction().toString() +
+  "Call to " + sink.getNode().(ExternalApiDataNode).getExternalFunction().toString() +
     " with untrusted data from $@.", source, source.getNode().(RemoteFlowSource).getSourceType()

cpp/ql/src/Security/CWE/CWE-020/SafeExternalAPIFunction.qll

@@ -8,11 +8,14 @@ private import semmle.code.cpp.models.interfaces.SideEffect
 /**
  * A `Function` that is considered a "safe" external API from a security perspective.
  */
-abstract class SafeExternalAPIFunction extends Function { }
+abstract class SafeExternalApiFunction extends Function { }
+
+/** DEPRECATED: Alias for SafeExternalApiFunction */
+deprecated class SafeExternalAPIFunction = SafeExternalApiFunction;
 
 /** The default set of "safe" external APIs. */
-private class DefaultSafeExternalAPIFunction extends SafeExternalAPIFunction {
-  DefaultSafeExternalAPIFunction() {
+private class DefaultSafeExternalApiFunction extends SafeExternalApiFunction {
+  DefaultSafeExternalApiFunction() {
     // If a function does not write to any of its arguments, we consider it safe to
     // pass untrusted data to it. This means that string functions such as `strcmp`
     // and `strlen`, as well as memory functions such as `memcmp`, are considered safe.

cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql

@@ -14,8 +14,8 @@ import semmle.code.cpp.dataflow.TaintTracking
 import ExternalAPIs
 import DataFlow::PathGraph
 
-from UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
+from UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
 where config.hasFlowPath(source, sink)
 select sink, source, sink,
-  "Call to " + sink.getNode().(ExternalAPIDataNode).getExternalFunction().toString() +
+  "Call to " + sink.getNode().(ExternalApiDataNode).getExternalFunction().toString() +
     " with untrusted data from $@.", source, source.toString()

cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll

@@ -9,28 +9,31 @@ private import semmle.code.cpp.models.interfaces.Taint
 import ExternalAPIsSpecific
 
 /** A node representing untrusted data being passed to an external API. */
-class UntrustedExternalAPIDataNode extends ExternalAPIDataNode {
-  UntrustedExternalAPIDataNode() { any(UntrustedDataToExternalAPIConfig c).hasFlow(_, this) }
+class UntrustedExternalApiDataNode extends ExternalApiDataNode {
+  UntrustedExternalApiDataNode() { any(UntrustedDataToExternalApiConfig c).hasFlow(_, this) }
 
   /** Gets a source of untrusted data which is passed to this external API data node. */
   DataFlow::Node getAnUntrustedSource() {
-    any(UntrustedDataToExternalAPIConfig c).hasFlow(result, this)
+    any(UntrustedDataToExternalApiConfig c).hasFlow(result, this)
   }
 }
 
-private newtype TExternalAPI =
-  TExternalAPIParameter(Function f, int index) {
-    exists(UntrustedExternalAPIDataNode n |
+/** DEPRECATED: Alias for UntrustedExternalApiDataNode */
+deprecated class UntrustedExternalAPIDataNode = UntrustedExternalApiDataNode;
+
+private newtype TExternalApi =
+  TExternalApiParameter(Function f, int index) {
+    exists(UntrustedExternalApiDataNode n |
       f = n.getExternalFunction() and
       index = n.getIndex()
     )
   }
 
 /** An external API which is used with untrusted data. */
-class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
+class ExternalApiUsedWithUntrustedData extends TExternalApi {
   /** Gets a possibly untrusted use of this external API. */
-  UntrustedExternalAPIDataNode getUntrustedDataNode() {
-    this = TExternalAPIParameter(result.getExternalFunction(), result.getIndex())
+  UntrustedExternalApiDataNode getUntrustedDataNode() {
+    this = TExternalApiParameter(result.getExternalFunction(), result.getIndex())
   }
 
   /** Gets the number of untrusted sources used with this external API. */
@@ -43,8 +46,11 @@ class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
     exists(Function f, int index, string indexString |
       if index = -1 then indexString = "qualifier" else indexString = "param " + index
     |
-      this = TExternalAPIParameter(f, index) and
+      this = TExternalApiParameter(f, index) and
       result = f.toString() + " [" + indexString + "]"
     )
   }
 }
+
+/** DEPRECATED: Alias for ExternalApiUsedWithUntrustedData */
+deprecated class ExternalAPIUsedWithUntrustedData = ExternalApiUsedWithUntrustedData;

cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIsSpecific.qll

@@ -8,11 +8,11 @@ private import semmle.code.cpp.models.interfaces.DataFlow
 import SafeExternalAPIFunction
 
 /** A node representing untrusted data being passed to an external API. */
-class ExternalAPIDataNode extends DataFlow::Node {
+class ExternalApiDataNode extends DataFlow::Node {
   Call call;
   int i;
 
-  ExternalAPIDataNode() {
+  ExternalApiDataNode() {
     // Argument to call to a function
     (
       this.asExpr() = call.getArgument(i)
@@ -27,7 +27,7 @@ class ExternalAPIDataNode extends DataFlow::Node {
       not f instanceof DataFlowFunction and
       not f instanceof TaintFunction and
       // Not a call to a known safe external API
-      not f instanceof SafeExternalAPIFunction
+      not f instanceof SafeExternalApiFunction
     )
   }
 
@@ -41,11 +41,17 @@ class ExternalAPIDataNode extends DataFlow::Node {
   string getFunctionDescription() { result = this.getExternalFunction().toString() }
 }
 
-/** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalAPIDataNode`s. */
-class UntrustedDataToExternalAPIConfig extends TaintTracking::Configuration {
-  UntrustedDataToExternalAPIConfig() { this = "UntrustedDataToExternalAPIConfigIR" }
+/** DEPRECATED: Alias for ExternalApiDataNode */
+deprecated class ExternalAPIDataNode = ExternalApiDataNode;
+
+/** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalApiDataNode`s. */
+class UntrustedDataToExternalApiConfig extends TaintTracking::Configuration {
+  UntrustedDataToExternalApiConfig() { this = "UntrustedDataToExternalAPIConfigIR" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
-  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalAPIDataNode }
+  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
 }
+
+/** DEPRECATED: Alias for UntrustedDataToExternalApiConfig */
+deprecated class UntrustedDataToExternalAPIConfig = UntrustedDataToExternalApiConfig;

cpp/ql/src/Security/CWE/CWE-020/ir/SafeExternalAPIFunction.qll

@@ -8,11 +8,14 @@ private import semmle.code.cpp.models.interfaces.SideEffect
 /**
  * A `Function` that is considered a "safe" external API from a security perspective.
  */
-abstract class SafeExternalAPIFunction extends Function { }
+abstract class SafeExternalApiFunction extends Function { }
+
+/** DEPRECATED: Alias for SafeExternalApiFunction */
+deprecated class SafeExternalAPIFunction = SafeExternalApiFunction;
 
 /** The default set of "safe" external APIs. */
-private class DefaultSafeExternalAPIFunction extends SafeExternalAPIFunction {
-  DefaultSafeExternalAPIFunction() {
+private class DefaultSafeExternalApiFunction extends SafeExternalApiFunction {
+  DefaultSafeExternalApiFunction() {
     // If a function does not write to any of its arguments, we consider it safe to
     // pass untrusted data to it. This means that string functions such as `strcmp`
     // and `strlen`, as well as memory functions such as `memcmp`, are considered safe.

cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql

@@ -18,15 +18,15 @@ import semmle.code.cpp.security.FunctionWithWrappers
 import semmle.code.cpp.security.TaintTracking
 import TaintedWithPath
 
-class SQLLikeFunction extends FunctionWithWrappers {
-  SQLLikeFunction() { sqlArgument(this.getName(), _) }
+class SqlLikeFunction extends FunctionWithWrappers {
+  SqlLikeFunction() { sqlArgument(this.getName(), _) }
 
   override predicate interestingArg(int arg) { sqlArgument(this.getName(), arg) }
 }
 
 class Configuration extends TaintTrackingConfiguration {
   override predicate isSink(Element tainted) {
-    exists(SQLLikeFunction runSql | runSql.outermostWrapperFunctionCall(tainted, _))
+    exists(SqlLikeFunction runSql | runSql.outermostWrapperFunctionCall(tainted, _))
   }
 
   override predicate isBarrier(Expr e) {
@@ -43,7 +43,7 @@ class Configuration extends TaintTrackingConfiguration {
 }
 
 from
-  SQLLikeFunction runSql, Expr taintedArg, Expr taintSource, PathNode sourceNode, PathNode sinkNode,
+  SqlLikeFunction runSql, Expr taintedArg, Expr taintSource, PathNode sourceNode, PathNode sinkNode,
   string taintCause, string callChain
 where
   runSql.outermostWrapperFunctionCall(taintedArg, callChain) and

cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql

@@ -46,8 +46,8 @@ class EnvData extends SystemData {
 /**
  * Data originating from a call to `mysql_get_client_info()`.
  */
-class SQLClientInfo extends SystemData {
-  SQLClientInfo() { this.(FunctionCall).getTarget().hasName("mysql_get_client_info") }
+class SqlClientInfo extends SystemData {
+  SqlClientInfo() { this.(FunctionCall).getTarget().hasName("mysql_get_client_info") }
 
   override Expr getAnExpr() { result = this }
 }
@@ -63,8 +63,8 @@ private predicate sqlConnectInfo(FunctionCall source, VariableAccess use) {
 /**
  * Data passed into an SQL connect function.
  */
-class SQLConnectInfo extends SystemData {
-  SQLConnectInfo() { sqlConnectInfo(this, _) }
+class SqlConnectInfo extends SystemData {
+  SqlConnectInfo() { sqlConnectInfo(this, _) }
 
   override Expr getAnExpr() { sqlConnectInfo(this, result) }
 }

cpp/ql/src/jsf/4.10 Classes/AV Rule 97.ql

@@ -27,13 +27,13 @@ predicate containsArray(Type t) {
   )
 }
 
-predicate functionAPIViolation(MemberFunction f) {
+predicate functionApiViolation(MemberFunction f) {
   f.isPublic() and
   containsArray(f.getAParameter().getType())
 }
 
 from MemberFunction m
 where
-  functionAPIViolation(m) and
+  functionApiViolation(m) and
   not m.getDeclaringType() instanceof Struct
 select m, "Raw arrays should not be used in interfaces. A container class should be used instead."

cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 186.ql

@@ -12,13 +12,13 @@
 import cpp
 
 // whether f is to be considered an API entry point, and hence reachable by default
-predicate isAPI(Function f) {
+predicate isApi(Function f) {
   f.hasName("main") or
   f.(MemberFunction).hasSpecifier("public")
 }
 
 predicate unusedFunction(Function f) {
-  not isAPI(f) and
+  not isApi(f) and
   not exists(FunctionCall c | c.getTarget() = f) and
   not exists(Access acc | acc.getTarget() = f) and
   f.hasDefinition()

cpp/ql/src/printAst.ql

@@ -16,7 +16,7 @@ import definitions
  */
 external string selectedSourceFile();
 
-class Cfg extends PrintASTConfiguration {
+class Cfg extends PrintAstConfiguration {
   /**
    * Holds if the AST for `func` should be printed.
    * Print All functions from the selected file.