patch upper-case acronyms to be PascalCase

2026-03-01 13:23:49 +01:00 · 2022-03-11 11:10:33 +01:00
parent e3a15792fa
commit 69353bb014
422 changed files with 3532 additions and 2244 deletions
--- a/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIs.qll
+++ b/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIs.qll
@@ -40,13 +40,16 @@ private import semmle.python.objects.ObjectInternal
 /**
 * A callable that is considered a "safe" external API from a security perspective.
 */
-class SafeExternalAPI extends Unit {
+class SafeExternalApi extends Unit {
  /** Gets a callable that is considered a "safe" external API from a security perspective. */
  abstract DataFlowPrivate::DataFlowCallable getSafeCallable();
 }

+/** DEPRECATED: Alias for SafeExternalApi */
+deprecated class SafeExternalAPI = SafeExternalApi;
+
 /** The default set of "safe" external APIs. */
-private class DefaultSafeExternalAPI extends SafeExternalAPI {
+private class DefaultSafeExternalApi extends SafeExternalApi {
  override DataFlowPrivate::DataFlowCallable getSafeCallable() {
    exists(CallableValue cv | cv = result.getCallableValue() |
      cv = Value::named(["len", "isinstance", "getattr", "hasattr"])
@@ -61,15 +64,15 @@ private class DefaultSafeExternalAPI extends SafeExternalAPI {
 }

 /** A node representing data being passed to an external API through a call. */
-class ExternalAPIDataNode extends DataFlow::Node {
+class ExternalApiDataNode extends DataFlow::Node {
  DataFlowPrivate::DataFlowCall call;
  DataFlowPrivate::DataFlowCallable callable;
  int i;

-  ExternalAPIDataNode() {
+  ExternalApiDataNode() {
    exists(call.getLocation().getFile().getRelativePath()) and
    callable = call.getCallable() and
-    not any(SafeExternalAPI safe).getSafeCallable() = callable and
+    not any(SafeExternalApi safe).getSafeCallable() = callable and
    exists(Value cv | cv = callable.getCallableValue() |
      cv.isAbsent()
      or
@@ -98,38 +101,47 @@ class ExternalAPIDataNode extends DataFlow::Node {
  DataFlowPrivate::DataFlowCallable getCallable() { result = callable }
 }

-/** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalAPIDataNode`s. */
-class UntrustedDataToExternalAPIConfig extends TaintTracking::Configuration {
-  UntrustedDataToExternalAPIConfig() { this = "UntrustedDataToExternalAPIConfig" }
+/** DEPRECATED: Alias for ExternalApiDataNode */
+deprecated class ExternalAPIDataNode = ExternalApiDataNode;
+
+/** A configuration for tracking flow from `RemoteFlowSource`s to `ExternalApiDataNode`s. */
+class UntrustedDataToExternalApiConfig extends TaintTracking::Configuration {
+  UntrustedDataToExternalApiConfig() { this = "UntrustedDataToExternalAPIConfig" }

  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }

-  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalAPIDataNode }
+  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
 }

+/** DEPRECATED: Alias for UntrustedDataToExternalApiConfig */
+deprecated class UntrustedDataToExternalAPIConfig = UntrustedDataToExternalApiConfig;
+
 /** A node representing untrusted data being passed to an external API. */
-class UntrustedExternalAPIDataNode extends ExternalAPIDataNode {
-  UntrustedExternalAPIDataNode() { any(UntrustedDataToExternalAPIConfig c).hasFlow(_, this) }
+class UntrustedExternalApiDataNode extends ExternalApiDataNode {
+  UntrustedExternalApiDataNode() { any(UntrustedDataToExternalApiConfig c).hasFlow(_, this) }

  /** Gets a source of untrusted data which is passed to this external API data node. */
  DataFlow::Node getAnUntrustedSource() {
-    any(UntrustedDataToExternalAPIConfig c).hasFlow(result, this)
+    any(UntrustedDataToExternalApiConfig c).hasFlow(result, this)
  }
 }

-private newtype TExternalAPI =
-  TExternalAPIParameter(DataFlowPrivate::DataFlowCallable callable, int index) {
-    exists(UntrustedExternalAPIDataNode n |
+/** DEPRECATED: Alias for UntrustedExternalApiDataNode */
+deprecated class UntrustedExternalAPIDataNode = UntrustedExternalApiDataNode;
+
+private newtype TExternalApi =
+  TExternalApiParameter(DataFlowPrivate::DataFlowCallable callable, int index) {
+    exists(UntrustedExternalApiDataNode n |
      callable = n.getCallable() and
      index = n.getIndex()
    )
  }

 /** An external API which is used with untrusted data. */
-class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
+class ExternalApiUsedWithUntrustedData extends TExternalApi {
  /** Gets a possibly untrusted use of this external API. */
-  UntrustedExternalAPIDataNode getUntrustedDataNode() {
-    this = TExternalAPIParameter(result.getCallable(), result.getIndex())
+  UntrustedExternalApiDataNode getUntrustedDataNode() {
+    this = TExternalApiParameter(result.getCallable(), result.getIndex())
  }

  /** Gets the number of untrusted sources used with this external API. */
@@ -143,7 +155,7 @@ class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
      DataFlowPrivate::DataFlowCallable callable, int index, string callableString,
      string indexString
    |
-      this = TExternalAPIParameter(callable, index) and
+      this = TExternalApiParameter(callable, index) and
      indexString = "param " + index and
      exists(CallableValue cv | cv = callable.getCallableValue() |
        callableString =
@@ -167,6 +179,9 @@ class ExternalAPIUsedWithUntrustedData extends TExternalAPI {
  }
 }

+/** DEPRECATED: Alias for ExternalApiUsedWithUntrustedData */
+deprecated class ExternalAPIUsedWithUntrustedData = ExternalApiUsedWithUntrustedData;
+
 /** Gets the fully qualified name for the `BuiltinFunctionValue` bfv. */
 private string pretty_builtin_function_value(BuiltinFunctionValue bfv) {
  exists(Builtin b | b = bfv.(BuiltinFunctionObjectInternal).getBuiltin() |
--- a/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.ql
+++ b/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.ql
@@ -11,7 +11,7 @@
 import python
 import ExternalAPIs

-from ExternalAPIUsedWithUntrustedData externalAPI
-select externalAPI, count(externalAPI.getUntrustedDataNode()) as numberOfUses,
-  externalAPI.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
+from ExternalApiUsedWithUntrustedData externalApi
+select externalApi, count(externalApi.getUntrustedDataNode()) as numberOfUses,
+  externalApi.getNumberOfUntrustedSources() as numberOfUntrustedSources order by
    numberOfUntrustedSources desc
--- a/python/ql/src/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.ql
+++ b/python/ql/src/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.ql
@@ -14,11 +14,11 @@ import ExternalAPIs
 import DataFlow::PathGraph

 from
-  UntrustedDataToExternalAPIConfig config, DataFlow::PathNode source, DataFlow::PathNode sink,
-  ExternalAPIUsedWithUntrustedData externalAPI
+  UntrustedDataToExternalApiConfig config, DataFlow::PathNode source, DataFlow::PathNode sink,
+  ExternalApiUsedWithUntrustedData externalApi
 where
-  sink.getNode() = externalAPI.getUntrustedDataNode() and
+  sink.getNode() = externalApi.getUntrustedDataNode() and
  config.hasFlowPath(source, sink)
 select sink.getNode(), source, sink,
-  "Call to " + externalAPI.toString() + " with untrusted data from $@.", source.getNode(),
+  "Call to " + externalApi.toString() + " with untrusted data from $@.", source.getNode(),
  source.toString()